Package Release Info

net-snmp-5.9.3-150300.15.8.1

Update Info: Base Release
Available in Package Hub : 15 SP5 Subpackages

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

libsnmp40-32bit

net-snmp-debugsource

Change Logs

* Mon Jan 09 2023 abergmann@suse.com

- Hardening systemd services setting "ProtectHome=true" caused home directory
  size and allocation to be listed incorrectly (bsc#1206044).
  add:
  * net-snmp-5.9.3-harden_snmpd.service.patch
  * net-snmp-5.9.3-harden_snmptrapd.service.patch
  delete:
  * net-snmp-5.9.1-harden_snmpd.service.patch
  * net-snmp-5.9.1-harden_snmptrapd.service.patch

* Thu Jan 05 2023 abergmann@suse.com

- Fixed NULL pointer exception issue when handling ipDefaultTTL or
  pv6IpForwarding (bsc#1205148, CVE-2022-44793, bsc#1205150, CVE-2022-44792).
  add:
  * net-snmp-5.9.3-disallow_SET_requests_with_NULL_varbind.patch
- Enable AES-192 and AES-256 privacy protocol (bsc#1206828).

Version: 5.7.3-8.24

* Mon Jun 18 2018 kukuk@suse.de

- Create /var/agentx via systemd tmpfiles in case of rollback,
  snapshots and transactional updates [bsc#1098032]

* Wed Apr 18 2018 tchvatal@suse.com

- Fix permissions on unit files wrt bsc#1087977
- Use %license (boo#1082318)

* Mon Apr 16 2018 abergmann@suse.com

- Remove executable flags from systemd service files (bsc#1089295).

* Fri Feb 02 2018 jengelh@inai.de

- Fix RPM group for shlib subpackage.

* Wed Jan 24 2018 tchvatal@suse.com

- Properly conditionalize the py2 build

* Wed Jan 24 2018 tchvatal@suse.com

- Add patch from Fedora to support natively systemd:
  * net-snmp-5.7.2-systemd.patch
- Drop the check phase as whole 90% of the tests fail it makes
  more sense to run them somewhere localy

* Mon Jan 22 2018 tchvatal@suse.com

- Take systemd service files from fedora to replace sysV scripts
- Also convert the sysconfig files to match fedora ones, they
  get bit more terse but it works seamlessly with systemd

* Fri Jan 19 2018 tchvatal@suse.com

- Format with spec-cleaner
- Drop sle11 support as it fails to build anyway for ages
- Rename python packages to be python-%{name} with obsoletes
  * Use new singlespec macros
  * Add patch converting the py files to python3/2 compat mode
    net-snmp-python3.patch
- Run full autoreconf instead of partial
- Build with threads by building few targets first

* Mon Dec 11 2017 dimstar@opensuse.org

- Add net-snmp-5.7.3-modern-rpm-api.patch: Supprt modern RPM (>=
  4.6) API. In RPM 4.14, the RPM 4.4 compatibility APIs are being
  removed.

* Thu Nov 23 2017 rbrown@suse.com

- Replace references to /var/adm/fillup-templates with new
  %_fillupdir macro (boo#1069468)

Version: 5.9.3-150300.15.3.1

* Thu Oct 06 2022 abergmann@suse.com

- update to 5.9.3 (bsc#1201103, jsc#SLE-11203):
  - security:
  - These two CVEs can be exploited by a user with read-only credentials:
  - CVE-2022-24805 A buffer overflow in the handling of the INDEX of
    NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
  - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable
    can cause a NULL pointer dereference.
  - These CVEs can be exploited by a user with read-write credentials:
  - CVE-2022-24806 Improper Input Validation when SETing malformed
    OIDs in master agent and subagent simultaneously
  - CVE-2022-24807 A malformed OID in a SET request to
    SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an
    out-of-bounds memory access.
  - CVE-2022-24808 A malformed OID in a SET request to
    NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
  - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
    can cause a NULL pointer dereference.
  - Fixed library versioning bug found in 5.9.2.
  - Library version change to libsnmp40.
- Moved logrotate files from user specific directory /etc/logrotate.d
  to vendor specific directory /usr/etc/logrotate.d.
- Fixed python2 backward compability.
  add:
  * net-snmp-5.9.3-fixed-python2-bindings.patch
- Migration to /usr/etc: Saving user changed configuration files
  in /etc and restoring them while an RPM update.
- Change to use systemd service files directly from net-snmp package.
  add:
  * net-snmp-5.9.1-suse-systemd-service-files.patch
  * net-snmp-5.9.1-harden_snmpd.service.patch
  * net-snmp-5.9.1-harden_snmptrapd.service.patch
  remove:
  * snmpd.service
  * snmptrapd.service
  * harden_snmpd.service.patch
  * harden_snmptrapd.service.patch
- Refactor and remove obsolete patches to work with version number 5.9.3:
  add:
  * net-snmp-5.9.3-pie.patch
  * net-snmp-5.9.3-fix-create-v3-user-outfile.patch
  * net-snmp-5.9.1-add-lustre-fs-support.patch
  * net-snmp-5.9.1-fix-Makefile.PL.patch
  * net-snmp-5.9.1-modern-rpm-api.patch
  * net-snmp-5.9.1-net-snmp-config-headercheck.patch
  * net-snmp-5.9.1-perl-tk-warning.patch
  * net-snmp-5.9.1-snmpstatus-suppress-output.patch
  * net-snmp-5.9.1-socket-path.patch
  * net-snmp-5.9.1-subagent-set-response.patch
  * net-snmp-5.9.1-testing-empty-arptable.patch
  * net-snmp-5.9.1-velocity-mib.patch
  remove:
  * net-snmp-5.9.1-pie.patch
  * net-snmp-5.9.1-fix-create-v3-user-outfile.patch
  * net-snmp-5.7.3-add-lustre-fs-support.patch
  * net-snmp-5.7.3-Fix-Makefile.PL.patch
  * net-snmp-5.7.3-modern-rpm-api.patch
  * net-snmp-5.7.3-net-snmp-config-headercheck.patch
  * net-snmp-5.7.3-perl-tk-warning.patch
  * net-snmp-5.7.3-snmpstatus-suppress-output.patch
  * net-snmp-5.7.3-socket-path.patch
  * net-snmp-5.7.3-subagent-set-response.patch
  * net-snmp-5.7.3-testing-empty-arptable.patch
  * net-snmp-5.7.3-velocity-mib.patch
  * net-snmp-5.7.3-fix-create-v3-user-outfile.patch
  * net-snmp-5.7.3-pie.patch
  * net-snmp-4.7.2-systemd.patch
  * net-snmp-5.7.3-build-with-openssl-1.1.patch
  * net-snmp-5.7.3-fix-agentx-freezing-on-timeout.patch
  * net-snmp-5.7.3-fix-missing-mib-hrStorage-indexes.patch
  * net-snmp-5.7.3-fix-snmpd-crashing-when-an-agentx-disconnects.patch
  * net-snmp-5.7.3-fix-snmp_pdu_parse-incomplete.patch
  * net-snmp-5.7.3-fix-subagent-data-corruption.patch
  * net-snmp-5.7.3-helpers-table-skip-if-next-handler-called.patch
  * net-snmp-5.7.3-host-mib-skip-autofs-entries.patch
  * net-snmp-5.7.3-make-extended-mib-read-only.patch
  * net-snmp-5.7.3-netgroups.patch
  * net-snmp-5.7.3-Remove-U64-typedef.patch
  * net-snmp-5.7.3-snmptrapd-add-forwarder-info.patch
  * net-snmp-5.7.3-swintst_rpm-Protect-against-unspecified-Group-name.patch
  * net-snmp-5.7.3-ucd-snmp-mib-add-64-bit-mem-obj.patch
  * net-snmp-python3.patch

Version: 5.7.3-10.9.1

* Thu Dec 23 2021 abergmann@suse.com

- Fix LFH violation during v3 user creation (bsc#1181591).
  Add net-snmp-5.7.3-fix-create-v3-user-outfile.patch

