Navigation:
Browse pkgsrc
(this page)| 2024-03-06 10:37:01 by Jonathan Perkin | Files touched by this commit (2) |
Log message: net-snmp: Support long fds_bits. |
2024-02-21 11:21:01 by Thomas Klausner | Files touched by this commit (20) |  |
Log message:
*net-snmp: update to 5.9.4
*5.9.4*:
IMPORTANT: SNMP over TLS and/or DTLS are not functioning properly
in this release with various versions of OpenSSL and will be fixed
in a future release.
libsnmp:
- Remove the SNMP_SWIPE_MEM() macro Remove this macro since it is not
used in the Net-SNMP code base.
- DISPLAY-HINT fixes
- Miscellanious improvements to the transports
- Handle multiple oldEngineID configuration lines
- fixes for DNS names longer than 63 characters
agent:
- Added a ignoremount configuration option for the HOST-MIB
- disallow SETs with a NULL varbind
- fix the --enable-minimalist build
apps:
- snmpset: allow SET with NULL varbind for testing
- snmptrapd: improved MySQL logging code
general:
- configure: Remove -Wno-deprecated as it is no longer needed
- miscellanious ther bug fixes, build fixes and cleanups
|
| 2024-01-13 21:07:34 by Taylor R Campbell | Files touched by this commit (24) |
Log message:
*/builtin.mk: Use ${_CROSS_DESTDIR:U} for build-time file checks.
These are questions about the target system, whose files at
build-time are all relative to ${_CROSS_DESTDIR} if it is defined,
i.e., if USE_CROSS_COMPILE is set to yes.
No change to native builds because ${_CROSS_DESTDIR:U} is empty in
them. (Possible minor change by adding :Q to ${H_FOO} in command
lines, but if this makes a difference it likely fixes problems.)
|
| 2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message: *: bump for openssl 3 |
| 2023-07-06 11:43:03 by Thomas Klausner | Files touched by this commit (2483) |
Log message: *: recursive bump for perl 5.38 |
| 2023-01-14 22:11:35 by matthew green | Files touched by this commit (3) |
Log message: handle merged inpcb code since 9.99.104: http://mail-index.netbsd.org/source-changes/2022/10/28/msg141800.html this is part 2 of fixes for net-snmp, and should work now (though i'm not sure how to test properly, but it builds on both pre-/post- merge.) |
| 2023-01-14 00:14:32 by David H. Gutteridge | Files touched by this commit (2) |
Log message: net-snmp: NetBSD >= 9.99.104 build fixes (part one) Address fallout from struct inpcb changes in NetBSD 9.99.104, as impacts ipv6.c, specifically. Note this is compile-tested only (on 9.99.108 and 9.3_STABLE), I don't use this package (nor any of its dependants) and haven't tested the functionality. (At least tcpTable.c and udpTable.c also need adjustments. I don't have the time or patience to deal with them at the moment, I'm so checking in what I've adjusted so far.) (The upstream code in ipv6.c uses two inconsistent approaches to handle differences in NetBSD versions. I opted for the more explicit code blocks everywhere, to avoid confusion. I didn't bother using the new macros added in 9.99.104 to fetch specific struct members, as they don't cover much of what's needed here anyway, and would arguably just make things look even more ugly.) |
| 2022-10-25 21:33:15 by Jonathan Perkin | Files touched by this commit (1) |
Log message: net-snmp: Fix broken logic. |
| 2022-10-18 14:02:27 by Adam Ciarcinski | Files touched by this commit (1) |
Log message: net-snmp: remove unused patch |
| 2022-10-18 14:01:53 by Adam Ciarcinski | Files touched by this commit (43) | |
Log message:
net-snmp py-netsnmp: updated to 5.9.3
*5.9.3*:
security:
- These two CVEs can be exploited by a user with read-only credentials:
- CVE-2022-24805 A buffer overflow in the handling of the INDEX of
NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
- CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable
can cause a NULL pointer dereference.
- These CVEs can be exploited by a user with read-write credentials:
- CVE-2022-24806 Improper Input Validation when SETing malformed
OIDs in master agent and subagent simultaneously
- CVE-2022-24807 A malformed OID in a SET request to
SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an
out-of-bounds memory access.
- CVE-2022-24808 A malformed OID in a SET request to
NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
- CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
can cause a NULL pointer dereference.
- To avoid these flaws, use strong SNMPv3 credentials and do not share them.
If you must use SNMPv1 or SNMPv2c, use a complex community string
and enhance the protection by restricting access to a given IP address range.
- Thanks are due to Yu Zhang of VARAS@IIE and Nanyu Zhong of VARAS@IIE for
reporting the following CVEs that have been fixed in this release, and
to Arista Networks for providing fixes.
misc:
- Snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is
expanded in ${datarootdir} so datarootdir must be set before
@datadir@ is used.
general: Many bug fixes
*5.9.2*:
skipped due to a last minute library versioning found bug -- use 5.9.3 instead
*5.9.1*:
General: Many bug fixes
*5.9*
snmplib:
- Add IPv6 support to DTLSUDP transport CHANGES: snmplib: use new
netsnmp_sockaddr_storage in netsnmp_addr_pair CHANGES: snmplib: add
base_transport ptr for tunneled transports
snmpd:
- Security vulnerabilty in the ping MIB reported by Christopher Ertl
from Microsoft fixed
- Changing to a different uid/gid can only be done once
- The extend mib is now read-only by default
snmptrap:
- BUG: 2899: Patch from Drew Roedersheimer to set library
engineboots/time values before sending
unspecified:
- Add pkg-config support for building applications and sub-agents Use
the netsnmp package when building Net-SNMP applications. Use the
netsnmp-agent package when building Net-SNMP subagents.
|
New packages: