diff --git a/.cvsignore b/.cvsignore index 583bb27..45f3310 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -net-snmp-5.4.1.tar.gz +net-snmp-5.4.2.tar.gz diff --git a/net-snmp-5.4-64bit.patch b/net-snmp-5.4-64bit.patch deleted file mode 100644 index 4fc5f5e..0000000 --- a/net-snmp-5.4-64bit.patch +++ /dev/null @@ -1,232 +0,0 @@ -diff -up net-snmp-5.4.1/agent/mibgroup/mibII/at.c.backup_patch_5 net-snmp-5.4.1/agent/mibgroup/mibII/at.c ---- net-snmp-5.4.1/agent/mibgroup/mibII/at.c.backup_patch_5 2006-12-27 20:17:49.000000000 +0100 -+++ net-snmp-5.4.1/agent/mibgroup/mibII/at.c 2008-07-25 12:53:03.000000000 +0200 -@@ -128,9 +128,9 @@ - #ifndef solaris2 - static void ARP_Scan_Init(void); - #ifdef ARP_SCAN_FOUR_ARGUMENTS --static int ARP_Scan_Next(u_long *, char *, u_long *, u_short *); -+static int ARP_Scan_Next(u_int *, char *, u_long *, u_short *); - #else --static int ARP_Scan_Next(u_long *, char *, u_long *); -+static int ARP_Scan_Next(u_int *, char *, u_long *); - #endif - #endif - #endif -@@ -206,7 +206,8 @@ var_atEntry(struct variable *vp, - oid lowest[16]; - oid current[16]; - static char PhysAddr[6], LowPhysAddr[6]; -- u_long Addr, LowAddr, foundone; -+ u_int Addr, LowAddr, foundone; -+ static int addr_ret; - #ifdef ARP_SCAN_FOUR_ARGUMENTS - u_short ifIndex, lowIfIndex = 0; - #endif /* ARP_SCAN_FOUR_ARGUMENTS */ -@@ -316,9 +317,9 @@ var_atEntry(struct variable *vp, - *var_len = sizeof(LowPhysAddr); - return (u_char *) LowPhysAddr; - case IPMEDIANETADDRESS: /* also ATNETADDRESS */ -- *var_len = sizeof(uint32_t); -- long_return = LowAddr; -- return (u_char *) & long_return; -+ *var_len = sizeof addr_ret; -+ addr_ret = LowAddr; -+ return (u_char *) & addr_ret; - case IPMEDIATYPE: - *var_len = sizeof long_return; - long_return = lowIfType; -@@ -709,11 +710,11 @@ ARP_Scan_Init(void) - - #ifdef ARP_SCAN_FOUR_ARGUMENTS - static int --ARP_Scan_Next(u_long * IPAddr, char *PhysAddr, u_long * ifType, -+ARP_Scan_Next(u_int * IPAddr, char *PhysAddr, u_long * ifType, - u_short * ifIndex) - #else - static int --ARP_Scan_Next(u_long * IPAddr, char *PhysAddr, u_long * ifType) -+ARP_Scan_Next(u_int * IPAddr, char *PhysAddr, u_long * ifType) - #endif - { - #ifndef NETSNMP_CAN_USE_SYSCTL -diff -up net-snmp-5.4.1/agent/mibgroup/mibII/ipCidrRouteTable_access.c.backup_patch_5 net-snmp-5.4.1/agent/mibgroup/mibII/ipCidrRouteTable_access.c ---- net-snmp-5.4.1/agent/mibgroup/mibII/ipCidrRouteTable_access.c.backup_patch_5 2003-02-22 05:19:51.000000000 +0100 -+++ net-snmp-5.4.1/agent/mibgroup/mibII/ipCidrRouteTable_access.c 2008-07-25 12:53:03.000000000 +0200 -@@ -22,6 +22,7 @@ - /** a global static we'll make use of a lot to map to the right - datatype to return (which for SNMP integer's is always a long). */ - static u_long long_ret; -+static in_addr_t addr_ret; - - - /* -@@ -32,18 +33,18 @@ u_long * - get_ipCidrRouteDest(void *data_context, size_t * ret_len) - { - RTENTRY *ourroute = (RTENTRY *) data_context; -- long_ret = ((struct sockaddr_in *) (&ourroute->rt_dst))->sin_addr.s_addr; -- *ret_len = sizeof(long_ret); -- return &long_ret; -+ addr_ret = ((struct sockaddr_in *) (&ourroute->rt_dst))->sin_addr.s_addr; -+ *ret_len = sizeof(addr_ret); -+ return &addr_ret; - } - - u_long * - get_ipCidrRouteMask(void *data_context, size_t * ret_len) - { - RTENTRY *ourroute = (RTENTRY *) data_context; -- long_ret = ((struct sockaddr_in *) (&ourroute->rt_genmask))->sin_addr.s_addr; -- *ret_len = sizeof(long_ret); -- return &long_ret; -+ addr_ret = ((struct sockaddr_in *) (&ourroute->rt_genmask))->sin_addr.s_addr; -+ *ret_len = sizeof(addr_ret); -+ return &addr_ret; - } - - long * -@@ -59,9 +60,9 @@ u_long * - get_ipCidrRouteNextHop(void *data_context, size_t * ret_len) - { - RTENTRY *ourroute = (RTENTRY *) data_context; -- long_ret = ((struct sockaddr_in *) (&ourroute->rt_gateway))->sin_addr.s_addr; -- *ret_len = sizeof(long_ret); -- return &long_ret; -+ addr_ret = ((struct sockaddr_in *) (&ourroute->rt_gateway))->sin_addr.s_addr; -+ *ret_len = sizeof(addr_ret); -+ return &addr_ret; - } - - long * -diff -up net-snmp-5.4.1/agent/mibgroup/mibII/var_route.c.backup_patch_5 net-snmp-5.4.1/agent/mibgroup/mibII/var_route.c ---- net-snmp-5.4.1/agent/mibgroup/mibII/var_route.c.backup_patch_5 2006-11-07 00:43:27.000000000 +0100 -+++ net-snmp-5.4.1/agent/mibgroup/mibII/var_route.c 2008-07-25 12:53:03.000000000 +0200 -@@ -434,6 +434,7 @@ var_ipRouteEntry(struct variable * vp, - static oid saveName[MAX_OID_LEN], Current[MAX_OID_LEN]; - u_char *cp; - oid *op; -+ static in_addr_t addr_ret; - #if NEED_KLGETSA - struct sockaddr_in *sa; - #endif -@@ -538,13 +539,13 @@ var_ipRouteEntry(struct variable * vp, - - switch (vp->magic) { - case IPROUTEDEST: -- *var_len = sizeof(uint32_t); -+ *var_len = sizeof(addr_ret); - #if NEED_KLGETSA - sa = klgetsa((struct sockaddr_in *) rthead[RtIndex]->rt_dst); - return (u_char *) & (sa->sin_addr.s_addr); - #elif defined(hpux11) -- long_return = rt[RtIndex].Dest; -- return (u_char *) & long_return; -+ addr_ret = rt[RtIndex].Dest; -+ return (u_char *) & addr_ret; - #else - return (u_char *) & ((struct sockaddr_in *) &rthead[RtIndex]-> - rt_dst)->sin_addr.s_addr; -@@ -597,13 +598,13 @@ var_ipRouteEntry(struct variable * vp, - long_return = -1; - return (u_char *) & long_return; - case IPROUTENEXTHOP: -- *var_len = sizeof(uint32_t); -+ *var_len = sizeof(addr_ret); - #if NEED_KLGETSA - sa = klgetsa((struct sockaddr_in *) rthead[RtIndex]->rt_gateway); - return (u_char *) & (sa->sin_addr.s_addr); - #elif defined(hpux11) -- long_return = rt[RtIndex].NextHop; -- return (u_char *) & long_return; -+ addr_ret = rt[RtIndex].NextHop; -+ return (u_char *) & addr_ret; - #else - return (u_char *) & ((struct sockaddr_in *) &rthead[RtIndex]-> - rt_gateway)->sin_addr.s_addr; -@@ -649,14 +650,14 @@ var_ipRouteEntry(struct variable * vp, - #if NETSNMP_NO_DUMMY_VALUES - return NULL; - #endif -- long_return = 0; -+ addr_ret = 0; - #elif defined(hpux11) -- long_return = rt[RtIndex].Mask; -- return (u_char *) & long_return; -+ addr_ret = rt[RtIndex].Mask; -+ return (u_char *) & addr_ret; - #else /* !NEED_KLGETSA && !hpux11 */ - if (((struct sockaddr_in *) &rthead[RtIndex]->rt_dst)->sin_addr. - s_addr == 0) -- long_return = 0; /* Default route */ -+ addr_ret = 0; /* Default route */ - else { - #ifndef linux - if (!NETSNMP_KLOOKUP(rthead[RtIndex]->rt_ifp, -@@ -681,7 +682,7 @@ var_ipRouteEntry(struct