head 1.1; access; symbols pkgsrc-2026Q1:1.1.0.28 pkgsrc-2026Q1-base:1.1 pkgsrc-2025Q4:1.1.0.26 pkgsrc-2025Q4-base:1.1 pkgsrc-2025Q3:1.1.0.24 pkgsrc-2025Q3-base:1.1 pkgsrc-2025Q2:1.1.0.22 pkgsrc-2025Q2-base:1.1 pkgsrc-2025Q1:1.1.0.20 pkgsrc-2025Q1-base:1.1 pkgsrc-2024Q4:1.1.0.18 pkgsrc-2024Q4-base:1.1 pkgsrc-2024Q3:1.1.0.16 pkgsrc-2024Q3-base:1.1 pkgsrc-2024Q2:1.1.0.14 pkgsrc-2024Q2-base:1.1 pkgsrc-2024Q1:1.1.0.12 pkgsrc-2024Q1-base:1.1 pkgsrc-2023Q4:1.1.0.10 pkgsrc-2023Q4-base:1.1 pkgsrc-2023Q3:1.1.0.8 pkgsrc-2023Q3-base:1.1 pkgsrc-2023Q2:1.1.0.6 pkgsrc-2023Q2-base:1.1 pkgsrc-2023Q1:1.1.0.4 pkgsrc-2023Q1-base:1.1 pkgsrc-2022Q4:1.1.0.2 pkgsrc-2022Q4-base:1.1; locks; strict; comment @# @; 1.1 date 2022.10.18.12.01.52; author adam; state Exp; branches; next ; commitid 1hob0RpCwfzracYD; desc @@ 1.1 log @net-snmp py-netsnmp: updated to 5.9.3 *5.9.3*: security: - These two CVEs can be exploited by a user with read-only credentials: - CVE-2022-24805 A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. - These CVEs can be exploited by a user with read-write credentials: - CVE-2022-24806 Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously - CVE-2022-24807 A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. - CVE-2022-24808 A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. - To avoid these flaws, use strong SNMPv3 credentials and do not share them. If you must use SNMPv1 or SNMPv2c, use a complex community string and enhance the protection by restricting access to a given IP address range. - Thanks are due to Yu Zhang of VARAS@@IIE and Nanyu Zhong of VARAS@@IIE for reporting the following CVEs that have been fixed in this release, and to Arista Networks for providing fixes. misc: - Snmp-create-v3-user: Fix the snmpd.conf path @@datadir@@ is expanded in ${datarootdir} so datarootdir must be set before @@datadir@@ is used. general: Many bug fixes *5.9.2*: skipped due to a last minute library versioning found bug -- use 5.9.3 instead *5.9.1*: General: Many bug fixes *5.9* snmplib: - Add IPv6 support to DTLSUDP transport CHANGES: snmplib: use new netsnmp_sockaddr_storage in netsnmp_addr_pair CHANGES: snmplib: add base_transport ptr for tunneled transports snmpd: - Security vulnerabilty in the ping MIB reported by Christopher Ertl from Microsoft fixed - Changing to a different uid/gid can only be done once - The extend mib is now read-only by default snmptrap: - BUG: 2899: Patch from Drew Roedersheimer to set library engineboots/time values before sending unspecified: - Add pkg-config support for building applications and sub-agents Use the netsnmp package when building Net-SNMP applications. Use the netsnmp-agent package when building Net-SNMP subagents. @ text @$NetBSD: patch-da,v 1.2 2013/03/17 00:15:29 gdt Exp $ --- ov/UCD-fields.orig 2012-10-09 22:28:58.000000000 +0000 +++ ov/UCD-fields @@@@ -11,6 +11,7 @@@@ Field "SNMPAgent" { "UCD Ultrix", "UCD NetBSD", "UCD FreeBSD", + "UCD DragonFly", "UCD IRIX", "UCD Linux", "UCD BSD/OS", @