Author: Christian Ehrhardt 
Revision Date: 2015-10-09 13:18:25 UTC

debian/snmp.preinst:
It turns out that the original motivation why killall was added is gone.
So we can just remove the killall introduced by Ubuntu LP #573391
(Closes: #781257, LP: #1245604)

Author: Christian Ehrhardt 
Revision Date: 2015-10-09 13:18:25 UTC

debian/snmp.preinst:
It turns out that the original motivation why killall was added is gone.
So we can just remove the killall introduced by Ubuntu LP #573391
(Closes: #781257, LP: #1245604)

Author: Marc Deslauriers
Revision Date: 2015-08-13 10:27:24 UTC

* SECURITY UPDATE: denial of service via crafted SNMP trap message
  - debian/patches/CVE-2014-3565.patch: handle variables with wrong types
    in snmplib/mib.c.
  - CVE-2014-3565
* SECURITY UPDATE: denial of service and possible code execution via
  incompletely parsed varBind variables
  - debian/patches/CVE-2015-5621.patch: don't return incorrectly parsed
    varbinds in snmplib/snmp_api.c.
  - CVE-2015-5621

Author: Marc Deslauriers
Revision Date: 2015-08-13 10:22:26 UTC

* SECURITY UPDATE: denial of service via crafted SNMP trap message
  - debian/patches/CVE-2014-3565.patch: handle variables with wrong types
    in snmplib/mib.c.
  - CVE-2014-3565
* SECURITY UPDATE: denial of service and possible code execution via
  incompletely parsed varBind variables
  - debian/patches/CVE-2015-5621.patch: don't return incorrectly parsed
    varbinds in snmplib/snmp_api.c.
  - CVE-2015-5621

Author: Marc Deslauriers
Revision Date: 2015-08-13 10:27:24 UTC

* SECURITY UPDATE: denial of service via crafted SNMP trap message
  - debian/patches/CVE-2014-3565.patch: handle variables with wrong types
    in snmplib/mib.c.
  - CVE-2014-3565
* SECURITY UPDATE: denial of service and possible code execution via
  incompletely parsed varBind variables
  - debian/patches/CVE-2015-5621.patch: don't return incorrectly parsed
    varbinds in snmplib/snmp_api.c.
  - CVE-2015-5621

Author: Marc Deslauriers
Revision Date: 2015-08-13 10:22:26 UTC

* SECURITY UPDATE: denial of service via crafted SNMP trap message
  - debian/patches/CVE-2014-3565.patch: handle variables with wrong types
    in snmplib/mib.c.
  - CVE-2014-3565
* SECURITY UPDATE: denial of service and possible code execution via
  incompletely parsed varBind variables
  - debian/patches/CVE-2015-5621.patch: don't return incorrectly parsed
    varbinds in snmplib/snmp_api.c.
  - CVE-2015-5621

Author: Marc Deslauriers
Revision Date: 2015-08-13 10:31:34 UTC

* SECURITY UPDATE: denial of service via crafted SNMP trap message
  - debian/patches/CVE-2014-3565.patch: handle variables with wrong types
    in snmplib/mib.c.
  - CVE-2014-3565
* SECURITY UPDATE: denial of service and possible code execution via
  incompletely parsed varBind variables
  - debian/patches/CVE-2015-5621.patch: don't return incorrectly parsed
    varbinds in snmplib/snmp_api.c.
  - CVE-2015-5621

Author: Marc Deslauriers
Revision Date: 2015-08-13 10:31:34 UTC

* SECURITY UPDATE: denial of service via crafted SNMP trap message
  - debian/patches/CVE-2014-3565.patch: handle variables with wrong types
    in snmplib/mib.c.
  - CVE-2014-3565
* SECURITY UPDATE: denial of service and possible code execution via
  incompletely parsed varBind variables
  - debian/patches/CVE-2015-5621.patch: don't return incorrectly parsed
    varbinds in snmplib/snmp_api.c.
  - CVE-2015-5621

