diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-07-21 18:13:18 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-07-22 13:30:29 +0200 |
commit | 7e930376320e016856285807d7788b01e51cc594 (patch) | |
tree | 42af5ffdc9af82005c3a34b0e42960ac8c6b50e5 /patches/source/net-snmp/doinst.sh | |
parent | 83e918a9794a98459b443e0095a9d13369d2fc7f (diff) | |
download | current-7e930376320e016856285807d7788b01e51cc594.tar.gz current-7e930376320e016856285807d7788b01e51cc594.tar.xz |
Thu Jul 21 18:13:18 UTC 202220220721181318_15.0
patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause
an out-of-bounds memory access.
A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL
pointer dereference.
Improper Input Validation when SETing malformed OIDs in master agent and
subagent simultaneously.
A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable
can cause an out-of-bounds memory access.
A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a
NULL pointer dereference.
A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer
dereference.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810
(* Security fix *)
Diffstat (limited to 'patches/source/net-snmp/doinst.sh')
-rw-r--r-- | patches/source/net-snmp/doinst.sh | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/patches/source/net-snmp/doinst.sh b/patches/source/net-snmp/doinst.sh new file mode 100644 index 000000000..db1cdda69 --- /dev/null +++ b/patches/source/net-snmp/doinst.sh @@ -0,0 +1,24 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.snmpd.new: +if [ -e etc/rc.d/rc.snmpd ]; then + cp -a etc/rc.d/rc.snmpd etc/rc.d/rc.snmpd.new.incoming + cat etc/rc.d/rc.snmpd.new > etc/rc.d/rc.snmpd.new.incoming + mv etc/rc.d/rc.snmpd.new.incoming etc/rc.d/rc.snmpd.new +fi + +config etc/snmp/snmpd.conf.new +config etc/rc.d/rc.snmpd.new +config etc/default/snmpd.new + |