-
net-snmp (5.4.2.1~dfsg0ubuntu1-0ubuntu2.3) lucid-security; urgency=medium
* SECURITY UPDATE: denial of service via AgentX subagent timeout
- debian/patches/CVE-2012-6151.patch: track cancelled sessions in
agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
include/net-snmp/agent/snmp_agent.h.
- CVE-2012-6151
* SECURITY UPDATE: denial of service in perl trap handler
- debian/patches/CVE-2014-2285.patch: handle empty community string in
perl/TrapReceiver/TrapReceiver.xs.
- CVE-2014-2285
* SECURITY UPDATE: denial of service via multiple-object requests
- debian/patches/CVE-2014-2310.patch: fix lengths in
agent/mibgroup/agentx/protocol.c.
- CVE-2014-2310
-- Marc Deslauriers <email address hidden> Tue, 11 Mar 2014 10:10:12 -0400
-
net-snmp (5.4.2.1~dfsg0ubuntu1-0ubuntu2.2) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via SNMP GET with non-existent
extension table entry
- debian/patches/CVE-2012-2141.patch: validate line_idx in
agent/mibgroup/agent/extend.c.
- CVE-2012-2141
-- Marc Deslauriers <email address hidden> Tue, 22 May 2012 16:53:47 -0400
-
net-snmp (5.4.2.1~dfsg0ubuntu1-0ubuntu2.1) lucid-security; urgency=low
* SECURITY UPDATE: access restriction bypass
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516801
- http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&revision=17367
- CVE-2008-6123
-- Corey Wright <email address hidden> Mon, 31 May 2010 00:00:29 -0500
-
net-snmp (5.4.2.1~dfsg0ubuntu1-0ubuntu2) lucid; urgency=low
* Add apport hook (LP: #533603):
- debian/{snmp,snmpd}.apport: Added.
- debian/control: Build-depends on dh-apport.
- debian/rules:
+ Add --with apport.
+ override_dh_apport to install hook on snmpd package only.
-- Andres Rodriguez <email address hidden> Sun, 28 Mar 2010 00:25:13 -0400
-
net-snmp (5.4.2.1~dfsg0ubuntu1-0ubuntu1) lucid; urgency=low
* Repackage upstream tarball to re-add the MIBs: even if they are not
modifiable (which is questionable), this is not a reason to keep them
out of Ubuntu main.
* Revert the changes to prompt about MIB downloads.
* Call dh_installinit correctly to avoid installing links in rc[06].d
* Temporarily re-add postinst snippet to clean up rc[06].d links left by
the previous upload.
* Fix egg name listed in debian/rules, apparently needed to fix another
build failure.
-- Steve Langasek <email address hidden> Sat, 12 Dec 2009 00:05:34 -0800
-
net-snmp (5.4.2.1~dfsg-3ubuntu2) lucid; urgency=low
* Fix FTBFS.
-- Chuck Short <email address hidden> Thu, 26 Nov 2009 13:20:26 -0500
-
net-snmp (5.4.2.1~dfsg-3ubuntu1) lucid; urgency=low
* Merge from debian testing. Remaining changes:
- Set Ubuntu maintainer address.
- net-snmp-config: Use bash. (LP: #104738)
- Removed multiuser option when calling update-rc.d. (LP: #254261)
- debian/snmpd.init: LSBify the init script.
- debian/patches/52_fix_snmpcmd_1_typo.patch: Adjust a typo in snmpcmd.1
(LP: #250459)
- debian/patches/99-fix-ubuntu-div0.patch: Fix dvision by zero.
(LP: #426813).
* Dropped patches:
- debian/patches/101-fix-ipalias.patch: Applied upstream.
- debian/patches/99-fix-net-snmp-syslog.patch: Applied upstream.
- debian/patches/99-fix-perl-counter-in-subagent.patch: Applied upstream.
- ebian/patches/103-fix-ubuntu-lmsensors.patch: No longer needed.
net-snmp (5.4.2.1~dfsg-3) unstable; urgency=low
* Fix typo in NEWS.
* Add make to libsnmp-base dependency (Closes: #556632).
* Use dh7 build system instead of cdbs (Closes: #552976).
* Fix man page .so links so they get installed correctly.
* Replace download host for RFCs for a faster one and add some better
documentation that this step takes some time and that it can be repeated
in case of a problem. (Closes: #556633, #556778, #556787, #556788)
net-snmp (5.4.2.1~dfsg-2) unstable; urgency=low
* Add upstream patch R17470 to fix debugging output and numeric OID
reporting. (Closes: #524203, #509562) Thanks to Luca Ferroni
<email address hidden> for the patch.
* Fix long description of debug package.
* Switch to libsensors4. (Closes: #518898) Thanks to Jonathan Nieder
<email address hidden> for the patch.
net-snmp (5.4.2.1~dfsg-1) unstable; urgency=low
* New upstream version
- includes patch for CVE-2008-6123 (Closes: #516801)
* remove patches applied upstream:
- 55_cve2008_4309.patch
- 54_fix_xen.patch
- 53_fix_python_regression.patch
- 52_suppress_registration_warnings.patch
- 51_allow_g_groupname.patch
- 50_cve2008_0960.patch
- 49_cve2008_2292_python.patch
- 48_cve2008_2292_perl.patch
- 47_prevent_partial_inserts.patch
- 46_ifname_crop.patch
- 45_process_race.patch
- 43_snmp_logging.patch
- 41_snmptrapd_close_handles.patch
* Updated patches:
- 31_silence_subcontainer.patch: Use upstream changeset 17254
- 25_duplicate_iftable.patch: Regenerated
- 03_makefiles.patch: Install Makefile.mib
* Removed non-free MIBS from distribution (Closes: #498475)
* Add debug package
* Implement "status" action in the init.d script. (Closes: #528107)
Thanks to Peter Eisentraut <email address hidden> for the patch
* Fix LSB dependencies (Closes: #541366). Thanks to Petter Reinholdtsen
<email address hidden> for the patch.
* Let snmpd run as group snmp (Closes: #520724). Thanks to Russell Coker
<email address hidden> for the patch.
* Update standards version to 3.8.3.
* Get rid off lintian warnings.
* Fix memory leak when multiple interfaces have the same IPv6 address,
such as link-local addresses when VLAN subinterfaces are in use.
(Closes: #531056). Thanks to John Morrissey <email address hidden> for the
patch.
* Rework build system (Closes: #528106)
* Change default configuration to make snmp daemons run without MIBs.
-- Chuck Short <email address hidden> Thu, 26 Nov 2009 01:27:00 +0000
-
net-snmp (5.4.1~dfsg-12ubuntu7) karmic; urgency=low
* debian/patches/99-fix-ubuntu-div0.patch: Fix division by zero.
(LP: #426813).
-- Chuck Short <email address hidden> Mon, 28 Sep 2009 14:02:16 -0400
