Ubuntu
net-snmp package

lp:ubuntu/dapper-updates/net-snmp

Dapper (6.06)
dapper-updates

Created by James Westby on 2009-06-26 and last modified on 2009-06-26

Get this branch:: bzr branch lp:ubuntu/dapper-updates/net-snmp

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

9. By Kees Cook on 2008-11-18: * SECURITY UPDATE: authentication bypass via spoofed SNMPv3 packets.
  - 51_CVE-2008-0960.patch: fixes thanks to Nico Golde.
* SECURITY UPDATE: arbitrary code execution via buffer overflow.
  - 52_CVE-2008-2292.patch: fixes thanks to Jochen Friedrich.
* SECURITY UPDATE: denial of service via number of getbulk responses.
  - 53_CVE-2008-4309.patch: ported fixes from Jochen Friedrich.
8. By Stephan Rügamer on 2007-11-21: * SECURITY UPDATE: CVE-2007-5846 (LP: #164007)
  The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to
  cause a denial of service (CPU and memory consumption) via a GETBULK request
  with a large max-repeaters value.
* debian/patches/50_CVE-2007-5846.patch,
  debian/patches/50_CVE-2007-5846.README:
  Applied patch from upstream and explanation
  (Link: http://sourceforge.net/tracker/index.php?func=detail&aid=1712988&group_id=12694&atid=112694 )
* References:
  CVE-2007-5846
7. By Kees Cook on 2007-04-19: * SECURITY UPDATE: denial of service via crafted TCP session.
* Add 14_snmpapi_crash.patch: upstream fixes.
* References
CVE-2005-4837
6. By Adam Conrad on 2006-04-04: * Merge the setup of the snmp user from the Debian packaging, which uses
/var/lib/snmp for the user's home, not /home/snmp (launchpad.net/33377)
* Migrate the snmp user's passwd entry from the old home dir to the new.
5. By Fabio Massimo Di Nitto on 2005-11-25: Resynchronise with Debian.
4. By Martin Pitt on 2005-09-29: * SECURITY UPDATE: Fix remote Denial of Service.
* snmplib/snmp_api.c: Free the correct buffer when a stream-based connection
  (like TCP) terminates.
* References:
  CAN-2005-2177
  http://sourceforge.net/tracker/index.php?func=detail&aid=1207023&group_id=12694&atid=112694
3. By Adam Conrad on 2005-03-31: Apply safe-but-hackish patch by Henrique de Moraes Holschuh to
fix the libdir in libsnmp5-dev's .la files (Ubuntu bug #8393)
2. By Martin Pitt on 2004-09-13: * snmpd.default: run as user 'snmp' by default, not root (Warty bug #1151)
* snmpd.postinst:
  - create system user snmp
  - removed superfluous version check which could have never been executed
* snmpd.postrm:
  - delete user snmp on purge
  - quoted comparison of $1 (it could be empty)
1. By Martin Pitt on 2004-09-13: Import upstream version 5.1.1

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/net-snmp

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntunet-snmp package