-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 23 Jul 2020 21:35:08 +1000 Source: net-snmp Architecture: source Version: 5.8+dfsg-4 Distribution: unstable Urgency: high Maintainer: Net-SNMP Packaging Team <pkg-net-snmp-devel@lists.alioth.debian.org> Changed-By: Craig Small <csmall@debian.org> Closes: 685877 965166 Changes: net-snmp (5.8+dfsg-4) unstable; urgency=high . [ Sergio Durigan Junior ] * Fix segmentation fault that happens when using the snmpv3 protocol with snmpbulkget. (LP #1877027) (Debian Bug #963713) This is a rework of the patches introduced in the last release, to fix CVE-2019-20892. - d/p/move-securityStateRef-into-free_securityStateRef.patch: Consolidate the check of the securityStateRef pointer into the free_securityStateRef function. - d/p/prevent-snmpv3-bulkget-errors-double-free.patch: Prevent snmpv3 bulkget errors from becoming resulting in a double free. - d/p/fix-usmStateReference-free.patch: Fix typo on usm_free_usmStateReference from last patch. - d/p/unexport-struct-usmStateReference.patch: Unexport struct usmStateReference and to prevent ABI breakages, since it will be necessary to add a reference count to it. - d/p/introduce-refcount-usmStateReference.patch: Introduce refcount in the struct usmStateReference, and adjust code to properly use the field. - d/p/libsnmp-securitystateref: Rename to d/p/move-securityStateRef-into-free_securityStateRef. - d/p/doublefree_snmpusm: Rename to d/p/prevent-snmpv3-bulkget-errors-double-free.patch. . [ Debian Janitor ] * Trim trailing whitespace. . [ Craig Small ] * snmpd: Disable extend mib Closes: #965166 * Don't ignore tmpfs filesystems Closes: #685877 * snmpd: Command line uid/gid overrides configuration file Checksums-Sha1: c01f32a11ced98a4fff5b748b01128c136e37b75 2812 net-snmp_5.8+dfsg-4.dsc 49ba5e5ec5a6648d2db17434db5e864cb82d01b1 74032 net-snmp_5.8+dfsg-4.debian.tar.xz 718585cf8255958ec80c1bbdf9575a1c67b4d3ae 9896 net-snmp_5.8+dfsg-4_amd64.buildinfo Checksums-Sha256: de3b250656705ce0a4dd8378360d41fd18058c6f24bc8ff05c88120097a47cfe 2812 net-snmp_5.8+dfsg-4.dsc f4fa8f406cdd3958ce36cc5804467825f1905c474878f2d8a59e183c20da2014 74032 net-snmp_5.8+dfsg-4.debian.tar.xz cec547d8714ca9dc2429da4999a29ab5ab3ce47f68ba66545f663324cc272e72 9896 net-snmp_5.8+dfsg-4_amd64.buildinfo Files: a58ce64e3919caae4f3936f4e9495e52 2812 net optional net-snmp_5.8+dfsg-4.dsc c9d0f8ff8b7a986fb75f583504d4ca8d 74032 net optional net-snmp_5.8+dfsg-4.debian.tar.xz ec3e4d046d8c1cfd101e9227440e0ac2 9896 net optional net-snmp_5.8+dfsg-4_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXT3w9TizJ8CqeneiAiFmwP88hOMFAl8ZdsUACgkQAiFmwP88 hOPLRw/9EbPJS3QkYhYn6U2VyQZvSaw7t+c31SvrhrYdwkAFswwivR1a9WGaTGht g6e//r5r8IMZfEylIm+lRfWS8xROhfihF3QTaN80ZhR0W5XqwVFWDu2lrzeQXHe9 +dH/Skx3ajzwkVedyyt40pmb8AtKRFLeygsD+a0DJ9oz/4VsYnOtTchyFeDbeScE 4fEq5l8nGI1CYZiOQDUZewuMVVWyN5nCjow4D3rj9LygliWWA9BTEt09WwiZPc4/ JG2+xIp6dL4YEHpAWje+RuajLpWuywHlXk31QRhwqGHX3swEVf0hchoGY5qs5rKB 9v+CCG2T6XaTPX7h1OUsPyFmSH/rhweeEiRQ57mb/n4lqYeNgYI7rVnRc4J4/dJ8 zfUrXJT3oCvuZZz69runliLkjJ1SNKaJSjrf4NtOr5QeNWhOrWO3krQhzpL1MzUC mFKR2jY8rTwIAwjNz3TWprVQOiBgcwtD4cbF+aHCp8GIGiUCpAPiKBY8x5ff72m2 rheo8AULBo16gJuMVT844oXX6AA9HcHaubMboHwA9RjEZprf9z6c/eYs9wcwfJo9 gcLtFtcW+P2p5D9OvrO09TM4j7RwfbuSSyVPnHDN0XbftVfsVc3n2XzGxyxzbPox SLacoawleA9nfYsCCcJhvXbgRo5bd9FLB/vctlbZ0obfqcf+Uv4= =5iuJ -----END PGP SIGNATURE-----