Author: Colin Watson
Revision Date: 2014-08-20 11:16:35 UTC

* Backport from 5.7.2.1~dfsg-6.1:
  - Fix "hardcodes /usr/lib/perl5":
    Make debian/libsnmp-perl.install executable and use
    $Config{vendorarch} to get the perl library directory. Patch from Niko
    Tyni.
    (Closes: #751918)

Author: Colin Watson
Revision Date: 2014-08-20 11:16:35 UTC

* Backport from 5.7.2.1~dfsg-6.1:
  - Fix "hardcodes /usr/lib/perl5":
    Make debian/libsnmp-perl.install executable and use
    $Config{vendorarch} to get the perl library directory. Patch from Niko
    Tyni.
    (Closes: #751918)

Author: Colin Watson
Revision Date: 2014-08-20 11:16:35 UTC

* Backport from 5.7.2.1~dfsg-6.1:
  - Fix "hardcodes /usr/lib/perl5":
    Make debian/libsnmp-perl.install executable and use
    $Config{vendorarch} to get the perl library directory. Patch from Niko
    Tyni.
    (Closes: #751918)

Author: kiorky
Revision Date: 2014-04-20 11:52:52 UTC

Add missing net-snmp-create-v3-user

Author: Marc Deslauriers
Revision Date: 2014-03-11 09:46:15 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service when ICMP-MIB is in use
  - debian/patches/CVE-2014-2284.patch: fix ICMP mib table handling in
    agent/mibgroup/mibII/icmp.c, agent/mibgroup/mibII/kernel_linux.*.
  - CVE-2014-2284
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285

Author: Marc Deslauriers
Revision Date: 2014-03-11 09:57:44 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285
* SECURITY UPDATE: denial of service via multiple-object requests
  - debian/patches/CVE-2014-2310.patch: fix lengths in
    agent/mibgroup/agentx/protocol.c.
  - CVE-2014-2310

Author: Marc Deslauriers
Revision Date: 2014-03-11 09:46:15 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service when ICMP-MIB is in use
  - debian/patches/CVE-2014-2284.patch: fix ICMP mib table handling in
    agent/mibgroup/mibII/icmp.c, agent/mibgroup/mibII/kernel_linux.*.
  - CVE-2014-2284
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285

Author: Marc Deslauriers
Revision Date: 2014-03-11 09:57:44 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285
* SECURITY UPDATE: denial of service via multiple-object requests
  - debian/patches/CVE-2014-2310.patch: fix lengths in
    agent/mibgroup/agentx/protocol.c.
  - CVE-2014-2310

Author: Marc Deslauriers
Revision Date: 2014-04-08 08:17:14 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service when ICMP-MIB is in use
  - debian/patches/CVE-2014-2284.patch: fix ICMP mib table handling in
    agent/mibgroup/mibII/icmp.c, agent/mibgroup/mibII/kernel_linux.*.
  - CVE-2014-2284
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285

Author: Marc Deslauriers
Revision Date: 2014-04-08 08:17:14 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service when ICMP-MIB is in use
  - debian/patches/CVE-2014-2284.patch: fix ICMP mib table handling in
    agent/mibgroup/mibII/icmp.c, agent/mibgroup/mibII/kernel_linux.*.
  - CVE-2014-2284
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285

Author: Marc Deslauriers
Revision Date: 2014-03-11 10:10:12 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285
* SECURITY UPDATE: denial of service via multiple-object requests
  - debian/patches/CVE-2014-2310.patch: fix lengths in
    agent/mibgroup/agentx/protocol.c.
  - CVE-2014-2310

Author: Marc Deslauriers
Revision Date: 2014-03-11 10:10:12 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285
* SECURITY UPDATE: denial of service via multiple-object requests
  - debian/patches/CVE-2014-2310.patch: fix lengths in
    agent/mibgroup/agentx/protocol.c.
  - CVE-2014-2310