variable * vp, - #endif /* linux */ - } - #endif /* NEED_KLGETSA */ -- return (u_char *) & long_return; -+ return (u_char *) & addr_ret; - case IPROUTEINFO: - *var_len = nullOidLen; - return (u_char *) nullOid; -diff -up net-snmp-5.4.1/agent/mibgroup/ucd-snmp/pass.c.backup_patch_5 net-snmp-5.4.1/agent/mibgroup/ucd-snmp/pass.c ---- net-snmp-5.4.1/agent/mibgroup/ucd-snmp/pass.c.backup_patch_5 2005-08-18 02:44:02.000000000 +0200 -+++ net-snmp-5.4.1/agent/mibgroup/ucd-snmp/pass.c 2008-07-25 12:53:03.000000000 +0200 -@@ -287,6 +287,7 @@ var_extensible_pass(struct variable *vp, - oid newname[MAX_OID_LEN]; - int i, rtest, fd, newlen; - static long long_ret; -+ static in_addr_t addr_ret; - char buf[SNMP_MAXBUF]; - static char buf2[SNMP_MAXBUF]; - static oid objid[MAX_OID_LEN]; -@@ -412,13 +413,13 @@ var_extensible_pass(struct variable *vp, - *var_len = 0; - return (NULL); - } -- long_ret = -+ addr_ret = - (objid[0] << (8 * 3)) + (objid[1] << (8 * 2)) + - (objid[2] << 8) + objid[3]; -- long_ret = htonl(long_ret); -- *var_len = sizeof(long_ret); -+ addr_ret = htonl(addr_ret); -+ *var_len = sizeof(addr_ret); - vp->type = ASN_IPADDRESS; -- return ((unsigned char *) &long_ret); -+ return ((unsigned char *) &addr_ret); - } - } - *var_len = 0; -diff -up net-snmp-5.4.1/agent/mibgroup/ucd-snmp/pass_persist.c.backup_patch_5 net-snmp-5.4.1/agent/mibgroup/ucd-snmp/pass_persist.c ---- net-snmp-5.4.1/agent/mibgroup/ucd-snmp/pass_persist.c.backup_patch_5 2006-10-18 04:59:10.000000000 +0200 -+++ net-snmp-5.4.1/agent/mibgroup/ucd-snmp/pass_persist.c 2008-07-25 12:53:03.000000000 +0200 -@@ -218,6 +218,7 @@ var_extensible_pass_persist(struct varia - oid newname[MAX_OID_LEN]; - int i, rtest, newlen; - static long long_ret; -+ static in_addr_t addr_ret; - char buf[SNMP_MAXBUF]; - static char buf2[SNMP_MAXBUF]; - static oid objid[MAX_OID_LEN]; -@@ -366,13 +367,13 @@ var_extensible_pass_persist(struct varia - *var_len = 0; - return (NULL); - } -- long_ret = -+ addr_ret = - (objid[0] << (8 * 3)) + (objid[1] << (8 * 2)) + - (objid[2] << 8) + objid[3]; -- long_ret = htonl(long_ret); -- *var_len = sizeof(long_ret); -+ addr_ret = htonl(addr_ret); -+ *var_len = sizeof(addr_ret); - vp->type = ASN_IPADDRESS; -- return ((unsigned char *) &long_ret); -+ return ((unsigned char *) &addr_ret); - } - } - *var_len = 0; diff --git a/net-snmp-5.4-exec-crash.patch b/net-snmp-5.4-exec-crash.patch deleted file mode 100644 index d38c4a4..0000000 --- a/net-snmp-5.4-exec-crash.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -up net-snmp-5.4.1/agent/mibgroup/agent/extend.c.backup_patch_14 net-snmp-5.4.1/agent/mibgroup/agent/extend.c ---- net-snmp-5.4.1/agent/mibgroup/agent/extend.c.backup_patch_14 2007-07-06 17:32:59.000000000 +0200 -+++ net-snmp-5.4.1/agent/mibgroup/agent/extend.c 2008-07-25 12:53:44.000000000 +0200 -@@ -450,6 +450,9 @@ extend_parse_config(const char *token, c - extension->command = strdup( exec_command ); - if (cptr) - extension->args = strdup( cptr ); -+ } else { -+ snmp_log(LOG_ERR, "Duplicate MIBOID '%s' detected in exec statement, only the first one will be used.