* Wed Dec 22 2021 abergmann@suse.com

- Fix hrStorage autofs objects timeout problems (bsc#1179699, bsc#1145864).
  Add net-snmp-5.7.3-host-mib-skip-autofs-entries.patch
  Add net-snmp-5.7.3-fix-missing-mib-hrStorage-indexes.patch
- Fix NSS mounted volumes in hrStorageDescr (bsc#1100146).
  Add net-snmp-5.7.3-recognize-nss-pools-and-nss-volumes-oes.patch
- Fix subagent crash at save_set_var() (bsc#1178021).
  Add net-snmp-5.7.3-subagent-set-response.patch
- Fix subagent data corruption (bsc#1178351, bsc#1179009).
  Add net-snmp-5.7.3-fix-subagent-data-corruption.patch

* Mon Dec 20 2021 abergmann@suse.com

- Fix output for high memTotalReal RAM values (bsc#1152968).
  Add net-snmp-5.7.3-ucd-snmp-mib-add-64-bit-mem-obj.patch

* Fri Dec 17 2021 abergmann@suse.com

- Make extended MIB read-only (bsc#1174961, CVE-2020-15862).
  Add net-snmp-5.7.3-make-extended-mib-read-only.patch

* Fri Jul 05 2019 abergmann@suse.com

- Add Lustre filesystem support (bsc#1140341, jsc#SLE-6120).
  Add net-snmp-5.7.3-add-lustre-fs-support.patch
- Add info about the original agent which triggered the trap.
  When the trap is forwarded there was no info about the original
  agent (bsc#1116807).
  Add net-snmp-5.7.3-snmptrapd-add-forwarder-info.patch
- Fix missing sysconfig files creation (bsc#1108471).

* Tue Oct 09 2018 abergmann@suse.com

- Fix remote DoS in agent/helpers/table.c (bsc#1111122, CVE-2018-18065)
  Add net-snmp-5.7.3-helpers-table-skip-if-next-handler-called.patch
- swintst_rpm: Protect against unspecified Group name (bsc#1102775)
  Add net-snmp-5.7.3-swintst_rpm-Protect-against-unspecified-Group-name.patch
- Add tsm and tlstm MIBs and the USM security module. (bsc#1081164)
- Fix agentx freezing on timeout (bsc#1027353)
  Add net-snmp-fix-agentx-freezing-on-timeout.patch

* Thu Feb 01 2018 jengelh@inai.de

- Fix RPM group for shlib subpackage.

* Tue Jun 13 2017 daniel.molkentin@suse.com

- Fix build with OpenSSL 1.1 (bsc#1042664):
  + Add net-snmp-5.7.3-build-with-openssl-1.1.patch, cumulated
    squash-patch from the following upstream commits:
    bbed6b86e70b5a3c54f14992696f2308a8d79511
    14bb72fd12bf5b68662893f7d8afbc4a8d52a6c8
    9641b472ef01208f92631016e91b0a4a518163f0
    e4c6937483d4a680570cec05388d2e4b291868a6
    b906c60c8a436d7360267a6d242526b33a9aaac8

* Sat May 21 2016 dimstar@opensuse.org

- Fix build with perl 5.24.0:
  + Add net-snmp-5.7.3-Fix-Makefile.PL.patch: Fix build system
    recursiely loading Makefile.Pl and destroying its internas.
    See https://rt.perl.org/Public/Bug/Display.html?id=125907
  + net-snmp-5.7.3-Remove-U64-typedef.patch: The U64 typedef
    conflicts with a typedef in a Perl header file. Hence remove
    the U64 typedef from the Net-SNMP header files. Backported from
    upstream commit 477b4307ef1.

* Tue Mar 15 2016 abergmann@suse.com

- make snmpd and snmptrapd log message destination configurable
  for syslog or a dedicated log file. (bsc#695677)
- make snmpd and snmptrapd listening address(es) configurable via
  the sysconfig file.

* Mon Feb 15 2016 astieger@suse.com

- fix build with GNU grep 2.23, use grep -a to force text matching

Version: 5.7.3-10.12.1

* Wed Mar 09 2022 abergmann@suse.com

- Decouple snmp-mibs from net-snmp version to allow major version
  upgrade (bsc#1196955).