lp://staging/ubuntu/trusty-security/net-snmp

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp://staging/ubuntu/trusty-security/net-snmp
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

65. By Marc Deslauriers

* SECURITY UPDATE: denial of service via crafted SNMP trap message
  - debian/patches/CVE-2014-3565.patch: handle variables with wrong types
    in snmplib/mib.c.
  - CVE-2014-3565
* SECURITY UPDATE: denial of service and possible code execution via
  incompletely parsed varBind variables
  - debian/patches/CVE-2015-5621.patch: don't return incorrectly parsed
    varbinds in snmplib/snmp_api.c.
  - CVE-2015-5621

64. By Marc Deslauriers

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service when ICMP-MIB is in use
  - debian/patches/CVE-2014-2284.patch: fix ICMP mib table handling in
    agent/mibgroup/mibII/icmp.c, agent/mibgroup/mibII/kernel_linux.*.
  - CVE-2014-2284
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285

63. By Martin Pitt

Add 00upstream-btrfs.patch: Add btrfs support to hrFSTable. Cherrypicked
from upstream, by way of Nafallo Bjälevik. Thanks! (LP: #1289503)

62. By Colin Watson

* Resynchronise with Debian. Remaining changes:
  - Add apport hook.
  - Avoid installing links in rc[06].d.

61. By Colin Watson

Rebuild for Perl 5.18.

60. By Yolanda Robla

* Merge from Debian unstable (LP: #1200516). Remaining changes:
  + Add apport hook (LP: #533603):
    - debian/source.apport: apport hook
    - debian/control: Build-depends on dh-apport.
    - debian/rules:
      + Add --with apport.
      + override_dh_apport to install hook on snmpd package only.
* Call dh_installinit correctly to avoid installing links in rc[06].d

59. By Andres Rodriguez

* Merge from Debian unstable. Remaining changes:
  - debian/rules: Don't stop service in runlevels 0 and 6.
  - debian/snmpd.init: LSBify the init script.
  - debian/snmp.preinst, debian/snmp.prerm: Kill any/all processes owned
    by snmp user before install/uninstall.
  - Add apport hook.
* debian/patches/ubuntu-fix-lp-587828.patch: Drop. Fixed upstream.

58. By Logan Rosen

* Merge from Debian unstable. Remaining changes:
  - debian/rules: Don't stop service in runlevels 0 and 6.
  - debian/snmpd.init: LSBify the init script.
  - debian/snmp.preinst, debian/snmp.prerm: Kill any/all processes owned
    by snmp user before install/uninstall.
  - Add apport hook.
  - debian/patches/ubuntu-fix-lp-587828.patch: Fix row creation for 64bit
    arches
  - debian/{control,rules}: Use dh_python2

57. By Marc Deslauriers

* Merge from Debian unstable. Remaining changes:
  - debian/rules: Don't stop service in runlevels 0 and 6.
  - debian/snmpd.init: LSBify the init script.
  - debian/snmp.preinst, debian/snmp.prerm: Kill any/all processes owned
    by snmp user before install/uninstall.
  - Add apport hook.
  - debian/patches/ubuntu-fix-lp-587828.patch: Fix row creation for 64bit
    arches
  - debian/{control,rules}: Use dh_python2
* Dropped changes:
  - debian/patches/50_use_bash.patch: Patch wasn't actually being
    applied, and upstream apparently fixed this in 5.4.2.
  - debian/patches/52_fix_snmpcmd_1_typo.patch: Patch wasn't actually
    being applied, and fix is included in 56_manpage.patch.
  - debian/snmpd.postinst: Source debconf before doing work: included in
    debian package now.
  - debian/patches/99-fix-ubuntu-div0.patch: wasn't applied.
  - debian/patches/CVE-2008-6123.*: wasn't applied.
  - debian/patches/CVE-2012-2141.patch: use debian's patch.
  - debian/README.Debian-source: this change is irrelevant since we
    use the debian tarball as-is.
  - debian/rules: removed misc irrelevant and undocumented changes.
  - debian/snmpd.postinst: no longer need to remove shutdown and reboot
    links since this is from Maverick-era.

56. By Marc Deslauriers

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/wily/net-snmp
This branch contains Public information 
Everyone can see this information.

Subscribers