contains various tools relating to the Simple Network Management Protocol (successor of the cmu-snmp library).
| CHANGES (net-snmp-5.9.2) | : | CHANGES (net-snmp-5.9.3) |
|---|
| This file contains a list of specific bugs that have been fixed, and patches | | This file contains a list of specific bugs that have been fixed, and patches |
| that have been applied in released versions. Please see the NEWS file for | | that have been applied in released versions. Please see the NEWS file for |
| a summary of the major changes, and the ChangeLog file for a comprehensive | | a summary of the major changes, and the ChangeLog file for a comprehensive |
| listing of all changes made to the code. | | listing of all changes made to the code. |
| | |
|
| *5.9.2*: | | *5.9.3*: |
| security: | | security: |
| - These two CVEs can be exploited by a user with read-only credentials: | | - These two CVEs can be exploited by a user with read-only credentials: |
| - CVE-2022-24805 A buffer overflow in the handling of the INDEX of | | - CVE-2022-24805 A buffer overflow in the handling of the INDEX of |
| NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. | | NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. |
| - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTabl
e | | - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTabl
e |
| can cause a NULL pointer dereference. | | can cause a NULL pointer dereference. |
| - These CVEs can be exploited by a user with read-write credentials: | | - These CVEs can be exploited by a user with read-write credentials: |
| - CVE-2022-24806 Improper Input Validation when SETing malformed | | - CVE-2022-24806 Improper Input Validation when SETing malformed |
| OIDs in master agent and subagent simultaneously | | OIDs in master agent and subagent simultaneously |
| - CVE-2022-24807 A malformed OID in a SET request to | | - CVE-2022-24807 A malformed OID in a SET request to |
| | |
| skipping to change at line 53 | | skipping to change at line 53 |
|---|
| | |
| unspecified: | | unspecified: |
| - Moved transport code into a separate subdirectory in snmplib | | - Moved transport code into a separate subdirectory in snmplib |
| - Snmplib: remove inline versions of container funcs". | | - Snmplib: remove inline versions of container funcs". |
| | |
| misc: | | misc: |
| - snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is | | - snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is |
| expanded in ${datarootdir} so datarootdir must be set before | | expanded in ${datarootdir} so datarootdir must be set before |
| @datadir@ is used. | | @datadir@ is used. |
| | |
|
| | *5.9.2*: |
| | skipped due to a last minute library versioning found bug -- use 5.9.3 inste |
| | ad |
| | |
| *5.9.1*: | | *5.9.1*: |
| General: Many bug fixes | | General: Many bug fixes |
| | |
| *5.9* | | *5.9* |
| snmplib: | | snmplib: |
| - Add IPv6 support to DTLSUDP transport | | - Add IPv6 support to DTLSUDP transport |
| - use new netsnmp_sockaddr_storage in netsnmp_addr_pair | | - use new netsnmp_sockaddr_storage in netsnmp_addr_pair |
| - add base_transport ptr for tunneled transports | | - add base_transport ptr for tunneled transports |
| - Add support for OpenSSL 1.1.1 | | - Add support for OpenSSL 1.1.1 |
| - Dtls: overhaul of debug | | - Dtls: overhaul of debug |
| | | |
| End of changes. 2 change blocks. |
|---|
| 1 lines changed or deleted | | 5 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 