\n", exec_name); -+ return; - } - - #ifndef USING_UCD_SNMP_EXTENSIBLE_MODULE diff --git a/net-snmp-5.4.1-hmac-check.patch b/net-snmp-5.4.1-hmac-check.patch deleted file mode 100644 index 2549955..0000000 --- a/net-snmp-5.4.1-hmac-check.patch +++ /dev/null @@ -1,19 +0,0 @@ -447974: CVE-2008-0960 net-snmp SNMPv3 authentication bypass (VU#877044) - -Source: upstream, https://sourceforge.net/tracker/index.php?func=detail&aid=1989089&group_id=12694&atid=456380 -Reviewed-by: Jan Safranek - -diff -up net-snmp-5.0.9/snmplib/scapi.c.orig net-snmp-5.0.9/snmplib/scapi.c -diff -up net-snmp-5.4.1/snmplib/scapi.c.backup_patch_17 net-snmp-5.4.1/snmplib/scapi.c ---- net-snmp-5.4.1/snmplib/scapi.c.backup_patch_17 2006-09-15 14:47:01.000000000 +0200 -+++ net-snmp-5.4.1/snmplib/scapi.c 2008-07-25 12:54:00.000000000 +0200 -@@ -562,6 +562,9 @@ sc_check_keyed_hash(const oid * authtype - QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit); - } - -+ if (maclen != USM_MD5_AND_SHA_AUTH_LEN) { -+ QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit); -+ } - - /* - * Generate a full hash of the message, then compare diff --git a/net-snmp-5.4.1-hostname.patch b/net-snmp-5.4.1-hostname.patch deleted file mode 100644 index a0a3597..0000000 --- a/net-snmp-5.4.1-hostname.patch +++ /dev/null @@ -1,215 +0,0 @@ -diff -up net-snmp-5.4.1/apps/snmptrapd_log.c.backup_patch_12 net-snmp-5.4.1/apps/snmptrapd_log.c ---- net-snmp-5.4.1/apps/snmptrapd_log.c.backup_patch_12 2007-05-31 16:39:14.000000000 +0200 -+++ net-snmp-5.4.1/apps/snmptrapd_log.c 2008-07-25 12:53:41.000000000 +0200 -@@ -626,6 +626,8 @@ realloc_handle_ip_fmt(u_char ** buf, siz - char fmt_cmd = options->cmd; /* what we're formatting */ - u_char *temp_buf = NULL; - size_t temp_buf_len = 64, temp_out_len = 0; -+ char *tstr; -+ unsigned int oflags; - - if ((temp_buf = calloc(temp_buf_len, 1)) == NULL) { - return 0; -@@ -681,130 +683,59 @@ realloc_handle_ip_fmt(u_char ** buf, siz - * Write the numerical transport information. - */ - if (transport != NULL && transport->f_fmtaddr != NULL) { -- char *tstr = -- transport->f_fmtaddr(transport, pdu->transport_data, -- pdu->transport_data_length); -- if (!snmp_strcat -- (&temp_buf, &temp_buf_len, &temp_out_len, 1, (u_char *)tstr)) { -- if (tstr != NULL) { -- free(tstr); -- } -- if (temp_buf != NULL) { -- free(temp_buf); -- } -+ oflags = transport->flags; -+ transport->flags &= ~NETSNMP_TRANSPORT_FLAG_HOSTNAME; -+ tstr = transport->f_fmtaddr(transport, pdu->transport_data, -+ pdu->transport_data_length); -+ transport->flags = oflags; -+ -+ if (!tstr) goto noip; -+ if (!snmp_strcat(&temp_buf, &temp_buf_len, &temp_out_len, -+ 1, (u_char *)tstr)) { -+ SNMP_FREE(temp_buf); -+ SNMP_FREE(tstr); - return 0; - } -- if (tstr != NULL) { -- free(tstr); -- } -+ SNMP_FREE(tstr); - } else { -- if (!snmp_strcat -- (&temp_buf, &temp_buf_len, &temp_out_len, 1, -- (const u_char*)"")) { -- if (temp_buf != NULL) { -- free(temp_buf); -- } -+noip: -+ if (!snmp_strcat(&temp_buf, &temp_buf_len, &temp_out_len, 1, -+ (const u_char*)"")) { -+ SNMP_FREE(temp_buf); - return 0; -- } -+ } - } - break; - -- /* -- * Write a host name. -- */ - case CHR_PDU_NAME: - /* -- * Right, apparently a name lookup is wanted. This is only reasonable -- * for the UDP and TCP transport domains (we don't want to try to be -- * too clever here). -+ * Try to convert the numerical transport information -+ * into a hostname. Or rather, have the transport-specific -+ * address formatting routine do this. -+ * Otherwise falls back to the numeric address format. - */ --#ifdef NETSNMP_TRANSPORT_TCP_DOMAIN -- if (transport != NULL && (transport->domain == netsnmpUDPDomain || -- transport->domain == -- netsnmp_snmpTCPDomain)) { --#else -- if (transport != NULL && transport->domain == netsnmpUDPDomain) { --#endif -- /* -- * This is kind of bletcherous -- it breaks the opacity of -- * transport_data but never mind -- the alternative is a lot of -- * munging strings from f_fmtaddr. -- */ --typedef struct netsnmp_udp_addr_pair_s { /* From snmpUDPDomain.c */ -- struct sockaddr_in remote_addr; -- struct in_addr local_addr; --} netsnmp_udp_addr_pair; -- -- netsnmp_udp_addr_pair *addr = -- (netsnmp_udp_addr_pair *) pdu->transport_data; -- if (addr != NULL -- && pdu->transport_data_length == -- sizeof(netsnmp_udp_addr_pair)) { -- if (!netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID, -- NETSNMP_DS_APP_NUMERIC_IP)) { -- host = -- gethostbyaddr((char *) &(addr->remote_addr.sin_addr), -- sizeof(struct in_addr), AF_INET); -- } -- if (host != NULL) { -- if (!snmp_strcat -- (&temp_buf, &temp_buf_len, &temp_out_len, 1, -- (u_char *)host->h_name)) { -- if (temp_buf != NULL) { -- free(temp_buf); -- } -- return 0; -- } -- } else { -- if (!snmp_strcat -- (&temp_buf, &temp_buf_len, &temp_out_len, 1, -- (u_char *)inet_ntoa(addr->remote_addr.sin_addr))) { -- if (temp_buf != NULL) { -- free(temp_buf); -- } -- return 0; -- } -- } -- } else { -- if (!snmp_strcat -- (&temp_buf, &temp_buf_len, &temp_out_len, 1, -- (const u_char*)"")) { -- if (temp_buf != NULL) { -- free(temp_buf); -- } -- return 0; -- } -- } -- } else if (transport != NULL && transport->f_fmtaddr != NULL) { -- /* -- * Some other domain for which we do not know how to do a name -- * lookup. Fall back to the formatted transport address. -- */ -- char *tstr = -- transport->f_fmtaddr(transport, pdu->transport_data, -- pdu->transport_data_length); -- if (!snmp_strcat -- (&temp_buf, &temp_buf_len, &temp_out_len, 1, (u_char *)tstr)) { -- if (tstr != NULL) { -- free(tstr); -- } -- if (temp_buf != NULL) { -- free(temp_buf); -- } -+ if (transport != NULL && transport->f_fmtaddr != NULL) { -+ oflags = transport->flags; -+ if (!netsnmp_ds_get_boolean(NETSNMP_DS_APPLICATION_ID, -+ NETSNMP_DS_APP_NUMERIC_IP)) -+ transport->flags |= NETSNMP_TRANSPORT_FLAG_HOSTNAME; -+ tstr = transport->f_fmtaddr(transport, pdu->transport_data, -+ pdu->transport_data_length); -+ transport->flags = oflags; -+ -+ if (!tstr) goto nohost; -+ if (!snmp_strcat(&temp_buf, &temp_buf_len, &temp_out_len, -+ 1, (u_char *)tstr)) { -+ SNMP_FREE(temp_buf); -+ SNMP_FREE(tstr); - return 0; - } -- if (tstr != NULL) { -- free(tstr); -- } -- } else { -- /* -- * We are kind of stuck! -- */ -+ SNMP_FREE(tstr); -+ } else { -+nohost: - if (!snmp_strcat(&temp_buf, &temp_buf_len, &temp_out_len, 1, - (const u_char*)"")) { -- if (temp_buf != NULL) { -- free(temp_buf); -- } -+ SNMP_FREE(temp_buf); - return 0; - } - } -diff -up