-
net-snmp (5.9.3+dfsg-2ubuntu3) lunar; urgency=medium
* d/p/add-overlay-support.patch: Add Docker's "overlay" filesystem
(LP: #2007856)
-- Bryce Harrington <email address hidden> Wed, 22 Mar 2023 18:42:02 -0700
-
net-snmp (5.9.3+dfsg-2ubuntu2) lunar; urgency=medium
* Fix snmptrapd reconnection issue after hitting MySQL wait_timeout
(LP: #1999711)
- d/p/snmptrapd-mysql-reconnection-after-hitting-wait_timeout.patch
-- Chengen Du <email address hidden> Thu, 16 Feb 2023 20:16:57 -0300
-
net-snmp (5.9.3+dfsg-2ubuntu1) lunar; urgency=medium
* Merge with Debian unstable (LP: #1993419). Remaining changes:
- Add apport hook:
+ d/control: add dh-apport to Build-Depends
+ d/rules: install the apport hook via debhelper
+ d/source.apport: apport hook
- d/p/restore-support-for-long-dns-names.patch: Fix snmp requests
for domains longer than 63 characters (LP #1998461)
* Drop changes:
- SECURITY UPDATE: DoS via null pointer exception issues
+ debian/patches/CVE-2022-4479x-1.patch: disallow SET with NULL varbind
in agent/snmp_agent.c.
+ debian/patches/CVE-2022-4479x-2.patch: allow SET with NULL varbind
for testing in apps/snmpset.c.
+ debian/patches/CVE-2022-4479x-3.patch: add test for NULL varbind set
in testing/fulltests/default/T0142snmpv2csetnull_simple.
+ CVE-2022-44792
+ CVE-2022-44793
[ Incorporated by Debian. ]
-- Sergio Durigan Junior <email address hidden> Tue, 10 Jan 2023 22:54:16 -0500
-
net-snmp (5.9.3+dfsg-1ubuntu5) lunar; urgency=medium
* d/p/restore-support-for-long-dns-names.patch: Update patch to match upstream
version of commit (LP: #1998461)
-- Lena Voytek <email address hidden> Mon, 09 Jan 2023 13:37:37 -0700
-
net-snmp (5.9.3+dfsg-1ubuntu4) lunar; urgency=medium
* SECURITY UPDATE: DoS via null pointer exception issues
- debian/patches/CVE-2022-4479x-1.patch: disallow SET with NULL varbind
in agent/snmp_agent.c.
- debian/patches/CVE-2022-4479x-2.patch: allow SET with NULL varbind
for testing in apps/snmpset.c.
- debian/patches/CVE-2022-4479x-3.patch: add test for NULL varbind set
in testing/fulltests/default/T0142snmpv2csetnull_simple.
- CVE-2022-44792
- CVE-2022-44793
-- Marc Deslauriers <email address hidden> Mon, 09 Jan 2023 09:41:56 -0500
-
net-snmp (5.9.3+dfsg-1ubuntu3) lunar; urgency=medium
* d/p/restore-support-for-long-dns-names.patch: Fix snmp requests for domains
longer than 63 characters (LP: #1998461)
-- Lena Voytek <email address hidden> Mon, 05 Dec 2022 07:47:24 -0700
-
net-snmp (5.9.3+dfsg-1ubuntu2) lunar; urgency=medium
* Rebuild against new perlapi-5.36.
-- Gianfranco Costamagna <email address hidden> Fri, 04 Nov 2022 12:17:36 +0100
-
net-snmp (5.9.3+dfsg-1ubuntu1) kinetic; urgency=medium
* Merge with Debian unstable (LP: #1987349). Remaining changes:
- Add apport hook:
+ d/control: add dh-apport to Build-Depends
+ d/rules: install the apport hook via debhelper
+ d/source.apport: apport hook
* Drop changes:
- SECURITY UPDATE: Multiple security issus
+ debian/patches/CVE-2022-248xx-1.patch: fix bounds checking in
NET-SNMP-AGENT-MIB, NET-SNMP-VACM-MIB, SNMP-VIEW-BASED-ACM-MIB,
SNMP-USER-BASED-SM-MIB in agent/mibgroup/agent/nsLogging.c,
agent/mibgroup/agent/nsVacmAccessTable.c,
agent/mibgroup/mibII/vacm_vars.c, agent/mibgroup/snmpv3/usmUser.
+ debian/patches/CVE-2022-248xx-2.patch: recover SET status from
delegated request in agent/snmp_agent.c.
+ CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808,
CVE-2022-24809, CVE-2022-24810
[ Incorporated upstream. ]
-- Sergio Durigan Junior <email address hidden> Mon, 22 Aug 2022 19:37:48 -0400
