review.tizen.org Git - scm/bb/tizen-distro.git/commit

author	Roy Li <rongqing.li@windriver.com>
	Tue, 4 Nov 2014 06:09:29 +0000 (14:09 +0800)
committer	Patrick Ohly <patrick.ohly@intel.com>
	Fri, 9 Jan 2015 17:19:14 +0000 (09:19 -0800)
commit	59cc0dc784ff2c6731734ec195103cca27eb7a80
tree	61408ff06a80da1e18eb61ac61095ae4ff448dc7	tree \| snapshot
parent	7ab1349db44bc6fdb48a96b7e14e8da9d45ac69d	commit \| diff

net-snmp: fix for Security Advisory - CVE-2014-3565

snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used,
allows remote attackers to cause a denial of service (snmptrapd crash) via
a crafted SNMP trap message, which triggers a conversion to the variable
type designated in the MIB file, as demonstrated by a NULL type in an ifMtu
trap message.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3565

(From meta-openembedded rev: 2b6d61791f6a3db9367a81acdc58486a1369f38b)

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>

meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-Added-checks-for-printing-variables-with-wrong-types.patch	[new file with mode: 0644]	blob
meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb		diff \| blob \| history