Merge net-snmp from Debian unstable for mantic

Bug #2018090 reported by Bryce Harrington
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
net-snmp (Ubuntu)
Incomplete
Undecided
Sergio Durigan Junior

Bug Description

Upstream: tbd
Debian: 5.9.3+dfsg-2
Ubuntu: 5.9.3+dfsg-2ubuntu3

Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle.

If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.

### New Debian Changes ###

net-snmp (5.9.3+dfsg-2) unstable; urgency=medium

  [ Helmut Grohne ]
  * Fix FTCBFS: Closes: #1025922
    + Initialize architecture variables.
    + Fix build vs host confusion.
    + Use the host architecture pkg-config.
    + export a PERL5LIB for cross building.
    + cross.patch: Pass PERL5LIB along.

  [ Debian Janitor ]
  * Update lintian override info to new format on line 1, 2.
  * Use secure URI in Homepage field.

  [ Craig Small ]
  * Remove email list from maintainers
  * Add patch agent_set_null_varbind Closes: #1024020 fixes:
    + CVE-2022-44792 NULL Pointer Exception when handling ipDefaultTTL
    + CVE-2022-44793 NULL Pointer Exception when handling pv6IpForwarding

 -- Craig Small <email address hidden> Tue, 03 Jan 2023 13:01:46 +1100

net-snmp (5.9.3+dfsg-1) unstable; urgency=medium

  * New upstream source
  * Remove patch Link-libnetsnmptrapd-against-MYSQL_LIBS

 -- Craig Small <email address hidden> Mon, 18 Jul 2022 21:28:38 +1000

net-snmp (5.9.1+dfsg-4) unstable; urgency=medium

  * d/snmpd.postinst: Just chown $SNMP_DIR/snmpd.conf if the file exists.
    (Closes: #1012693)

 -- Sergio Durigan Junior <email address hidden> Sat, 11 Jun 2022 17:35:00 -0400

net-snmp (5.9.1+dfsg-3) unstable; urgency=medium

  [ Sergio Durigan Junior ]
  * Fix FTBFS when compiling against OpenSSL 3.0.
    - d/p/Fix-the-build-against-OpenSSL-3.0.patch: Fix FTBFS when
      compiling against OpenSSL 3.0.
    - d/p/configure-static-linking-Fix-SSL-checks.patch: Fix SSL configure
      checks. (Closes: #1006511)
  * d/snmpd.service: Start the service after network-online.target.
    Closes: #1001268

  [ Debian Janitor ]
  * Re-export upstream signing key without extra signatures.
  * Update renamed lintian tag names in lintian overrides.
  * Remove constraints unnecessary since buster:
    + Build-Depends: Drop versioned constraint on bash, debianutils, findutils
      and perl.
    + snmpd: Drop versioned constraint on lsb-base in Depends.
    + snmptrapd: Drop versioned constraint on snmp in Replaces.
    + snmptrapd: Drop versioned constraint on snmp in Breaks.
    + snmp: Drop versioned constraint on libsnmp-base in Depends.
    + libsnmp-base: Drop versioned constraint on snmp in Replaces.
    + libsnmp-base: Drop versioned constraint on snmp in Breaks.

  [ Craig Small ]
  * Update to Debian standard 4.6.1, no change

 -- Craig Small <email address hidden> Sat, 11 Jun 2022 15:31:19 +1000

net-snmp (5.9.1+dfsg-2) unstable; urgency=medium

  * Fix path for net-snmp-create-v3-user Closes: #997895
  * Use pidof for net-snmp-create-v3-user so don't need procps
  * Make snmpd.conf group readable Closes: #998152
  * Reapplied perl callback patch Closes: #1011440

 -- Craig Small <email address hidden> Wed, 25 May 2022 22:09:23 +1000

net-snmp (5.9.1+dfsg-1) unstable; urgency=medium

  [ Owen Evans ]
  * Enable Blumenthal AES-192 and AES-256 encryption Closes: #972985

  [ Ferenc Wágner ]
  * Enable systemd integration and UDP socket activation
    Closes: #983569

  [ Sergio Durigan Junior ]
  * d/libsnmp-dev.install: Don't install archive (.a) files.
    The archive files are just temporary files generated in order to
    create the final shared objects (.so), and we don't need to ship them
    in the package.

  [ Debian Janitor ]
  * Trim trailing whitespace.

  [ Vagrant Cascadian ]
  * Embed path to ps and uname. Closes: #978598

  [ Craig Small ]
  * Make the perl agent code more tolerant of perl types, thanks
    to Guillem Jover for the patch Closes: #977573
  * Make CI files use correct libmariadb-dev package names
    Closes: #975477

### Old Ubuntu Delta ###

net-snmp (5.9.3+dfsg-2ubuntu3) lunar; urgency=medium

  * d/p/add-overlay-support.patch: Add Docker's 'overlay' filesystem
    (LP: #2007856)

 -- Bryce Harrington <email address hidden> Wed, 22 Mar 2023 18:42:02 -0700

net-snmp (5.9.3+dfsg-2ubuntu2) lunar; urgency=medium

  * Fix snmptrapd reconnection issue after hitting MySQL wait_timeout
    (LP: #1999711)
    - d/p/snmptrapd-mysql-reconnection-after-hitting-wait_timeout.patch

 -- Chengen Du <email address hidden> Thu, 16 Feb 2023 20:16:57 -0300

net-snmp (5.9.3+dfsg-2ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #1993419). Remaining changes:
    - Add apport hook:
      + d/control: add dh-apport to Build-Depends
      + d/rules: install the apport hook via debhelper
      + d/source.apport: apport hook
    - d/p/restore-support-for-long-dns-names.patch: Fix snmp requests
      for domains longer than 63 characters (LP #1998461)
  * Drop changes:
    - SECURITY UPDATE: DoS via null pointer exception issues
      + debian/patches/CVE-2022-4479x-1.patch: disallow SET with NULL varbind
        in agent/snmp_agent.c.
      + debian/patches/CVE-2022-4479x-2.patch: allow SET with NULL varbind
        for testing in apps/snmpset.c.
      + debian/patches/CVE-2022-4479x-3.patch: add test for NULL varbind set
        in testing/fulltests/default/T0142snmpv2csetnull_simple.
      + CVE-2022-44792
      + CVE-2022-44793
      [ Incorporated by Debian. ]

 -- Sergio Durigan Junior <email address hidden> Tue, 10 Jan 2023 22:54:16 -0500

Bryce Harrington (bryce)
Changed in net-snmp (Ubuntu):
milestone: none → ubuntu-23.07
Changed in net-snmp (Ubuntu):
assignee: nobody → Sergio Durigan Junior (sergiodj)
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Nothing to merge yet.

Changed in net-snmp (Ubuntu):
status: New → Incomplete
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.