import net-snmp-5.8-19.el8
This commit is contained in:
parent
dac47ded42
commit
a11633299b
70
SOURCES/net-snmp-5.7.2-CVE-2020-15862.patch
Normal file
70
SOURCES/net-snmp-5.7.2-CVE-2020-15862.patch
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
diff -urNp old/agent/mibgroup/agent/extend.c new/agent/mibgroup/agent/extend.c
|
||||||
|
--- old/agent/mibgroup/agent/extend.c 2020-11-11 12:41:46.377115142 +0100
|
||||||
|
+++ new/agent/mibgroup/agent/extend.c 2020-11-11 12:50:28.047142105 +0100
|
||||||
|
@@ -16,6 +16,12 @@
|
||||||
|
#define SHELLCOMMAND 3
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+/* This mib is potentially dangerous to turn on by default, since it
|
||||||
|
+ * allows arbitrary commands to be set by anyone with SNMP WRITE
|
||||||
|
+ * access to the MIB table. If all of your users are "root" level
|
||||||
|
+ * users, then it may be safe to turn on. */
|
||||||
|
+#define ENABLE_EXTEND_WRITE_ACCESS 0
|
||||||
|
+
|
||||||
|
netsnmp_feature_require(extract_table_row_data)
|
||||||
|
netsnmp_feature_require(table_data_delete_table)
|
||||||
|
#ifndef NETSNMP_NO_WRITE_SUPPORT
|
||||||
|
@@ -723,7 +729,7 @@ handle_nsExtendConfigTable(netsnmp_mib_h
|
||||||
|
*
|
||||||
|
**********/
|
||||||
|
|
||||||
|
-#ifndef NETSNMP_NO_WRITE_SUPPORT
|
||||||
|
+#if !defined(NETSNMP_NO_WRITE_SUPPORT) && ENABLE_EXTEND_WRITE_ACCESS
|
||||||
|
case MODE_SET_RESERVE1:
|
||||||
|
/*
|
||||||
|
* Validate the new assignments
|
||||||
|
@@ -1049,7 +1055,7 @@ handle_nsExtendConfigTable(netsnmp_mib_h
|
||||||
|
}
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
-#endif /* !NETSNMP_NO_WRITE_SUPPORT */
|
||||||
|
+#endif /* !NETSNMP_NO_WRITE_SUPPORT and ENABLE_EXTEND_WRITE_ACCESS */
|
||||||
|
|
||||||
|
default:
|
||||||
|
netsnmp_set_request_error(reqinfo, request, SNMP_ERR_GENERR);
|
||||||
|
@@ -1057,7 +1063,7 @@ handle_nsExtendConfigTable(netsnmp_mib_h
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
-#ifndef NETSNMP_NO_WRITE_SUPPORT
|
||||||
|
+#if !defined(NETSNMP_NO_WRITE_SUPPORT) && ENABLE_EXTEND_WRITE_ACCESS
|
||||||
|
/*
|
||||||
|
* If we're marking a given row as active,
|
||||||
|
* then we need to check that it's ready.