Author: Yolanda Robla
Revision Date: 2013-07-12 09:47:12 UTC

* Merge from Debian unstable (LP: #1200516). Remaining changes:
  + Add apport hook (LP: #533603):
    - debian/source.apport: apport hook
    - debian/control: Build-depends on dh-apport.
    - debian/rules:
      + Add --with apport.
      + override_dh_apport to install hook on snmpd package only.
* Call dh_installinit correctly to avoid installing links in rc[06].d

Author: Yolanda Robla
Revision Date: 2013-07-23 11:49:00 UTC

restored dh_installinit

Author: Yolanda Robla
Revision Date: 2013-07-12 09:47:12 UTC

* Merge from Debian unstable (LP: #1200516). Remaining changes:
  + Add apport hook (LP: #533603):
    - debian/source.apport: apport hook
    - debian/control: Build-depends on dh-apport.
    - debian/rules:
      + Add --with apport.
      + override_dh_apport to install hook on snmpd package only.
* Call dh_installinit correctly to avoid installing links in rc[06].d

Author: Logan Rosen
Revision Date: 2012-12-04 16:57:00 UTC

* Merge from Debian unstable. Remaining changes:
  - debian/rules: Don't stop service in runlevels 0 and 6.
  - debian/snmpd.init: LSBify the init script.
  - debian/snmp.preinst, debian/snmp.prerm: Kill any/all processes owned
    by snmp user before install/uninstall.
  - Add apport hook.
  - debian/patches/ubuntu-fix-lp-587828.patch: Fix row creation for 64bit
    arches
  - debian/{control,rules}: Use dh_python2

Author: Logan Rosen
Revision Date: 2012-12-04 16:57:00 UTC

* Merge from Debian unstable. Remaining changes:
  - debian/rules: Don't stop service in runlevels 0 and 6.
  - debian/snmpd.init: LSBify the init script.
  - debian/snmp.preinst, debian/snmp.prerm: Kill any/all processes owned
    by snmp user before install/uninstall.
  - Add apport hook.
  - debian/patches/ubuntu-fix-lp-587828.patch: Fix row creation for 64bit
    arches
  - debian/{control,rules}: Use dh_python2

Author: Steve Huff
Revision Date: 2012-07-17 20:48:15 UTC

typo fix - /etc/group instead of /etc/passwd

Author: Marc Deslauriers
Revision Date: 2012-06-20 09:45:11 UTC

* Merge from Debian unstable. Remaining changes:
  - debian/rules: Don't stop service in runlevels 0 and 6.
  - debian/snmpd.init: LSBify the init script.
  - debian/snmp.preinst, debian/snmp.prerm: Kill any/all processes owned
    by snmp user before install/uninstall.
  - Add apport hook.
  - debian/patches/ubuntu-fix-lp-587828.patch: Fix row creation for 64bit
    arches
  - debian/{control,rules}: Use dh_python2
* Dropped changes:
  - debian/patches/50_use_bash.patch: Patch wasn't actually being
    applied, and upstream apparently fixed this in 5.4.2.
  - debian/patches/52_fix_snmpcmd_1_typo.patch: Patch wasn't actually
    being applied, and fix is included in 56_manpage.patch.
  - debian/snmpd.postinst: Source debconf before doing work: included in
    debian package now.
  - debian/patches/99-fix-ubuntu-div0.patch: wasn't applied.
  - debian/patches/CVE-2008-6123.*: wasn't applied.
  - debian/patches/CVE-2012-2141.patch: use debian's patch.
  - debian/README.Debian-source: this change is irrelevant since we
    use the debian tarball as-is.
  - debian/rules: removed misc irrelevant and undocumented changes.
  - debian/snmpd.postinst: no longer need to remove shutdown and reboot
    links since this is from Maverick-era.

Author: Marc Deslauriers
Revision Date: 2012-05-22 16:36:07 UTC

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

Author: Marc Deslauriers
Revision Date: 2012-05-22 16:52:01 UTC

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

Author: Marc Deslauriers
Revision Date: 2012-05-22 16:36:07 UTC

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

Author: Marc Deslauriers
Revision Date: 2012-05-22 16:52:01 UTC

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

Author: Marc Deslauriers
Revision Date: 2012-05-22 16:55:38 UTC

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/55_CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

Author: Marc Deslauriers
Revision Date: 2012-05-22 16:55:38 UTC

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/55_CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

Author: Chuck Short
Revision Date: 2012-01-23 09:44:25 UTC

* Merge from Debian testing. Remaining changes:
  - net-snmp-config: Use bash.
  - Removed multiuser option when calling update-rc.d.
  - debian/snmpd.init: LSBify the init script.
  - debian/patches/52_fix_snmpcmd_1_typo.patch: Adjust a typo in
    snmpcmd.1.
  - debian/snmpd.postinst: Source debconf before doing work.
  - debian/snmp.preinst, debian/snmp.prerm: Kill any/all processes owned
    by snmp user before install/uninstall.
  - Add apport hook.
  - debian/patches/ubuntu-fix-lp-587828.patch: Fix row creation for 64bit
    arches
  - debian/rules: Use dh_python2

Author: Spencer O Krum
Revision Date: 2011-12-05 01:04:10 UTC

debian/patches/ubuntu/ubuntu-fix-lp-802367.patch: Changes loglevel to DEBUG
to reduce log noise. (LP: 802367)

Author: Colin Watson
Revision Date: 2011-05-10 06:14:05 UTC

* Resynchronise with Debian (LP: #780149). Remaining changes:
  - net-snmp-config: Use bash.
  - Removed multiuser option when calling update-rc.d.
  - debian/snmpd.init: LSBify the init script.
  - debian/patches/52_fix_snmpcmd_1_typo.patch: Adjust a typo in
    snmpcmd.1.
  - debian/snmpd.postinst: Source debconf before doing work.
  - debian/snmp.preinst, debian/snmp.prerm: Kill any/all processes owned
    by snmp user before install/uninstall.
  - Add apport hook.
  - debian/patches/ubuntu-fix-lp-587828.patch: Fix row creation for 64bit
    arches.

Author: Chuck Short
Revision Date: 2011-01-06 00:35:28 UTC

* Merge from debian unstable. Remaining changes:
  - Set Ubuntu maintainer address.
  - net-snmp-config: Use bash (LP: #104738)
  - Removed multiuser option when calling update-rc.d (LP: #254261)
  - debian/snmpd.init: LSBify the init script.
  - debian/patches/52_fix_snmpcmd_1_typo.patch: Adjust a typo in snmpcmd.1
    (LP: #250459)
  - debian/snmpd.postinst: source debconf before doing work. (LP: #589056)
  - debian/snmp.preinst, debian/snmp.prerm: kill any/all processes owned by
    snmp user before install/uninstall (LP: #573391)
  - Add apport hook (LP: #533603):
    - debian/control: Build-depends on dh-apport.
    - debian/rules:
      + Add --with apport.
      + override_dh_apport to install hook on snmpd package only.
   - debian/patches/ubntu-fix-lp-58728.patch: Fix row creation for 64bit
     arches. (LP: #587828)
   - Fix build failures with ld --no-add-needed.

Author: Chuck Short
Revision Date: 2010-08-25 10:18:45 UTC

debian/patches/ubuntu-fix-lp-587828.patch: Fix row creation for 64bit arches.
(LP: #587828)

Author: James Westby
Revision Date: 2010-03-31 03:44:28 UTC

Add an apport hook.

Author: Andres Rodriguez
Revision Date: 2010-03-28 04:31:55 UTC

* Add apport hook (LP: #533603):
  - debian/{snmp,snmpd}.apport: Added.
  - debian/control: Build-depends on dh-apport.
  - debian/rules:
    + Add --with apport.
    + override_dh_apport to install hook on snmpd package only.

