Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
To: Peter Korsgaard <peter@korsgaard.com>
Cc: buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH] package/netsnmp: security bump to version 5.9.3
Date: Fri, 25 Nov 2022 23:06:35 +0100	[thread overview]
Message-ID: <20221125230635.4f07d7db@windsurf> (raw)
In-Reply-To: <20221125140907.3796987-1-peter@korsgaard.com>

On Fri, 25 Nov 2022 15:09:06 +0100
Peter Korsgaard <peter@korsgaard.com> wrote:

> Fixes the following security issues:
> 
> - CVE-2022-24805 A buffer overflow in the handling of the INDEX of
>   NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
> 
> - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable can
>   cause a NULL pointer dereference.
> 
> - CVE-2022-24806 Improper Input Validation when SETing malformed OIDs in
>   master agent and subagent simultaneously
> 
> - CVE-2022-24807 A malformed OID in a SET request to
>   SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory
>   access.
> 
> - CVE-2022-24808 A malformed OID in a SET request to
>   NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
> 
> - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
>   can cause a NULL pointer dereference.
> 
> Drop openssl linking patches as they are merged upstream / upstream changed
> to use pkg-config for openssl since:
> 
> https://github.com/net-snmp/net-snmp/commit/8c3a094fbe9ebe38ed762488082d52c6d4e04ddb
> 
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> ---
> ./utils/test-pkg -c test.pkg -p netsnmp -a
>                              arm-aarch64 [ 1/44]: OK
>                    bootlin-aarch64-glibc [ 2/44]: OK
>                bootlin-arcle-hs38-uclibc [ 3/44]: OK
>                     bootlin-armv5-uclibc [ 4/44]: OK
>                      bootlin-armv7-glibc [ 5/44]: OK
>                    bootlin-armv7m-uclibc [ 6/44]: SKIPPED
>                       bootlin-armv7-musl [ 7/44]: OK
>                 bootlin-m68k-5208-uclibc [ 8/44]: SKIPPED
>                bootlin-m68k-68040-uclibc [ 9/44]: OK
>              bootlin-microblazeel-uclibc [10/44]: OK
>                 bootlin-mipsel32r6-glibc [11/44]: OK
>                    bootlin-mipsel-uclibc [12/44]: OK
>                      bootlin-nios2-glibc [13/44]: OK
>                  bootlin-openrisc-uclibc [14/44]: OK
>         bootlin-powerpc64le-power8-glibc [15/44]: OK
>            bootlin-powerpc-e500mc-uclibc [16/44]: OK
>                    bootlin-riscv32-glibc [17/44]: OK
>                    bootlin-riscv64-glibc [18/44]: OK
>                     bootlin-riscv64-musl [19/44]: OK
>                       bootlin-sh4-uclibc [20/44]: OK
>                    bootlin-sparc64-glibc [21/44]: OK
>                     bootlin-sparc-uclibc [22/44]: OK
>                     bootlin-x86-64-glibc [23/44]: OK
>                      bootlin-x86-64-musl [24/44]: OK
>                    bootlin-x86-64-uclibc [25/44]: OK
>                    bootlin-xtensa-uclibc [26/44]: OK
>                             br-arm-basic [27/44]: OK
>                     br-arm-full-nothread [28/44]: OK
>                       br-arm-full-static [29/44]: OK
>                    br-i386-pentium4-full [30/44]: OK
>                 br-i386-pentium-mmx-musl [31/44]: OK
>                       br-mips64-n64-full [32/44]: OK
>                  br-mips64r6-el-hf-glibc [33/44]: OK
>                br-powerpc-603e-basic-cpp [34/44]: OK
>                br-powerpc64-power7-glibc [35/44]: OK
>                        linaro-aarch64-be [36/44]: OK
>                           linaro-aarch64 [37/44]: OK
>                               linaro-arm [38/44]: OK
>                      sourcery-arm-armv4t [39/44]: OK
>                             sourcery-arm [40/44]: OK
>                      sourcery-arm-thumb2 [41/44]: OK
>                          sourcery-mips64 [42/44]: OK
>                            sourcery-mips [43/44]: OK
>                           sourcery-nios2 [44/44]: OK
> 44 builds, 2 skipped, 0 build failed, 0 legal-info failed, 0 show-info failed

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

  reply	other threads:[~2022-11-25 22:06 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-25 14:09 [Buildroot] [PATCH] package/netsnmp: security bump to version 5.9.3 Peter Korsgaard
2022-11-25 22:06 ` Thomas Petazzoni via buildroot [this message]
2022-12-06 22:11 ` Peter Korsgaard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221125230635.4f07d7db@windsurf \
    --to=buildroot@buildroot.org \
    --cc=peter@korsgaard.com \
    --cc=thomas.petazzoni@bootlin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox