mirror of
git://slackware.nl/current.git
synced 2024-12-29 10:25:00 +01:00
7e93037632
patches/packages/net-snmp-5.9.3-x86_64-1_slack15.0.txz: Upgraded.
This update fixes security issues:
A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause
an out-of-bounds memory access.
A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL
pointer dereference.
Improper Input Validation when SETing malformed OIDs in master agent and
subagent simultaneously.
A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable
can cause an out-of-bounds memory access.
A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a
NULL pointer dereference.
A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer
dereference.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810
(* Security fix *)
24 lines
689 B
Bash
24 lines
689 B
Bash
#!/bin/sh
|
|
config() {
|
|
NEW="$1"
|
|
OLD="`dirname $NEW`/`basename $NEW .new`"
|
|
# If there's no config file by that name, mv it over:
|
|
if [ ! -r $OLD ]; then
|
|
mv $NEW $OLD
|
|
elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
|
|
rm $NEW
|
|
fi
|
|
# Otherwise, we leave the .new copy for the admin to consider...
|
|
}
|
|
|
|
# Keep same perms on rc.snmpd.new:
|
|
if [ -e etc/rc.d/rc.snmpd ]; then
|
|
cp -a etc/rc.d/rc.snmpd etc/rc.d/rc.snmpd.new.incoming
|
|
cat etc/rc.d/rc.snmpd.new > etc/rc.d/rc.snmpd.new.incoming
|
|
mv etc/rc.d/rc.snmpd.new.incoming etc/rc.d/rc.snmpd.new
|
|
fi
|
|
|
|
config etc/snmp/snmpd.conf.new
|
|
config etc/rc.d/rc.snmpd.new
|
|
config etc/default/snmpd.new
|
|
|