|
||||||
|
@@ -1082,7 +1088,7 @@ handle_nsExtendConfigTable(netsnmp_mib_h
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
-#endif /* !NETSNMP_NO_WRITE_SUPPORT */
|
||||||
|
+#endif /* !NETSNMP_NO_WRITE_SUPPORT && ENABLE_EXTEND_WRITE_ACCESS */
|
||||||
|
|
||||||
|
return SNMP_ERR_NOERROR;
|
||||||
|
}
|
||||||
|
@@ -1571,7 +1577,7 @@ fixExec2Error(int action,
|
||||||
|
idx = name[name_len-1] -1;
|
||||||
|
exten = &compatability_entries[ idx ];
|
||||||
|
|
||||||
|
-#ifndef NETSNMP_NO_WRITE_SUPPORT
|
||||||
|
+#if !defined(NETSNMP_NO_WRITE_SUPPORT) && ENABLE_EXTEND_WRITE_ACCESS
|
||||||
|
switch (action) {
|
||||||
|
case MODE_SET_RESERVE1:
|
||||||
|
if (var_val_type != ASN_INTEGER) {
|
||||||
|
@@ -1592,7 +1598,7 @@ fixExec2Error(int action,
|
||||||
|
case MODE_SET_COMMIT:
|
||||||
|
netsnmp_cache_check_and_reload( exten->efix_entry->cache );
|
||||||
|
}
|
||||||
|
-#endif /* !NETSNMP_NO_WRITE_SUPPORT */
|
||||||
|
+#endif /* !NETSNMP_NO_WRITE_SUPPORT && ENABLE_EXTEND_WRITE_ACCESS */
|
||||||
|
return SNMP_ERR_NOERROR;
|
||||||
|
}
|
||||||
|
#endif /* USING_UCD_SNMP_EXTENSIBLE_MODULE */
|
51
SOURCES/net-snmp-5.8-bulk.patch
Normal file
51
SOURCES/net-snmp-5.8-bulk.patch
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
diff -urNp a/snmplib/snmp_api.c b/snmplib/snmp_api.c
|
||||||
|
--- a/snmplib/snmp_api.c 2020-09-29 14:08:09.821479662 +0200
|
||||||
|
+++ b/snmplib/snmp_api.c 2020-10-01 10:15:46.607374362 +0200
|
||||||
|
@@ -769,7 +769,7 @@ snmp_sess_init(netsnmp_session * session
|
||||||
|
session->retries = SNMP_DEFAULT_RETRIES;
|
||||||
|
session->version = SNMP_DEFAULT_VERSION;
|
||||||
|
session->securityModel = SNMP_DEFAULT_SECMODEL;
|
||||||
|
- session->rcvMsgMaxSize = SNMP_MAX_MSG_SIZE;
|
||||||
|
+ session->rcvMsgMaxSize = netsnmp_max_send_msg_size();
|
||||||
|
session->sndMsgMaxSize = netsnmp_max_send_msg_size();
|
||||||
|
session->flags |= SNMP_FLAGS_DONT_PROBE;
|
||||||
|
}
|
||||||
|
@@ -2731,7 +2731,7 @@ snmpv3_packet_build(netsnmp_session * se
|
||||||
|
/*
|
||||||
|
* build a scopedPDU structure into spdu_buf
|
||||||
|
*/
|
||||||
|
- spdu_buf_len = SNMP_MAX_MSG_SIZE;
|
||||||
|
+ spdu_buf_len = sizeof(spdu_buf);
|
||||||
|
DEBUGDUMPSECTION("send", "ScopedPdu");
|
||||||
|
cp = snmpv3_scopedPDU_header_build(pdu, spdu_buf, &spdu_buf_len,
|
||||||
|
&spdu_hdr_e);
|
||||||
|
@@ -2743,6 +2743,11 @@ snmpv3_packet_build(netsnmp_session * se
|
||||||
|
*/
|
||||||
|
DEBUGPRINTPDUTYPE("send", ((pdu_data) ? *pdu_data : 0x00));
|
||||||
|
if (pdu_data) {
|
||||||
|
+ if (cp + pdu_data_len > spdu_buf + sizeof(spdu_buf)) {
|
||||||
|
+ snmp_log(LOG_ERR, "%s: PDU too big (%" NETSNMP_PRIz "d > %" NETSNMP_PRIz "d)\n",
|
||||||
|
+ __func__, pdu_data_len, sizeof(spdu_buf));
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
memcpy(cp, pdu_data, pdu_data_len);
|
||||||
|
cp += pdu_data_len;
|
||||||
|
} else {
|
||||||
|
@@ -2756,7 +2761,7 @@ snmpv3_packet_build(netsnmp_session * se
|
||||||
|
* re-encode the actual ASN.1 length of the scopedPdu
|
||||||
|
*/
|
||||||
|
spdu_len = cp - spdu_hdr_e; /* length of scopedPdu minus ASN.1 headers */
|
||||||
|
- spdu_buf_len = SNMP_MAX_MSG_SIZE;
|
||||||
|
+ spdu_buf_len = sizeof(spdu_buf);
|
||||||
|
if (asn_build_sequence(spdu_buf, &spdu_buf_len,
|
||||||
|
(u_char) (ASN_SEQUENCE | ASN_CONSTRUCTOR),
|
||||||
|
