From nobody Sat Mar 02 16:13:41 2024 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Tn94P5J3jz5CVlS for ; Sat, 2 Mar 2024 16:13:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Tn94P2vRKz46sr for ; Sat, 2 Mar 2024 16:13:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1709396021; a=rsa-sha256; cv=none; b=w0oqU8tDRCF9muvtOq//BLvg2GarUEwaisn7D3j7UQNUxmEpIZzHAy0Dv75CKFmIqCPOj3 EipDJHZ2fnk8HrUDHMjPJodrfwOiDosqOGe8Hkg7QHI82pTM2aUHrnJwRPXkEfqn2eVAjA 8WEvHrphJVk/GfL2SE5hxTOFo3gA1PkAuf44BX7Gc67KX5NhxQfWMqketeZBxy9yNHiQfo 4rnxQNwT3x64f67HEVrMQrynEripfyLn6pCPyuKtDRotWIikF7Ynllp1K4f8cCa+IwEkpe SnT9ClewaSRvWpZexXRXsQzhjU+k52MjnNehW9aSP8abr7p7aAeqdtgxKdTjJQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1709396021; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5lUP8kcOvDJ8ZFWbWh8iUxCnygFWcYvfN7LNtbYeGpg=; b=CBC1oG/hDp5hwOta9WHpPi7sm8hhltwdjiXDZo8XdlQ/vd3U3RGvnYQOvNS6+ApV1AZ4Zc AdgqVlalXbxzTaXeVb/W4JEMUdVnoegUBzAH0Pp3rl+eNl4SQ4k1i9KA53xWVKk1CE8Qhm mtfIOwjJRxt/h1uqqcyEmMQP3bpFgHm95yHwJkANmDpbsEyejGyjPkPNizBcn0qB45w/3i UVlJ68B6qQalLEyZs2WmCO9/VcpbNTE1c08DmRL80oR26T80oPU3VpLfaV7cx6ESUWVdy9 SHMXy2GvDCM8ltWkkQIc8kL7Rl4ooE+F8tnRNCFDjXUUBs66jpHRRYe4/Jhq1w== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Tn94P2X15z1GlD for ; Sat, 2 Mar 2024 16:13:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 422GDfLg028259 for ; Sat, 2 Mar 2024 16:13:41 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 422GDfbn028257 for ports-bugs@FreeBSD.org; Sat, 2 Mar 2024 16:13:41 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 277436] net-mgmt/net-snmp: update to 5.9.4 Date: Sat, 02 Mar 2024 16:13:41 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: rozhuk.im@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: zi@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277436 Bug ID: 277436 Summary: net-mgmt/net-snmp: update to 5.9.4 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: zi@FreeBSD.org Reporter: rozhuk.im@gmail.com Assignee: zi@FreeBSD.org Flags: maintainer-feedback?(zi@FreeBSD.org) Created attachment 248876 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D248876&action= =3Dedit patch *5.9.4*: IMPORTANT: SNMP over TLS and/or DTLS are not functioning properly in this release with various versions of OpenSSL and will be fixed in a future release. libsnmp: - Remove the SNMP_SWIPE_MEM() macro Remove this macro since it is not used in the Net-SNMP code base. - DISPLAY-HINT fixes - Miscellanious improvements to the transports - Handle multiple oldEngineID configuration lines=20 - fixes for DNS names longer than 63 characters agent: - Added a ignoremount configuration option for the HOST-MIB - disallow SETs with a NULL varbind - fix the --enable-minimalist build apps: - snmpset: allow SET with NULL varbind for testing - snmptrapd: improved MySQL logging code general: - configure: Remove -Wno-deprecated as it is no longer needed - miscellanious ther bug fixes, build fixes and cleanups *5.9.3*: security: - These two CVEs can be exploited by a user with read-only credential= s: - CVE-2022-24805=C2=A0A buffer overflow in the handling of the IN= DEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. - CVE-2022-24809=C2=A0A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. - These CVEs can be exploited by a user with read-write credentials: - CVE-2022-24806=C2=A0Improper Input Validation when SETing malfo= rmed OIDs in master agent and subagent simultaneously - CVE-2022-24807=C2=A0A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. - CVE-2022-24808=C2=A0A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer derefer= ence - CVE-2022-24810=C2=A0A malformed OID in a SET to the nsVacmAcces= sTable can cause a NULL pointer dereference. - To avoid these flaws, use strong SNMPv3 credentials and do not share them. If you must use SNMPv1 or SNMPv2c, use a complex community string and enhance the protection by restricting access to a given IP addr= ess range. - Thanks are due to=C2=A0Yu Zhang of VARAS@IIE and Nanyu Zhong of VAR= AS@IIE for reporting the following CVEs that have been fixed in this release, = and to Arista Networks for providing fixes. Windows: - WinExtDLL: Fix multiple compiler warnings - WinExtDLL: Make long strings occupy a single line Make it easier to look up error messages in the source code by making long strings occupy a single source code line. - WinExtDLL: Restore MIB-II support Make winExtDLL work on 64-bit Windows systems") caused snmpd to skip MIB-II on 64-bit systems. IF-MIB: Update ifTable entries even if the interface name has changed At least on Linux a network interface index may be reused for a network interface with a different name. Hence this patch that enables replacing network interface information even if the network interface name has changed. unspecified: - Moved transport code into a separate subdirectory in snmplib - Snmplib: remove inline versions of container funcs". misc: - snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is expanded in ${datarootdir} so datarootdir must be set before @datadir@ is used. *5.9.2*: skipped due to a last minute library versioning found bug -- use 5.9.3 instead --=20 You are receiving this mail because: You are the assignee for the bug.=