Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/netsnmp: security bump to version 5.9.4

CVE-2022-44792 handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c
in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can
be used by a remote attacker (who has write access) to cause the
instance to crash via a crafted UDP packet, resulting in Denial of
Service.

CVE-2022-44793 handle_ipv6IpForwarding in
agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a
NULL Pointer Exception bug that can be used by a remote attacker to
cause the instance to crash via a crafted UDP packet, resulting in
Denial of Service.

The pgp key was changed [0] as the old one expired [1].

[0]: https://sourceforge.net/p/net-snmp/htdocs/ci/90a6d98aae21fcdff06b5be139eb4d44ae96a9de/
[1]: https://github.com/net-snmp/net-snmp/issues/595

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 868603755c16296ae2a61845891edeafc36e48ca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Daniel Lang 1 year ago
parent
00855772b8
commit
13fc9dcb34
2 changed files with 4 additions and 4 deletions
Split View Show Diff Stats
  1. 3 3
      package/netsnmp/netsnmp.hash
  2. 1 1
      package/netsnmp/netsnmp.mk

+ 3 - 3
package/netsnmp/netsnmp.hash
View File 

@@ -1,7 +1,7 @@
 
 # Locally calculated after checking pgp signature at
 
-# https://sourceforge.net/projects/net-snmp/files/net-snmp/5.9.3/net-snmp-5.9.3.tar.gz.asc
 
-# using key D0F8F495DA6160C44EFFBF10F07B9D2DACB19FD6
 
-sha256  2097f29b7e1bf3f1300b4bae52fa2308d0bb8d5d3998dbe02f9462a413a2ef0a  net-snmp-5.9.3.tar.gz
 
+# https://sourceforge.net/projects/net-snmp/files/net-snmp/5.9.4/net-snmp-5.9.4.tar.gz.asc
 
+# using key 6E6718AEF1EB5C65C32D1B2A356BC0B552D53CAB
 
+sha256  8b4de01391e74e3c7014beb43961a2d6d6fa03acc34280b9585f4930745b0544  net-snmp-5.9.4.tar.gz
 
 
 # Hash for license file
 
 sha256  ed869ea395a1f125819a56676385ab0557a21507764bf56f2943302011381e59  COPYING

+ 1 - 1
package/netsnmp/netsnmp.mk
View File 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-NETSNMP_VERSION = 5.9.3
 
+NETSNMP_VERSION = 5.9.4
 
 NETSNMP_SITE = https://downloads.sourceforge.net/project/net-snmp/net-snmp/$(NETSNMP_VERSION)
 
 NETSNMP_SOURCE = net-snmp-$(NETSNMP_VERSION).tar.gz
 
 NETSNMP_LICENSE = Various BSD-like