net-snmp - Debian Package Tracker

general

source: net-snmp (main)
version: 5.9.3+dfsg-1
maintainer: Debian SNMP Team (DMD)
uploaders: Craig Small [DMD] – Noah Meyerhans [DMD] – Thomas Anders [DMD]
arch: all any
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 5.7.3+dfsg-1.7+deb9u1
o-o-sec: 5.7.3+dfsg-1.7+deb9u3
oldstable: 5.7.3+dfsg-5+deb10u2
old-sec: 5.7.3+dfsg-5+deb10u3
stable: 5.9+dfsg-4+deb11u1
stable-sec: 5.9+dfsg-4+deb11u1
testing: 5.9.3+dfsg-1
unstable: 5.9.3+dfsg-1

versioned links

5.7.3+dfsg-1.7+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.7.3+dfsg-1.7+deb9u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.7.3+dfsg-5+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.7.3+dfsg-5+deb10u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.9+dfsg-4+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.9.3+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libnetsnmptrapd40
libsnmp-base
libsnmp-dev (3 bugs: 0, 3, 0, 0)
libsnmp-perl
libsnmp40
snmp (5 bugs: 0, 5, 0, 0)
snmpd (3 bugs: 0, 3, 0, 0)
snmptrapd
tkmib

action needed

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2022-44792: handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2022-44793: handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Created: 2022-11-07 Last update: 2022-11-29 09:37

2 security issues in buster high

There are 2 open security issues in buster.

2 important issues:

CVE-2022-44792: handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2022-44793: handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Created: 2022-11-07 Last update: 2022-11-29 09:37

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2022-44792: handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2022-44793: handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Created: 2022-11-07 Last update: 2022-11-29 09:37

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2022-10-29 Last update: 2022-12-04 18:05

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 5.9.3+dfsg-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 16113e32e0855e91e1202d076b8276bf52406f1b
Author: Craig Small <csmall@debian.org>
Date:   Mon Nov 21 19:36:54 2022 +1100

    d/control: Adjust maintainers
    
    Removed snmp list from maintainers, its basically used for spam
    catching now. Made myself the maintainer.
    
    Removed Thomas Anders and Noah Meyerhans from Uploaders. Thankyou
    for your previous contributions but its been a while.

commit a972b979a136e1ab1cbd789aa17023377d93f2b0
Merge: 82dd72b 0c0cc58
Author: Jelmer Vernooĳ <jelmer@debian.org>
Date:   Sun Oct 30 14:00:18 2022 +0000

    Merge branch 'lintian-fixes' into 'master'
    
    Fix some issues reported by lintian
    
    See merge request debian/net-snmp!14

commit 0c0cc58a4e484e0c650f651b417fa85ab7b48e63
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Mon Oct 24 00:00:53 2022 +0000

    Use secure URI in Homepage field.
    
    Changes-By: lintian-brush
    Fixes: lintian: homepage-field-uses-insecure-uri
    See-also: https://lintian.debian.org/tags/homepage-field-uses-insecure-uri.html

commit a944fb0b4260c644aaeb1e8488299398852f9ec0
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Mon Oct 24 00:00:49 2022 +0000

    Update lintian override info to new format on line 1, 2.
    
    Changes-By: lintian-brush
    Fixes: lintian: mismatched-override
    See-also: https://lintian.debian.org/tags/mismatched-override.html

Created: 2022-10-30 Last update: 2022-11-28 09:44

lintian reports 23 warnings normal

Lintian reports 23 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-10-13 Last update: 2022-10-19 22:34

2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

2 issues left for the package maintainer to handle:

CVE-2022-44792: (needs triaging) handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2022-44793: (needs triaging) handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-11-07 Last update: 2022-11-29 09:37

news

[rss feed]

[2022-08-30] Accepted net-snmp 5.7.3+dfsg-5+deb10u3 (source) into oldstable (Thorsten Alteholz)
[2022-08-22] Accepted net-snmp 5.9+dfsg-4+deb11u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Craig Small)
[2022-08-16] Accepted net-snmp 5.9+dfsg-4+deb11u1 (source amd64 all) into stable-security->embargoed, stable-security (Debian FTP Masters) (signed by: Craig Small)
[2022-07-25] net-snmp 5.9.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-07-18] Accepted net-snmp 5.9.3+dfsg-1 (source) into unstable (Craig Small)
[2022-06-17] net-snmp 5.9.1+dfsg-4 MIGRATED to testing (Debian testing watch)
[2022-06-13] Accepted net-snmp 5.9.1+dfsg-4 (source) into unstable (Sergio Durigan Junior) (signed by: Craig Small)
[2022-06-11] Accepted net-snmp 5.9.1+dfsg-3 (source) into unstable (Craig Small)
[2022-05-25] Accepted net-snmp 5.9.1+dfsg-2 (source) into unstable (Craig Small)
[2021-10-13] net-snmp 5.9.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-09-20] Accepted net-snmp 5.9.1+dfsg-1 (source) into unstable (Craig Small)
[2021-01-30] Accepted net-snmp 5.7.3+dfsg-5+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Craig Small)
[2020-09-27] net-snmp 5.9+dfsg-3 MIGRATED to testing (Debian testing watch)
[2020-09-24] Accepted net-snmp 5.9+dfsg-3 (source) into unstable (Craig Small)
[2020-09-11] Accepted net-snmp 5.9+dfsg-2 (source amd64 all) into unstable, unstable (Debian FTP Masters) (signed by: Craig Small)
[2020-09-02] Accepted net-snmp 5.9+dfsg-1 (source all amd64) into unstable, unstable (Debian FTP Masters) (signed by: Craig Small)
[2020-08-24] Accepted net-snmp 5.7.3+dfsg-5+deb10u1 (source all amd64) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Craig Small)
[2020-08-15] Accepted net-snmp 5.7.3+dfsg-5+deb10u1 (source all amd64) into stable->embargoed, stable (Debian FTP Masters) (signed by: Craig Small)
[2020-08-04] Accepted net-snmp 5.7.3+dfsg-1.7+deb9u3 (source all amd64) into oldstable (Chris Lamb)
[2020-08-02] net-snmp 5.8+dfsg-5 MIGRATED to testing (Debian testing watch)
[2020-07-31] Accepted net-snmp 5.8+dfsg-5 (source) into unstable (Craig Small)
[2020-07-30] Accepted net-snmp 5.7.3+dfsg-1.7+deb9u2 (source all amd64) into oldstable (Chris Lamb)
[2020-07-28] net-snmp 5.8+dfsg-4 MIGRATED to testing (Debian testing watch)
[2020-07-23] Accepted net-snmp 5.8+dfsg-4 (source) into unstable (Craig Small)
[2020-07-04] net-snmp 5.8+dfsg-3 MIGRATED to testing (Debian testing watch)
[2020-07-02] Accepted net-snmp 5.8+dfsg-3 (source) into unstable (Craig Small)
[2019-10-25] net-snmp 5.8+dfsg-2 MIGRATED to testing (Debian testing watch)
[2019-10-22] Accepted net-snmp 5.8+dfsg-2 (source) into unstable (Craig Small)
[2019-10-13] Accepted net-snmp 5.8+dfsg-1 (source all amd64) into unstable, unstable (Craig Small)
[2019-01-10] net-snmp 5.7.3+dfsg-5 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 14 16
RC: 0
I&N: 10 12
M&W: 2
F&P: 2
patch: 0

links

homepage
lintian (0, 23)
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
l10n (99, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.9.3+dfsg-1ubuntu1
33 bugs (5 patches)
patches for 5.9.3+dfsg-1ubuntu1