Ubuntu
net-snmp package

Merge net-snmp from Debian unstable for lunar

Bug #1993419 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
net-snmp (Ubuntu)
Fix Released
Undecided
Sergio Durigan Junior
Ubuntu ubuntu-23.01

Bug Description

Scheduled-For: ubuntu-22.11
Upstream: tbd
Debian: 5.9.3+dfsg-1
Ubuntu: 5.9.3+dfsg-1ubuntu1

### New Debian Changes ###

net-snmp (5.9.3+dfsg-1) unstable; urgency=medium

  * New upstream source
  * Remove patch Link-libnetsnmptrapd-against-MYSQL_LIBS

 -- Craig Small <email address hidden> Mon, 18 Jul 2022 21:28:38 +1000

net-snmp (5.9.1+dfsg-4) unstable; urgency=medium

  * d/snmpd.postinst: Just chown $SNMP_DIR/snmpd.conf if the file exists.
    (Closes: #1012693)

 -- Sergio Durigan Junior <email address hidden> Sat, 11 Jun 2022 17:35:00 -0400

net-snmp (5.9.1+dfsg-3) unstable; urgency=medium

  [ Sergio Durigan Junior ]
  * Fix FTBFS when compiling against OpenSSL 3.0.
    - d/p/Fix-the-build-against-OpenSSL-3.0.patch: Fix FTBFS when
      compiling against OpenSSL 3.0.
    - d/p/configure-static-linking-Fix-SSL-checks.patch: Fix SSL configure
      checks. (Closes: #1006511)
  * d/snmpd.service: Start the service after network-online.target.
    Closes: #1001268

  [ Debian Janitor ]
  * Re-export upstream signing key without extra signatures.
  * Update renamed lintian tag names in lintian overrides.
  * Remove constraints unnecessary since buster:
    + Build-Depends: Drop versioned constraint on bash, debianutils, findutils
      and perl.
    + snmpd: Drop versioned constraint on lsb-base in Depends.
    + snmptrapd: Drop versioned constraint on snmp in Replaces.
    + snmptrapd: Drop versioned constraint on snmp in Breaks.
    + snmp: Drop versioned constraint on libsnmp-base in Depends.
    + libsnmp-base: Drop versioned constraint on snmp in Replaces.
    + libsnmp-base: Drop versioned constraint on snmp in Breaks.

  [ Craig Small ]
  * Update to Debian standard 4.6.1, no change

 -- Craig Small <email address hidden> Sat, 11 Jun 2022 15:31:19 +1000

net-snmp (5.9.1+dfsg-2) unstable; urgency=medium

  * Fix path for net-snmp-create-v3-user Closes: #997895
  * Use pidof for net-snmp-create-v3-user so don't need procps
  * Make snmpd.conf group readable Closes: #998152
  * Reapplied perl callback patch Closes: #1011440

 -- Craig Small <email address hidden> Wed, 25 May 2022 22:09:23 +1000

net-snmp (5.9.1+dfsg-1) unstable; urgency=medium

  [ Owen Evans ]
  * Enable Blumenthal AES-192 and AES-256 encryption Closes: #972985

  [ Ferenc Wágner ]
  * Enable systemd integration and UDP socket activation
    Closes: #983569

  [ Sergio Durigan Junior ]
  * d/libsnmp-dev.install: Don't install archive (.a) files.
    The archive files are just temporary files generated in order to
    create the final shared objects (.so), and we don't need to ship them
    in the package.

  [ Debian Janitor ]
  * Trim trailing whitespace.

  [ Vagrant Cascadian ]
  * Embed path to ps and uname. Closes: #978598

  [ Craig Small ]
  * Make the perl agent code more tolerant of perl types, thanks
    to Guillem Jover for the patch Closes: #977573
  * Make CI files use correct libmariadb-dev package names
    Closes: #975477
  * mib2c: Add recommends and fix error message Closes: #990706

  * Add configuration directory for snmpd
  * New upstream release
  * Add Recommends: procps for snmpd Closes: #993997

 -- Craig Small <email address hidden> Mon, 20 Sep 2021 21:35:58 +1000

net-snmp (5.9+dfsg-3) unstable; urgency=medium

  * Source only upload - no changes Closes: #970798

 -- Craig Small <email address hidden> Fri, 25 Sep 2020 09:10:00 +1000

net-snmp (5.9+dfsg-2) unstable; urgency=medium

  * Move SNMP.3pm back to perl package Closes: #969436
  * Moved snmptrapd library into its own package to not pull in mysql
    dependencies for snmp/snmpd Closes: #953948