spdu_len) == NULL)
|
||||||
|
@@ -2769,7 +2774,7 @@ snmpv3_packet_build(netsnmp_session * se
|
||||||
|
* message - the entire message to transmitted on the wire is returned
|
||||||
|
*/
|
||||||
|
cp = NULL;
|
||||||
|
- *out_length = SNMP_MAX_MSG_SIZE;
|
||||||
|
+ *out_length = sizeof(spdu_buf);
|
||||||
|
DEBUGDUMPSECTION("send", "SM msgSecurityParameters");
|
||||||
|
sptr = find_sec_mod(pdu->securityModel);
|
||||||
|
if (sptr && sptr->encode_forward) {
|
23
SOURCES/net-snmp-5.8-clientaddr-error-message.patch
Normal file
23
SOURCES/net-snmp-5.8-clientaddr-error-message.patch
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
diff -urNp a/snmplib/snmp_api.c b/snmplib/snmp_api.c
|
||||||
|
--- a/snmplib/snmp_api.c 2020-11-26 11:05:51.084788775 +0100
|
||||||
|
+++ b/snmplib/snmp_api.c 2020-11-26 11:08:27.850751397 +0100
|
||||||
|
@@ -235,7 +235,7 @@ static const char *api_errors[-SNMPERR_M
|
||||||
|
"No error", /* SNMPERR_SUCCESS */
|
||||||
|
"Generic error", /* SNMPERR_GENERR */
|
||||||
|
"Invalid local port", /* SNMPERR_BAD_LOCPORT */
|
||||||
|
- "Unknown host", /* SNMPERR_BAD_ADDRESS */
|
||||||
|
+ "Invalid address", /* SNMPERR_BAD_ADDRESS */
|
||||||
|
"Unknown session", /* SNMPERR_BAD_SESSION */
|
||||||
|
"Too long", /* SNMPERR_TOO_LONG */
|
||||||
|
"No socket", /* SNMPERR_NO_SOCKET */
|
||||||
|
@@ -1662,7 +1662,9 @@ _sess_open(netsnmp_session * in_session)
|
||||||
|
DEBUGMSGTL(("_sess_open", "couldn't interpret peername\n"));
|
||||||
|
in_session->s_snmp_errno = SNMPERR_BAD_ADDRESS;
|
||||||
|
in_session->s_errno = errno;
|
||||||
|
- snmp_set_detail(in_session->peername);
|
||||||
|
+ if (!netsnmp_ds_get_string(NETSNMP_DS_LIBRARY_ID,
|
||||||
|
+ NETSNMP_DS_LIB_CLIENT_ADDR))
|
||||||
|
+ snmp_set_detail(in_session->peername);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
30
SOURCES/net-snmp-5.8-empty-passphrase.patch
Normal file
30
SOURCES/net-snmp-5.8-empty-passphrase.patch
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
From 09a0c9005fb72102bf4f4499b28282f823e3e526 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Josef Ridky <jridky@redhat.com>
|
||||||
|
Date: Wed, 18 Nov 2020 20:54:34 -0800
|
||||||
|
Subject: [PATCH] net-snmp-create-v3-user: Handle empty passphrases correctly
|
||||||
|
|
||||||
|
See also https://github.com/net-snmp/net-snmp/issues/86.
|
||||||
|
|
||||||
|
Fixes: e5ad10de8e17 ("Quote provided encryption key in createUser line")
|
||||||
|
Reported-by: Chris Cheney
|
||||||
|
---
|
||||||
|
net-snmp-create-v3-user.in | 6 +++++-
|
||||||
|
1 file changed, 5 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/net-snmp-create-v3-user.in b/net-snmp-create-v3-user.in
|
||||||
|
index 452c2699d..31b4c58c1 100644
|
||||||
|
--- a/net-snmp-create-v3-user.in
|
||||||
|
+++ b/net-snmp-create-v3-user.in
|
||||||
|
@@ -120,7 +120,11 @@ fi
|
||||||
|
fi
|
||||||
|
outdir="@PERSISTENT_DIRECTORY@"
|
||||||
|
outfile="$outdir/snmpd.conf"
|
||||||
|
-line="createUser $user $Aalgorithm \"$apassphrase\" $Xalgorithm \"$xpassphrase\""
|
||||||
|
+if test "x$xpassphrase" = "x" ; then
|
||||||
|
+ line="createUser $user $Aalgorithm \"$apassphrase\" $Xalgorithm"
|
||||||
|
+else
|
||||||
|
+ line="createUser $user $Aalgorithm \"$apassphrase\" $Xalgorithm \"$xpassphrase\""
|
||||||
|
+fi
|
||||||
|
echo "adding the following line to $outfile:"
|
||||||
|
echo " " $line
|
||||||
|
# in case it hasn't ever been started yet, start it.
|
31
SOURCES/net-snmp-5.8-ipv6-disabled.patch
Normal file
31
SOURCES/net-snmp-5.8-ipv6-disabled.patch
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
diff -urNp a/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c b/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c
|
||||||
|
--- a/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c 2020-09-29 14:08:09.742478965 +0200
|
||||||
|
+++ b/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c 2020-10-01 14:20:25.575174851 +0200
|
||||||
|
@@ -19,6 +19,7 @@
|
||||||
|
|
||||||
|
#include <errno.h>
|
||||||
|
#include <sys/ioctl.h>
|
||||||
|
+#include <sys/stat.h>
|
||||||
|
|
||||||
|
netsnmp_feature_require(prefix_info)
|
||||||
|
netsnmp_feature_require(find_prefix_info)
|
||||||
|
@@ -234,7 +235,18 @@ _load_v6(netsnmp_container *container, i
|
||||||
|
|
||||||
|
#define PROCFILE "/proc/net/if_inet6"
|
||||||
|
if (!(in = fopen(PROCFILE, "r"))) {
|
||||||
|
- NETSNMP_LOGONCE((LOG_ERR, "ipaddress_linux: could not open " PROCFILE));
|
||||||
|
+
|
||||||
|
+ /*
|
||||||
|
+ * If PROCFILE exists, but isn't readable, file ERROR message.
|
||||||
|
+ * Otherwise log nothing, due of IPv6 support on this machine is
|
||||||
|
+ * intentionaly disabled/unavailable.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+ struct stat filestat;
|
||||||
|
+
|
||||||
|
+ if(stat(PROCFILE, &filestat) == 0){
|
||||||
|
+ NETSNMP_LOGONCE((LOG_ERR, "ipaddress_linux: could not open " PROCFILE));
|
||||||
|
+ }
|
||||||
|
return -2;
|
||||||
|
}
|
||||||
|
|
@ -10,7 +10,7 @@
|
|||||||
Summary: A collection of SNMP protocol tools and libraries
|
Summary: A collection of SNMP protocol tools and libraries
|
||||||
Name: net-snmp
|
Name: net-snmp
|
||||||
Version: 5.8
|
Version: 5.8
|
||||||
Release: 17%{?dist}
|
Release: 19%{?dist}
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
@ -56,6 +56,11 @@ Patch27: net-snmp-5.8-ipAddress-faster-load.patch
|
|||||||
Patch28: net-snmp-5.8-rpm-memory-leak.patch
|
Patch28: net-snmp-5.8-rpm-memory-leak.patch
|
||||||
Patch29: net-snmp-5.8-sec-memory-leak.patch
|
Patch29: net-snmp-5.8-sec-memory-leak.patch
|
||||||
Patch30: net-snmp-5.8-aes-config.patch
|
Patch30: net-snmp-5.8-aes-config.patch
|
||||||
|
Patch31: net-snmp-5.7.2-CVE-2020-15862.patch
|
||||||
|
Patch32: net-snmp-5.8-bulk.patch
|
||||||
|
Patch33: net-snmp-5.8-clientaddr-error-message.patch
|
||||||
|
Patch34: net-snmp-5.8-ipv6-disabled.patch
|
||||||
|
Patch35: net-snmp-5.8-empty-passphrase.patch
|
||||||
|
|
||||||
# Modern RPM API means at least EL6
|
# Modern RPM API means at least EL6
|
||||||
Patch101: net-snmp-5.8-modern-rpm-api.patch
|
Patch101: net-snmp-5.8-modern-rpm-api.patch
|
||||||
@ -211,6 +216,11 @@ rm -r python
|
|||||||
%patch28 -p1 -b .rpm-memory-leak
|
%patch28 -p1 -b .rpm-memory-leak
|
||||||
%patch29 -p1 -b .sec-memory-leak
|
%patch29 -p1 -b .sec-memory-leak
|
||||||
%patch30 -p1 -b .aes-config
|
%patch30 -p1 -b .aes-config
