Recent changes to official-patches

SNMP 5.9.1 snmpwalk crashes, looking for bb file as well

Sriparna Som — Thu, 08 Jul 2021 10:59:45 -0000

I have taken net-snmp 5.9.1 tar ball and replaced my 5.7.3 net-snmp version(upgraded).
I see one issue :
when i do snmpwalk:
snmpwalk -v 1 -c public localhost/127.0.0.1 it gives timeout and core.

.1.3.6.1.2.1.6.15.0 = Counter32: 1502
Timeout: No Response from 127.0.0.1

Do we have any known issue in 5.9.1 latest? do i miss something?
I tried to fetch 5.9.1 bb file as well from git but could not find. my delivery is blocked due to these issues.

#48 Official patch for CVE-2014-3565

Jan Safranek — Fri, 29 Aug 2014 11:27:02 -0000

This patch has been pushed to 5.4, 5.5, 5.6 and 5.7 branches and it will be part of following Net-SNMP releases.

Official patch for CVE-2014-3565

Jan Safranek — Fri, 29 Aug 2014 11:26:10 -0000

Remote denial-of-service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

Affected Net-SNMP versions:
Net-SNMP 5.7.0 - 5.7.2.1
Net-SNMP 5.6.0 - 5.6.2.1
Net-SNMP 5.5.0 - 5.5.2.1
Net-SNMP 5.4.0 - 5.4.4

(unsupported releases older than 5.4 were not evaluated)

#47 Let extend directive specify cache-timeout and exec-type

Niels Baggesen — Sat, 09 Aug 2014 14:44:54 -0000

Ticket moved from /p/net-snmp/bugs/2563/

5.3.2: Fixes VU#878044 and CVE-2008-0960

Wes Hardaker — Mon, 09 Jun 2008 18:39:34 -0000

This patch fixes the bug found in the Net-SNMP and UCD-SNMP distributions that is identified by VU\#878044 and CVE-2008-0960.

5.4.1 suppress annoying registration warnings on startup

Thomas Anders — Mon, 01 Oct 2007 22:07:07 -0000

The attached patch fixes the following annoying warnings netsnmp\_assert \!"registration \!= duplicate" failed agent\_registry.c:535 netsnmp\_subtree\_load\(\) netsnmp\_assert \!"registration \!= duplicate" failed agent\_registry.c:535 netsnmp\_subtree\_load\(\) netsnmp\_assert \!"registration \!= duplicate" failed agent\_registry.c:535 netsnmp\_subtree\_load\(\) logged by the agent on startup for everyone. This is the same patch as SVN Rev. 16669.

5.4: memory leak in UDP transport code

Magnus Fromreide — Sat, 16 Dec 2006 10:02:50 -0000

snmp\_udp\_transport leaks memory - the addr\_pair is never deallocated and never leaves the function so I changed it to be a local variable. The attached patch corrects this and makes a small adjustment to a debug printout as well.

5.4 : tcp connection table leaks fds

Anonymous — Fri, 08 Dec 2006 13:55:28 -0000

When compiling with IPv6 enabled the tcp connection table seems to leak file descriptors. It seems like the same file is being opened twice \(probably due to copy-paste?\), the attached patch fixes this.

5.3.1 : memory leaks in ipAddress and CidrRoute tables

Robert Story — Wed, 06 Dec 2006 15:22:39 -0000

The ipAddressTable, ipCidrRouteTable and inetCidrRouteTable tables had memory leaks that rapidly consumed memory on some systems \(especially ones with vlans, ppp and ppoe\). This patch reduces the leak.

5.4 : memory leaks in ipAddress and CidrRoute tables

Robert Story — Wed, 06 Dec 2006 15:19:45 -0000