Thu Jul 21 18:13:18 UTC 202220220721181318_15.0

patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause
  an out-of-bounds memory access.
  A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL
  pointer dereference.
  Improper Input Validation when SETing malformed OIDs in master agent and
  subagent simultaneously.
  A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable
  can cause an out-of-bounds memory access.
  A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a
  NULL pointer dereference.
  A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer
  dereference.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810
  (* Security fix *)

1 files changed, 2 insertions, 0 deletions

diff --git a/patches/source/net-snmp/snmpd.default b/patches/source/net-snmp/snmpd.default
new file mode 100644
index 000000000..a7db0a292
--- /dev/null
+++ b/patches/source/net-snmp/snmpd.default
@@ -0,0 +1,2 @@
+# Options to use when running snmpd:
+SNMPD_OPTIONS="-A -p /var/run/snmpd -a"