|
||||||
|
%patch31 -p1 -b .CVE-2020-15862
|
||||||
|
%patch32 -p1 -b .bulk
|
||||||
|
%patch33 -p1 -b .clientaddr-error-message
|
||||||
|
%patch34 -p1 -b .ipv6-disabled
|
||||||
|
%patch35 -p1 -b .empty-passphrase
|
||||||
|
|
||||||
%patch101 -p1 -b .modern-rpm-api
|
%patch101 -p1 -b .modern-rpm-api
|
||||||
|
|
||||||
@ -389,8 +399,8 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test
|
|||||||
%doc README.thread AGENT.txt PORTING local/README.mib2c
|
%doc README.thread AGENT.txt PORTING local/README.mib2c
|
||||||
%doc IETF-MIB-LICENSE.txt
|
%doc IETF-MIB-LICENSE.txt
|
||||||
%dir %{_sysconfdir}/snmp
|
%dir %{_sysconfdir}/snmp
|
||||||
%config(noreplace) %attr(0650,root,root) %{_sysconfdir}/snmp/snmpd.conf
|
%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/snmp/snmpd.conf
|
||||||
%config(noreplace) %attr(0650,root,root) %{_sysconfdir}/snmp/snmptrapd.conf
|
%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/snmp/snmptrapd.conf
|
||||||
%{_bindir}/snmpconf
|
%{_bindir}/snmpconf
|
||||||
%{_bindir}/net-snmp-create-v3-user
|
%{_bindir}/net-snmp-create-v3-user
|
||||||
%{_sbindir}/*
|
%{_sbindir}/*
|
||||||
@ -465,6 +475,17 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test
|
|||||||
%{_libdir}/libnetsnmptrapd*.so.%{soname}*
|
%{_libdir}/libnetsnmptrapd*.so.%{soname}*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Dec 01 2020 Josef Ridky <jridky@redhat.com> - 1:5.8-19
|
||||||
|
- revert permission of config files to 600 (#1601060)
|
||||||
|
- fix error message when the address specified by clientaddr option
|
||||||
|
is wrong or cannot be bound (#1877375)
|
||||||
|
- log error with /proc/net/if_inet6 only when IPv6 is enabled (#1824367)
|
||||||
|
- fix issue with quoting empty passphrase (#1817225)
|
||||||
|
|
||||||
|
* Wed Nov 11 2020 Josef Ridky <jridky@redhat.com> - 1:5.8-18
|
||||||
|
- fix CVE-2020-15862 (#1875497)
|
||||||
|
- fix bulk responses for invalid PID (#1817190)
|
||||||
|
|
||||||
* Tue Aug 11 2020 Josef Ridky <jridky@redhat.com> - 1:5.8-17
|
* Tue Aug 11 2020 Josef Ridky <jridky@redhat.com> - 1:5.8-17
|
||||||
- add math library in LDFLAGS (#1846252)
|
- add math library in LDFLAGS (#1846252)
|
||||||
|
|
||||||
@ -524,7 +545,7 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test
|
|||||||
|
|
||||||
* Mon Aug 13 2018 Josef Ridky <jridky@redhat.com> - 1:5.8-2
|
* Mon Aug 13 2018 Josef Ridky <jridky@redhat.com> - 1:5.8-2
|
||||||
- fix default configuration file (#1589480 and #1594147)
|
- fix default configuration file (#1589480 and #1594147)
|
||||||
- modify permissions for /var/log files (#1601060)
|
- modify permissions for config files (#1601060)
|
||||||
|
|
||||||
* Thu Aug 09 2018 Josef Ridky <jridky@redhat.com> - 1:5.8-1
|
* Thu Aug 09 2018 Josef Ridky <jridky@redhat.com> - 1:5.8-1
|
||||||
- remove python package and update to the last upstream version (#1584510)
|
- remove python package and update to the last upstream version (#1584510)
|
||||||
|
Loading…
Reference in New Issue
Block a user