 -- Craig Small <email address hidden> Sun, 06 Sep 2020 21:52:58 +1000

### Old Ubuntu Delta ###

net-snmp (5.9.3+dfsg-1ubuntu1) kinetic; urgency=medium

  * Merge with Debian unstable (LP: #1987349). Remaining changes:
    - Add apport hook:
      + d/control: add dh-apport to Build-Depends
      + d/rules: install the apport hook via debhelper
      + d/source.apport: apport hook
  * Drop changes:
    - SECURITY UPDATE: Multiple security issus
      + debian/patches/CVE-2022-248xx-1.patch: fix bounds checking in
        NET-SNMP-AGENT-MIB, NET-SNMP-VACM-MIB, SNMP-VIEW-BASED-ACM-MIB,
        SNMP-USER-BASED-SM-MIB in agent/mibgroup/agent/nsLogging.c,
        agent/mibgroup/agent/nsVacmAccessTable.c,
        agent/mibgroup/mibII/vacm_vars.c, agent/mibgroup/snmpv3/usmUser.
      + debian/patches/CVE-2022-248xx-2.patch: recover SET status from
        delegated request in agent/snmp_agent.c.
      + CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808,
        CVE-2022-24809, CVE-2022-24810
      [ Incorporated upstream. ]

 -- Sergio Durigan Junior <email address hidden> Mon, 22 Aug 2022 19:37:48 -0400

Related branches

~sergiodj/ubuntu/+source/net-snmp:merge-5.9.3+dfsg-2-lunar
git-ubuntu bot: Approve
Lena Voytek (community): Approve
Canonical Server packageset reviewers: Pending requested
Canonical Server Reporter: Pending requested
Diff: 1574 lines (+1318/-3)
6 files modified
debian/changelog (+1115/-0)
debian/control (+3/-2)
debian/patches/restore-support-for-long-dns-names.patch (+158/-0)
debian/patches/series (+1/-0)
debian/rules (+5/-1)
debian/source.apport (+36/-0)

CVE References

Sergio Durigan Junior (sergiodj)
Changed in net-snmp (Ubuntu):
assignee: nobody → Sergio Durigan Junior (sergiodj)
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Nothing to merge yet.

Changed in net-snmp (Ubuntu):
status: New → Incomplete
Revision history for this message
Bryce Harrington (bryce) wrote :

New version is available in Debian. Includes a couple CVE fixes and a cross-build fix.

 net-snmp | 5.9.3+dfsg-2 | sid | source
 net-snmp | 5.9.3+dfsg-1ubuntu3 | lunar | source

net-snmp (5.9.3+dfsg-2) unstable; urgency=medium

  [ Helmut Grohne ]
  * Fix FTCBFS: Closes: #1025922
    + Initialize architecture variables.
    + Fix build vs host confusion.
    + Use the host architecture pkg-config.
    + export a PERL5LIB for cross building.
    + cross.patch: Pass PERL5LIB along.

  [ Debian Janitor ]
  * Update lintian override info to new format on line 1, 2.
  * Use secure URI in Homepage field.

  [ Craig Small ]
  * Remove email list from maintainers
  * Add patch agent_set_null_varbind Closes: #1024020 fixes:
    + CVE-2022-44792 NULL Pointer Exception when handling ipDefaultTTL
    + CVE-2022-44793 NULL Pointer Exception when handling pv6IpForwarding

 -- Craig Small <email address hidden> Tue, 03 Jan 2023 13:01:46 +1100

Changed in net-snmp (Ubuntu):
status: Incomplete → New
summary: - Merge net-snmp from Debian unstable for l-series
+ Merge net-snmp from Debian unstable for lunar
Bryce Harrington (bryce)
Changed in net-snmp (Ubuntu):
milestone: none → ubuntu-23.01
Sergio Durigan Junior (sergiodj)
Changed in net-snmp (Ubuntu):
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package net-snmp - 5.9.3+dfsg-2ubuntu1

---------------
net-snmp (5.9.3+dfsg-2ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #1993419). Remaining changes:
    - Add apport hook:
      + d/control: add dh-apport to Build-Depends
      + d/rules: install the apport hook via debhelper
      + d/source.apport: apport hook
    - d/p/restore-support-for-long-dns-names.patch: Fix snmp requests
      for domains longer than 63 characters (LP #1998461)
  * Drop changes:
    - SECURITY UPDATE: DoS via null pointer exception issues
      + debian/patches/CVE-2022-4479x-1.patch: disallow SET with NULL varbind
        in agent/snmp_agent.c.
      + debian/patches/CVE-2022-4479x-2.patch: allow SET with NULL varbind
        for testing in apps/snmpset.c.
      + debian/patches/CVE-2022-4479x-3.patch: add test for NULL varbind set
        in testing/fulltests/default/T0142snmpv2csetnull_simple.
      + CVE-2022-44792
      + CVE-2022-44793
      [ Incorporated by Debian. ]

 -- Sergio Durigan Junior <email address hidden> Tue, 10 Jan 2023 22:54:16 -0500

Changed in net-snmp (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.