UbuntuUpdates.org

Package "net-snmp"

Name: net-snmp

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • SNMP (Simple Network Management Protocol) Perl5 support
  • SNMP (Simple Network Management Protocol) Python support
  • Net-SNMP notification receiver
  • SNMP (Simple Network Management Protocol) MIB browser

Latest version: 5.7.3+dfsg-1.8ubuntu3.6
Release: bionic (18.04)
Level: updates
Repository: universe

Links



Other versions of "net-snmp" in Bionic

Repository Area Version
base main 5.7.3+dfsg-1.8ubuntu3
base universe 5.7.3+dfsg-1.8ubuntu3
security main 5.7.3+dfsg-1.8ubuntu3.6
security universe 5.7.3+dfsg-1.8ubuntu3.6
updates main 5.7.3+dfsg-1.8ubuntu3.6

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.7.3+dfsg-1.8ubuntu3.6 2020-09-01 20:06:24 UTC

  net-snmp (5.7.3+dfsg-1.8ubuntu3.6) bionic-security; urgency=medium

  * SECURITY REGRESSION: The update for CVE-2020-15862 making mib extend
    read-only caused nsExtendCacheTime to be not setable anymore (LP: #1892980)
    - debian/patches/CVE-2020-15862-bug1893465.patch: add -cacheTime and
      -execType flags to "extend" config directive in
      agent/mibgroup/agent/extend.c, man/snmpd.conf.5.def.

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 28 Aug 2020 17:14:41 -0300

Source diff to previous version
1892980 NET-SNMP-EXTEND-MIB::nsExtendCacheTime cannot be set anymore
CVE-2020-15862 Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands a

Version: 5.7.3+dfsg-1.8ubuntu3.5 2020-08-24 18:06:40 UTC

  net-snmp (5.7.3+dfsg-1.8ubuntu3.5) bionic-security; urgency=medium

  * SECURITY UPDATE: Elevation of privileges - symlink handling
    - debian/patches/CVE-2020-15861.patch: stop reading and writing
      the mib_indexes files in include/net-snmp/library/mib.h,
      include/net-snmp/library/parse.h, snmplib/mib.c, snmplib/parse.c.
    - CVE-2020-15861
  * SECURITY UPDATE: Elevation of privileges
    - debian/patches/CVE-2020-15862.patch: make the extend mib
      read-only by default in agent/mibgroup/agent/extend.c.
    - CVE-2020-15862

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 17 Aug 2020 16:16:25 -0300

Source diff to previous version
CVE-2020-15861 Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.
CVE-2020-15862 Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands a

Version: 5.7.3+dfsg-1.8ubuntu3.3 2019-09-12 13:06:38 UTC

  net-snmp (5.7.3+dfsg-1.8ubuntu3.3) bionic; urgency=medium

  * d/p/put-paranthesis-around-macros-which-are-expressions.patch:
    - put paranthesis around macros which are expressions.
    (LP: #1843036)

  * d/p/fix-check-hr-filesys-autofs.patch:
    - On Linux getmntent() is available but getfsstat() not.
      Hence remove #if HAVE_GETFSSTAT from around the HRFS_type
      check.

1843036 [regression] SNMP missing disks in hrStorageTable

Version: *DELETED* 2019-09-06 16:07:15 UTC
No changelog for deleted or moved packages.

Version: 5.7.3+dfsg-1.8ubuntu3.2 2019-09-05 13:06:49 UTC

  net-snmp (5.7.3+dfsg-1.8ubuntu3.2) bionic; urgency=medium

  * Skip autofs entries when calling statfs to prevent autofs being mounted on
    snmpd startup (LP: #1835818):
    - d/p/autofs-skip-autofs-entries.patch
    - d/p/autofs-fix-a-recently-introduced-bug.patch

 -- Ioanna Alifieraki <email address hidden> Wed, 21 Aug 2019 12:55:14 +0100

1835818 snmpd causes autofs mount points to be mounted on service start/restart



About   -   Send Feedback to @ubuntu_updates