net-snmp-5.4.1/include/net-snmp/library/snmp_transport.h.backup_patch_12 net-snmp-5.4.1/include/net-snmp/library/snmp_transport.h ---- net-snmp-5.4.1/include/net-snmp/library/snmp_transport.h.backup_patch_12 2006-10-27 22:19:44.000000000 +0200 -+++ net-snmp-5.4.1/include/net-snmp/library/snmp_transport.h 2008-07-25 12:53:41.000000000 +0200 -@@ -19,6 +19,7 @@ extern "C" { - #define NETSNMP_TRANSPORT_FLAG_STREAM 0x01 - #define NETSNMP_TRANSPORT_FLAG_LISTEN 0x02 - #define NETSNMP_TRANSPORT_FLAG_TUNNELED 0x04 -+#define NETSNMP_TRANSPORT_FLAG_HOSTNAME 0x80 /* for fmtaddr hook */ - - /* The standard SNMP domains. */ - -diff -up net-snmp-5.4.1/snmplib/snmpUDPDomain.c.backup_patch_12 net-snmp-5.4.1/snmplib/snmpUDPDomain.c ---- net-snmp-5.4.1/snmplib/snmpUDPDomain.c.backup_patch_12 2007-06-11 00:15:24.000000000 +0200 -+++ net-snmp-5.4.1/snmplib/snmpUDPDomain.c 2008-07-25 12:53:41.000000000 +0200 -@@ -90,6 +90,7 @@ static char * - netsnmp_udp_fmtaddr(netsnmp_transport *t, void *data, int len) - { - netsnmp_udp_addr_pair *addr_pair = NULL; -+ struct hostent *host; - - if (data != NULL && len == sizeof(netsnmp_udp_addr_pair)) { - addr_pair = (netsnmp_udp_addr_pair *) data; -@@ -107,6 +108,10 @@ netsnmp_udp_fmtaddr(netsnmp_transport *t - return strdup("UDP: unknown"); - } - -+ if ( t && t->flags & NETSNMP_TRANSPORT_FLAG_HOSTNAME ) { -+ host = gethostbyaddr((char *)&to->sin_addr, 4, AF_INET); -+ return (host ? strdup(host->h_name) : NULL); -+ } - sprintf(tmp, "UDP: [%s]:%hu", - inet_ntoa(to->sin_addr), ntohs(to->sin_port)); - return strdup(tmp); diff --git a/net-snmp-5.4.1-perl-set.patch b/net-snmp-5.4.1-perl-set.patch deleted file mode 100644 index 06e57ad..0000000 --- a/net-snmp-5.4.1-perl-set.patch +++ /dev/null @@ -1,44 +0,0 @@ -452131: net-snmp-perl is broken for 5.10, cannot set oids - -Source: jbjohnso@us.ibm.com, accepted upstream, SVN rev. 17097 - -diff -urN net-snmp-5.4.1/perl/SNMP/SNMP.xs net-snmp-5.4.1-f9fix/perl/SNMP/SNMP.xs -diff -up net-snmp-5.4.1/perl/SNMP/SNMP.xs.backup_patch_19 net-snmp-5.4.1/perl/SNMP/SNMP.xs ---- net-snmp-5.4.1/perl/SNMP/SNMP.xs.backup_patch_19 2008-07-25 12:54:02.000000000 +0200 -+++ net-snmp-5.4.1/perl/SNMP/SNMP.xs 2008-07-25 12:54:05.000000000 +0200 -@@ -3072,7 +3072,7 @@ snmp_set(sess_ref, varlist_ref, perl_cal - res = __add_var_val_str(pdu, oid_arr, oid_arr_len, - (varbind_val_f && SvOK(*varbind_val_f) ? - SvPV(*varbind_val_f,na):NULL), -- (varbind_val_f && SvOK(*varbind_val_f) ? -+ (varbind_val_f && SvPOK(*varbind_val_f) ? - SvCUR(*varbind_val_f):0), type); - - if (verbose && res == FAILURE) -@@ -4266,7 +4266,7 @@ snmp_trapV1(sess_ref,enterprise,agent,ge - res = __add_var_val_str(pdu, oid_arr, oid_arr_len, - (varbind_val_f && SvOK(*varbind_val_f) ? - SvPV(*varbind_val_f,na):NULL), -- (varbind_val_f && SvOK(*varbind_val_f) ? -+ (varbind_val_f && SvPOK(*varbind_val_f) ? - SvCUR(*varbind_val_f):0), - type); - -@@ -4424,7 +4424,7 @@ snmp_trapV2(sess_ref,uptime,trap_oid,var - res = __add_var_val_str(pdu, oid_arr, oid_arr_len, - (varbind_val_f && SvOK(*varbind_val_f) ? - SvPV(*varbind_val_f,na):NULL), -- (varbind_val_f && SvOK(*varbind_val_f) ? -+ (varbind_val_f && SvPOK(*varbind_val_f) ? - SvCUR(*varbind_val_f):0), - type); - -@@ -4563,7 +4563,7 @@ snmp_inform(sess_ref,uptime,trap_oid,var - res = __add_var_val_str(pdu, oid_arr, oid_arr_len, - (varbind_val_f && SvOK(*varbind_val_f) ? - SvPV(*varbind_val_f,na):NULL), -- (varbind_val_f && SvOK(*varbind_val_f) ? -+ (varbind_val_f && SvPOK(*varbind_val_f) ? - SvCUR(*varbind_val_f):0), - type); - diff --git a/net-snmp-5.4.1-perl-snprintf.patch b/net-snmp-5.4.1-perl-snprintf.patch deleted file mode 100644 index d963e84..0000000 --- a/net-snmp-5.4.1-perl-snprintf.patch +++ /dev/null @@ -1,107 +0,0 @@ -447262: CVE-2008-2292 net-snmp: buffer overflow in perl module's Perl Module __snprint_value() - -Source: upstream, http://net-snmp.svn.sourceforge.net/viewvc/net-snmp?view=rev&sortby=date&revision=16770 -Reviewed-By: Jan Safranek - -diff -up net-snmp-5.4.1/perl/SNMP/SNMP.xs.backup_patch_18 net-snmp-5.4.1/perl/SNMP/SNMP.xs ---- net-snmp-5.4.1/perl/SNMP/SNMP.xs.backup_patch_18 2007-06-19 00:28:09.000000000 +0200 -+++ net-snmp-5.4.1/perl/SNMP/SNMP.xs 2008-07-25 12:54:02.000000000 +0200 -@@ -470,14 +470,16 @@ int flag; - if (flag == USE_ENUMS) { - for(ep = tp->enums; ep; ep = ep->next) { - if (ep->value == *var->val.integer) { -- strcpy(buf, ep->label); -+ strncpy(buf, ep->label, buf_len); -+ buf[buf_len-1] = '\0'; - len = strlen(buf); - break; - } - } - } - if (!len) { -- sprintf(buf,"%ld", *var->val.integer); -+ snprintf(buf, buf_len, "%ld", *var->val.integer); -+ buf[buf_len-1] = '\0'; - len = strlen(buf); - } - break; -@@ -486,21 +488,25 @@ int flag; - case ASN_COUNTER: - case ASN_TIMETICKS: - case ASN_UINTEGER: -- sprintf(buf,"%lu", (unsigned long) *var->val.integer); -+ snprintf(buf, buf_len, "%lu", (unsigned long) *var->val.integer); -+ buf[buf_len-1] = '\0'; - len = strlen(buf); - break; - - case ASN_OCTET_STR: - case ASN_OPAQUE: -- memcpy(buf, (char*)var->val.string, var->val_len); - len = var->val_len; -+ if ( len > buf_len ) -+ len = buf_len; -+ memcpy(buf, (char*)var->val.string, len); - break; - - case ASN_IPADDRESS: -- ip = (u_char*)var->val.string; -- sprintf(buf, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]); -- len = strlen(buf); -- break; -+ ip = (u_char*)var->val.string; -+ snprintf(buf, buf_len, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]); -+ buf[buf_len-1] = '\0'; -+ len = strlen(buf); -+ break; - - case ASN_NULL: - break; -@@ -512,14 +518,14 @@ int flag; - break; - - case SNMP_ENDOFMIBVIEW: -- sprintf(buf,"%s", "ENDOFMIBVIEW"); -- break; -+ snprintf(buf, buf_len, "%s", "ENDOFMIBVIEW"); -+ break; - case SNMP_NOSUCHOBJECT: -- sprintf(buf,"%s", "NOSUCHOBJECT"); -- break; -+ snprintf(buf, buf_len, "%s", "NOSUCHOBJECT"); -+ break; - case SNMP_NOSUCHINSTANCE: -- sprintf(buf,"%s", "NOSUCHINSTANCE"); -- break; -+ snprintf(buf, buf_len, "%s", "NOSUCHINSTANCE"); -+ break; - - case ASN_COUNTER64: - #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES -@@ -538,19 +544,19 @@ int flag; - #endif - - case ASN_BIT_STR: -- snprint_bitstring(buf, sizeof(buf), var, NULL, NULL, NULL); -+ snprint_bitstring(buf, buf_len, var, NULL, NULL, NULL); - len = strlen(buf); - break; - #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES - case ASN_OPAQUE_FLOAT: -- if (var->val.floatVal) -- sprintf(buf,"%f", *var->val.floatVal); -- break; -+ if (var->val.floatVal) -+ snprintf(buf, buf_len, "%f", *var->val.floatVal); -+ break; - - case ASN_OPAQUE_DOUBLE: -- if (var->val.doubleVal) -- sprintf(buf,"%f", *var->val.doubleVal); -- break; -+ if (var->val.doubleVal) -+ snprintf(buf, buf_len, "%f", *var->val.doubleVal); -+ break; - #endif - - case ASN_NSAP: diff --git a/net-snmp.spec b/net-snmp.spec index ad76069..c42bda2 100644 --- a/net-snmp.spec +++ b/net-snmp.spec @@ -3,12 +3,12 @@ # Arches on which we need to prevent arch conflicts on net-snmp-config.h %define multilib_arches %{ix86} ia64 ppc ppc64 s390 s390x x86_64 sparc sparcv9 sparc64 -%define major_ver 5.4.1 +%define major_ver 5.4.2 Summary: A collection of SNMP protocol tools and libraries Name: net-snmp Version: %{major_ver} -Release: 22%{?dist} +Release: 1%{?dist} Epoch: 1 License: BSD and MIT @@ -28,20 +28,14 @@ Patch1: ucd-snmp-4.2.4.pre3-mnttab.patch Patch2: net-snmp-5.0.8-ipv6-sock-close.patch Patch3: net-snmp-5.0.8-readonly.patch Patch4: net-snmp-5.4.1-pie.patch -Patch5: net-snmp-5.4-64bit.patch -Patch6: net-snmp-5.1.2-dir-fix.patch -Patch7: net-snmp-5.2.1-file_offset.patch -Patch8: net-snmp-5.3.1-multilib.patch -Patch9: net-snmp-5.4.1-config_libdir.patch -Patch10: net-snmp-5.4.1-strange_libpath.patch -Patch11: net-snmp-5.4.1-hostname.patch -Patch12: net-snmp-5.4.1-shared-ip.patch -Patch13: net-snmp-5.4-exec-crash.patch -Patch14: net-snmp-5.4.1-sensors3.patch -Patch15: net-snmp-5.4.1-xen-crash.patch -Patch16: net-snmp-5.4.1-hmac-check.patch -Patch17: net-snmp-5.4.1-perl-snprintf.patch -Patch18: net-snmp-5.4.1-perl-set.patch +Patch5: net-snmp-5.1.2-dir-fix.patch +Patch6: net-snmp-5.2.1-file_offset.patch +Patch7: net-snmp-5.3.1-multilib.patch +Patch8: net-snmp-5.4.1-config_libdir.patch +Patch9: net-snmp-5.4.1-strange_libpath.patch +Patch10: net-snmp-5.4.1-shared-ip.patch +Patch11: net-snmp-5.4.1-sensors3.patch +Patch12: net-snmp-5.4.1-xen-crash.patch Requires(pre): chkconfig Requires(post): chkconfig @@ -172,20 +166,14 @@ Net-SNMP toolkit library. %patch4 -p1 -b .pie %endif -%patch5 -p1 -b .64bit -%patch6 -p1 -b .dir-fix -%patch7 -p1 -b .file_offset -%patch8 -p1 -b .multilib -%patch9 -p1 -b .libdir -%patch10 -p1 -b .libpath -%patch11 -p1 -b .hostname -%patch12 -p1 -b .shared-ip -%patch13 -p1 -b .exec -%patch14 -p1 -b .sensors -%patch15 -p1 -b .xen-crash -%patch16 -p1 -b .hmac-check -%patch17 -p1 -b .perl-snprintf -%patch18 -p1 -b .perl-set +%patch5 -p1 -b .dir-fix +%patch6 -p1 -b .file_offset +%patch7 -p1 -b .multilib +%patch8 -p1 -b .libdir +%patch9 -p1 -b .libpath +%patch10 -p1 -b .shared-ip +%patch11 -p1 -b .sensors +%patch12 -p1 -b .xen-crash # Do this patch with a perl hack... perl -pi -e "s|'\\\$install_libdir'|'%{_libdir}'|" ltmain.sh @@ -417,6 +405,9 @@ rm -rf ${RPM_BUILD_ROOT} %{_libdir}/lib*.so.* %changelog +* Wed Sep 17 2008 Jan Safranek 5.4.2-1 +- update to net-snmp-5.4.2 + * Wed Sep 10 2008 John A. Khvatov 5.4.1-22 - add net-snmp-python diff --git a/sources b/sources index 4f412b7..d318ab1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -6c974df7a5a5b1579f72115e6b045bda net-snmp-5.4.1.tar.gz +2c97d0d99e1ec89d64f6713c069079ad net-snmp-5.4.2.tar.gz