Author: Chuck Short
Revision Date: 2009-09-15 15:53:48 UTC

* debian/patches/101-fix-ipalias.patch: Fix flooding syslog -
   Syslog fills with hundreds of these errors if you have a network
   interface, e.g. eth2, with no IP address, but you have an alias,
   e.g. eth2:1, that does have an IP address (and netmask).
   (LP: #270713)
* debian/patches/103-fix-ubuntu-lmsensors.patch: Point to the right
   place for /etc/sensors3.conf. (LP: #192745)
* debian/patches/99-fix-perl-counter-in-subagent.patch: Fix for Counter64 in
   perl subagent. (LP: #406171)

Author: Chuck Short
Revision Date: 2009-09-15 15:53:48 UTC

* debian/patches/101-fix-ipalias.patch: Fix flooding syslog -
   Syslog fills with hundreds of these errors if you have a network
   interface, e.g. eth2, with no IP address, but you have an alias,
   e.g. eth2:1, that does have an IP address (and netmask).
   (LP: #270713)
* debian/patches/103-fix-ubuntu-lmsensors.patch: Point to the right
   place for /etc/sensors3.conf. (LP: #192745)
* debian/patches/99-fix-perl-counter-in-subagent.patch: Fix for Counter64 in
   perl subagent. (LP: #406171)

Author: Chuck Short
Revision Date: 2009-09-15 14:13:51 UTC

* debian/patches/101-fix-ipalias.patch: Fix flooding syslog -
  Syslog fills with hundreds of these errors if you have a network
  interface, e.g. eth2, with no IP address, but you have an alias,
  e.g. eth2:1, that does have an IP address (and netmask).
  (LP: #270713)
* debian/patches/103-fix-ubuntu-lmsensors.patch: Point to the right
  place for /etc/sensors3.conf. (LP: #192745)
* debian/patches/99-fix-perl-counter-in-subagent.patch: Fix for Counter64 in
  perl subagent. (LP: #406171)
* debian/patches/53_fix_python_regression.patch: Fix python segmentation fault.
  (LP: #347361)
* debian/patches/54_fix_registration_error.patch: Surpresses annoying
  registrations in startup. (LP: #200614)

Author: Chuck Short
Revision Date: 2009-09-15 15:18:46 UTC

* debian/patches/101-fix-ipalias.patch: Fix flooding syslog -
  Syslog fills with hundreds of these errors if you have a network
  interface, e.g. eth2, with no IP address, but you have an alias,
  e.g. eth2:1, that does have an IP address (and netmask).
  (LP: #270713)
* debian/patches/103-fix-ubuntu-lmsensors.patch: Point to the right
  place for /etc/sensors3.conf. (LP: #192745)
* debian/patches/99-fix-perl-counter-in-subagent.patch: Fix for Counter64 in
  perl subagent. (LP: #406171)

Author: Chuck Short
Revision Date: 2009-09-28 14:02:16 UTC

debian/patches/99-fix-ubuntu-div0.patch: Fix division by zero.
(LP: #426813).

Author: Kees Cook
Revision Date: 2008-11-18 12:28:59 UTC

* SECURITY UPDATE: authentication bypass via spoofed SNMPv3 packets.
  - 51_CVE-2008-0960.patch: fixes thanks to Nico Golde.
* SECURITY UPDATE: arbitrary code execution via buffer overflow.
  - 52_CVE-2008-2292.patch: fixes thanks to Jochen Friedrich.
* SECURITY UPDATE: denial of service via number of getbulk responses.
  - 53_CVE-2008-4309.patch: ported fixes from Jochen Friedrich.

