From: Baruch Siach via buildroot <buildroot@buildroot.org>
To: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Nicolas Carrier <nicolas.carrier@nav-timing.safrangroup.com>,
buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH] package/netsnmp: revert back to 5.9.3, backport security fix
Date: Thu, 16 Nov 2023 16:01:03 +0200 [thread overview]
Message-ID: <87zfzdzti5.fsf@tarshish> (raw)
In-Reply-To: <20231116135136.2337261-1-thomas.petazzoni@bootlin.com>
On Thu, Nov 16 2023, Thomas Petazzoni via buildroot wrote:
> In commit 13fc9dcb34926e9b6310b23662920c55c96d83a1, netsnmp was bumped
> from 5.9.3 to 5.9.4 to fix two CVEs.
>
> However, even though it's a minor version bump, there are actually 163
> commits upstream between those two minor releases, and some of them
> are breaking existing use-cases. In particular upstream
> a2cb167514ac0c7e1b04e8f151e0b015501362e0 now requires that config_()
> macros in MIB files are terminated with a semicolon, causing a build
> breakage with existing MIB files that were totally valid with 5.9.3.
>
> This commit therefore proposes to revert back to 5.9.3, by reverting
> those two commits:
>
> 56caafceab3ec12669ccb7aa6fc8b653778064e1 package/netsnmp: fix musl build
> 13fc9dcb34926e9b6310b23662920c55c96d83a1 package/netsnmp: security bump to version 5.9.4
>
> and instead revert the one upstream commit that fixes both CVEs.
s/revert/backport/, I guess?
baruch
--
~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
- baruch@tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2023-11-16 14:02 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-16 13:51 [Buildroot] [PATCH] package/netsnmp: revert back to 5.9.3, backport security fix Thomas Petazzoni via buildroot
2023-11-16 14:01 ` Baruch Siach via buildroot [this message]
2023-11-16 14:06 ` Thomas Petazzoni via buildroot
2023-11-26 17:34 ` Yann E. MORIN
2023-11-30 8:21 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zfzdzti5.fsf@tarshish \
--to=buildroot@buildroot.org \
--cc=baruch@tkos.co.il \
--cc=nicolas.carrier@nav-timing.safrangroup.com \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.