UbuntuUpdates.org

Package "snmptrapd"

Name: snmptrapd

Description:

Net-SNMP notification receiver
Latest version: 5.9.1+dfsg-1ubuntu2.8
Release: jammy (22.04)
Level: updates
Repository: universe
Head package: net-snmp
Homepage: http://net-snmp.sourceforge.net/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "snmptrapd"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "snmptrapd" in Jammy

Repository Area Version
base universe 5.9.1+dfsg-1ubuntu2
security universe 5.9.1+dfsg-1ubuntu2.4

Changelog

Version: 5.9.1+dfsg-1ubuntu2.2 2022-08-01 17:07:46 UTC

  net-snmp (5.9.1+dfsg-1ubuntu2.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Multiple security issus
    - debian/patches/CVE-2022-248xx-1.patch: fix bounds checking in
      NET-SNMP-AGENT-MIB, NET-SNMP-VACM-MIB, SNMP-VIEW-BASED-ACM-MIB,
      SNMP-USER-BASED-SM-MIB in agent/mibgroup/agent/nsLogging.c,
      agent/mibgroup/agent/nsVacmAccessTable.c,
      agent/mibgroup/mibII/vacm_vars.c, agent/mibgroup/snmpv3/usmUser.
    - debian/patches/CVE-2022-248xx-2.patch: recover SET status from
      delegated request in agent/snmp_agent.c.
    - CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808,
      CVE-2022-24809, CVE-2022-24810

 -- Marc Deslauriers <email address hidden> Mon, 25 Jul 2022 14:22:08 -0400
Source diff to previous version
CVE-2022-24805 A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access
CVE-2022-24806 Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously
CVE-2022-24807 A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access
CVE-2022-24808 A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference
CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference

Version: 5.9.1+dfsg-1ubuntu2.1 2022-05-03 20:06:23 UTC

  net-snmp (5.9.1+dfsg-1ubuntu2.1) jammy; urgency=medium

  * d/p/lp1969623-net-snmp-create-v3-user-Fix-the-snmpd.conf-path.patch:
    Set ${datarootdir} value in net-snmp-create-v3-user and fix
    error when creating user. (LP: #1969623)

 -- Sergio Durigan Junior <email address hidden> Thu, 21 Apr 2022 16:14:05 -0400
1969623 Creation of SNMPv3 user broken (Jammy/22.04)


About   -   Send Feedback to @ubuntu_updates