Author: Stephan Rügamer
Revision Date: 2007-11-21 09:32:24 UTC

* SECURITY UPDATE: CVE-2007-5846 (LP: #164007)
  The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to
  cause a denial of service (CPU and memory consumption) via a GETBULK request
  with a large max-repeaters value.
* debian/patches/50_CVE-2007-5846.patch,
  debian/patches/50_CVE-2007-5846.README:
  Applied patch from upstream and explanation
  (Link: http://sourceforge.net/tracker/index.php?func=detail&aid=1712988&group_id=12694&atid=112694 )
* References:
  CVE-2007-5846

Author: Stephan Rügamer
Revision Date: 2007-11-21 11:05:09 UTC

* SECURITY UPDATE: CVE-2007-5846 (LP: #164007)
  The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to
  cause a denial of service (CPU and memory consumption) via a GETBULK request
  with a large max-repeaters value.
* debian/patches/50_CVE-2007-5846.patch,
  debian/patches/50_CVE-2007-5846.README:
  Applied patch from upstream and explanation
  (Link: http://sourceforge.net/tracker/index.php?func=detail&aid=1712988&group_id=12694&atid=112694 )
* References:
  CVE-2007-5846

Author: Kees Cook
Revision Date: 2008-11-18 13:20:22 UTC

* SECURITY UPDATE: authentication bypass via spoofed SNMPv3 packets.
  - 51_CVE-2008-0960.patch: fixes thanks to Nico Golde.
* SECURITY UPDATE: arbitrary code execution via buffer overflow.
  - 52_CVE-2008-2292.patch: fixes thanks to Jochen Friedrich.
* SECURITY UPDATE: denial of service via number of getbulk responses.
  - 53_CVE-2008-4309.patch: ported fixes from Jochen Friedrich.

Author: Colin Watson
Revision Date: 2009-03-19 13:00:18 UTC

No-change rebuild to fix lpia shared library dependencies.

Author: Kees Cook
Revision Date: 2008-11-18 13:21:27 UTC

* SECURITY UPDATE: denial of service via number of getbulk responses.
  - 46_CVE-2008-4309.patch: fixes thanks to Jochen Friedrich.
* fix regressions in Perl bindings:
  - 48-CVE-2008-2292.patch: updated thanks to Jochen Friedrich.

Author: Kees Cook
Revision Date: 2008-11-18 13:21:27 UTC

* SECURITY UPDATE: denial of service via number of getbulk responses.
  - 46_CVE-2008-4309.patch: fixes thanks to Jochen Friedrich.
* fix regressions in Perl bindings:
  - 48-CVE-2008-2292.patch: updated thanks to Jochen Friedrich.

Author: Chuck Short
Revision Date: 2008-09-22 14:18:08 UTC

debian/snmpd.init: Fix snmpd script error. (LP: #270961)

Author: Michael Vogt
Revision Date: 2008-03-18 17:47:13 UTC

Add missing Replaces: libsnmp9-dev (<< 5.4~dfsg) to
libsnmp-base to avoid file confict on dapper->hardy upgrades
(LP: #203610)

Author: Kees Cook
Revision Date: 2008-11-18 12:28:59 UTC

* SECURITY UPDATE: authentication bypass via spoofed SNMPv3 packets.
  - 51_CVE-2008-0960.patch: fixes thanks to Nico Golde.
* SECURITY UPDATE: arbitrary code execution via buffer overflow.
  - 52_CVE-2008-2292.patch: fixes thanks to Jochen Friedrich.
* SECURITY UPDATE: denial of service via number of getbulk responses.
  - 53_CVE-2008-4309.patch: ported fixes from Jochen Friedrich.

Author: Matthias Klose
Revision Date: 2007-10-05 14:55:58 UTC

* Do not install the upstream changelog in libsnmp10 and libsnmp-base.
* Symlink files common in libsnmp10 and libsnmp-base.

Author: Stephan Rügamer
Revision Date: 2007-11-21 09:32:24 UTC

* SECURITY UPDATE: CVE-2007-5846 (LP: #164007)
  The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to
  cause a denial of service (CPU and memory consumption) via a GETBULK request
  with a large max-repeaters value.
* debian/patches/50_CVE-2007-5846.patch,
  debian/patches/50_CVE-2007-5846.README:
  Applied patch from upstream and explanation
  (Link: http://sourceforge.net/tracker/index.php?func=detail&aid=1712988&group_id=12694&atid=112694 )
* References:
  CVE-2007-5846

Author: Scott James Remnant (Canonical)
Revision Date: 2006-11-28 12:29:34 UTC

* Merge from debian unstable, remaining changes:
  - remove stop links from rc0 and rc6

Author: Stephan Rügamer
Revision Date: 2007-11-21 11:05:09 UTC

* SECURITY UPDATE: CVE-2007-5846 (LP: #164007)
  The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to
  cause a denial of service (CPU and memory consumption) via a GETBULK request
  with a large max-repeaters value.
* debian/patches/50_CVE-2007-5846.patch,
  debian/patches/50_CVE-2007-5846.README:
  Applied patch from upstream and explanation
  (Link: http://sourceforge.net/tracker/index.php?func=detail&aid=1712988&group_id=12694&atid=112694 )
* References:
  CVE-2007-5846

Author: Scott James Remnant (Canonical)
Revision Date: 2006-09-15 17:32:44 UTC

Remove stop script symlinks from rc0 and rc6.

Author: Kees Cook
Revision Date: 2008-11-18 13:20:22 UTC

* SECURITY UPDATE: authentication bypass via spoofed SNMPv3 packets.
  - 51_CVE-2008-0960.patch: fixes thanks to Nico Golde.
* SECURITY UPDATE: arbitrary code execution via buffer overflow.
  - 52_CVE-2008-2292.patch: fixes thanks to Jochen Friedrich.
* SECURITY UPDATE: denial of service via number of getbulk responses.
  - 53_CVE-2008-4309.patch: ported fixes from Jochen Friedrich.

Author: Adam Conrad
Revision Date: 2006-04-04 20:16:30 UTC

* Merge the setup of the snmp user from the Debian packaging, which uses
  /var/lib/snmp for the user's home, not /home/snmp (launchpad.net/33377)
* Migrate the snmp user's passwd entry from the old home dir to the new.

Author: Martin Pitt
Revision Date: 2005-09-29 15:25:30 UTC

* SECURITY UPDATE: Fix remote Denial of Service.
* snmplib/snmp_api.c: Free the correct buffer when a stream-based connection
  (like TCP) terminates.
* References:
  CAN-2005-2177
  http://sourceforge.net/tracker/index.php?func=detail&aid=1207023&group_id=12694&atid=112694

Author: Martin Pitt
Revision Date: 2005-09-29 15:37:21 UTC

* SECURITY UPDATE: Fix remote Denial of Service.
* snmplib/snmp_api.c: Free the correct buffer when a stream-based connection
  (like TCP) terminates.
* References:
  CAN-2005-2177
  http://sourceforge.net/tracker/index.php?func=detail&aid=1207023&group_id=12694&atid=112694

Author: Adam Conrad
Revision Date: 2005-03-31 04:21:37 UTC

Apply safe-but-hackish patch by Henrique de Moraes Holschuh to
fix the libdir in libsnmp5-dev's .la files (Ubuntu bug #8393)

Author: Martin Pitt
Revision Date: 2005-09-29 15:39:13 UTC

* SECURITY UPDATE: Fix remote Denial of Service.
* snmplib/snmp_api.c: Free the correct buffer when a stream-based connection
  (like TCP) terminates.
* References:
  CAN-2005-2177
  http://sourceforge.net/tracker/index.php?func=detail&aid=1207023&group_id=12694&atid=112694

Author: Martin Pitt
Revision Date: 2004-09-13 12:06:21 UTC

* snmpd.default: run as user 'snmp' by default, not root (Warty bug #1151)
* snmpd.postinst:
  - create system user snmp
  - removed superfluous version check which could have never been executed
* snmpd.postrm:
  - delete user snmp on purge
  - quoted comparison of $1 (it could be empty)