contains various tools relating to the Simple Network Management Protocol (successor of the cmu-snmp library).
| NEWS (net-snmp-5.9.2) | : | NEWS (net-snmp-5.9.3) |
|---|
| This file contains a summary of the major changes in released revisions. | | This file contains a summary of the major changes in released revisions. |
| Please see the CHANGES file for a more detailed list of specific bugs/patches | | Please see the CHANGES file for a more detailed list of specific bugs/patches |
| that have been fixed/applied, and the ChangeLog file for a comprehensive | | that have been fixed/applied, and the ChangeLog file for a comprehensive |
| listing of all changes made to the code. | | listing of all changes made to the code. |
| | |
|
| *5.9.2*: | | *5.9.3*: |
| security: | | security: |
| - These two CVEs can be exploited by a user with read-only credentials: | | - These two CVEs can be exploited by a user with read-only credentials: |
| - CVE-2022-24805 A buffer overflow in the handling of the INDEX of | | - CVE-2022-24805 A buffer overflow in the handling of the INDEX of |
| NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. | | NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. |
| - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTabl
e | | - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTabl
e |
| can cause a NULL pointer dereference. | | can cause a NULL pointer dereference. |
| - These CVEs can be exploited by a user with read-write credentials: | | - These CVEs can be exploited by a user with read-write credentials: |
| - CVE-2022-24806 Improper Input Validation when SETing malformed | | - CVE-2022-24806 Improper Input Validation when SETing malformed |
| OIDs in master agent and subagent simultaneously | | OIDs in master agent and subagent simultaneously |
| - CVE-2022-24807 A malformed OID in a SET request to | | - CVE-2022-24807 A malformed OID in a SET request to |
| | |
| skipping to change at line 37 | | skipping to change at line 37 |
|---|
| reporting the following CVEs that have been fixed in this release, and | | reporting the following CVEs that have been fixed in this release, and |
| to Arista Networks for providing fixes. | | to Arista Networks for providing fixes. |
| | |
| misc: | | misc: |
| - Snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is | | - Snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is |
| expanded in ${datarootdir} so datarootdir must be set before | | expanded in ${datarootdir} so datarootdir must be set before |
| @datadir@ is used. | | @datadir@ is used. |
| | |
| general: Many bug fixes | | general: Many bug fixes |
| | |
|
| | *5.9.2*: |
| | skipped due to a last minute library versioning found bug -- use 5.9.3 inste |
| | ad |
| | |
| *5.9.1*: | | *5.9.1*: |
| General: Many bug fixes | | General: Many bug fixes |
| | |
| *5.9* | | *5.9* |
| snmplib: | | snmplib: |
| - Add IPv6 support to DTLSUDP transport CHANGES: snmplib: use new | | - Add IPv6 support to DTLSUDP transport CHANGES: snmplib: use new |
| netsnmp_sockaddr_storage in netsnmp_addr_pair CHANGES: snmplib: add | | netsnmp_sockaddr_storage in netsnmp_addr_pair CHANGES: snmplib: add |
| base_transport ptr for tunneled transports | | base_transport ptr for tunneled transports |
| | |
| snmpd: | | snmpd: |
| | | |
| End of changes. 2 change blocks. |
|---|
| 1 lines changed or deleted | | 5 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 