import net-snmp-5.8-19.el8
This commit is contained in:
		
							parent
							
								
									dac47ded42
								
							
						
					
					
						commit
						a11633299b
					
				
							
								
								
									
										70
									
								
								SOURCES/net-snmp-5.7.2-CVE-2020-15862.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										70
									
								
								SOURCES/net-snmp-5.7.2-CVE-2020-15862.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,70 @@ | |||||||
|  | diff -urNp old/agent/mibgroup/agent/extend.c new/agent/mibgroup/agent/extend.c
 | ||||||
|  | --- old/agent/mibgroup/agent/extend.c	2020-11-11 12:41:46.377115142 +0100
 | ||||||
|  | +++ new/agent/mibgroup/agent/extend.c	2020-11-11 12:50:28.047142105 +0100
 | ||||||
|  | @@ -16,6 +16,12 @@
 | ||||||
|  |  #define SHELLCOMMAND 3 | ||||||
|  |  #endif | ||||||
|  |   | ||||||
|  | +/*  This mib is potentially dangerous to turn on by default, since it
 | ||||||
|  | + *  allows arbitrary commands to be set by anyone with SNMP WRITE
 | ||||||
|  | + *  access to the MIB table.  If all of your users are "root" level
 | ||||||
|  | + *  users, then it may be safe to turn on. */
 | ||||||
|  | +#define ENABLE_EXTEND_WRITE_ACCESS 0
 | ||||||
|  | +
 | ||||||
|  |  netsnmp_feature_require(extract_table_row_data) | ||||||
|  |  netsnmp_feature_require(table_data_delete_table) | ||||||
|  |  #ifndef NETSNMP_NO_WRITE_SUPPORT | ||||||
|  | @@ -723,7 +729,7 @@ handle_nsExtendConfigTable(netsnmp_mib_h
 | ||||||
|  |           * | ||||||
|  |           **********/ | ||||||
|  |   | ||||||
|  | -#ifndef NETSNMP_NO_WRITE_SUPPORT
 | ||||||
|  | +#if !defined(NETSNMP_NO_WRITE_SUPPORT) && ENABLE_EXTEND_WRITE_ACCESS
 | ||||||
|  |          case MODE_SET_RESERVE1: | ||||||
|  |              /* | ||||||
|  |               * Validate the new assignments | ||||||
|  | @@ -1049,7 +1055,7 @@ handle_nsExtendConfigTable(netsnmp_mib_h
 | ||||||
|  |                  } | ||||||
|  |              } | ||||||
|  |              break; | ||||||
|  | -#endif /* !NETSNMP_NO_WRITE_SUPPORT */ 
 | ||||||
|  | +#endif /* !NETSNMP_NO_WRITE_SUPPORT and ENABLE_EXTEND_WRITE_ACCESS */
 | ||||||
|  |   | ||||||
|  |          default: | ||||||
|  |              netsnmp_set_request_error(reqinfo, request, SNMP_ERR_GENERR); | ||||||
|  | @@ -1057,7 +1063,7 @@ handle_nsExtendConfigTable(netsnmp_mib_h
 | ||||||
|  |          } | ||||||
|  |      } | ||||||
|  |   | ||||||
|  | -#ifndef NETSNMP_NO_WRITE_SUPPORT
 | ||||||
|  | +#if !defined(NETSNMP_NO_WRITE_SUPPORT) && ENABLE_EXTEND_WRITE_ACCESS
 | ||||||
|  |      /* | ||||||
|  |       * If we're marking a given row as active, | ||||||
|  |       *  then we need to check that it's ready. | ||||||
|  | @@ -1082,7 +1088,7 @@ handle_nsExtendConfigTable(netsnmp_mib_h
 | ||||||
|  |              } | ||||||
|  |          } | ||||||
|  |      } | ||||||
|  | -#endif /* !NETSNMP_NO_WRITE_SUPPORT */
 | ||||||
|  | +#endif /* !NETSNMP_NO_WRITE_SUPPORT && ENABLE_EXTEND_WRITE_ACCESS */
 | ||||||
|  |       | ||||||
|  |      return SNMP_ERR_NOERROR; | ||||||
|  |  } | ||||||
|  | @@ -1571,7 +1577,7 @@ fixExec2Error(int action,
 | ||||||
|  |      idx = name[name_len-1] -1; | ||||||
|  |      exten = &compatability_entries[ idx ]; | ||||||
|  |   | ||||||
|  | -#ifndef NETSNMP_NO_WRITE_SUPPORT
 | ||||||
|  | +#if !defined(NETSNMP_NO_WRITE_SUPPORT) && ENABLE_EXTEND_WRITE_ACCESS
 | ||||||
|  |      switch (action) { | ||||||
|  |      case MODE_SET_RESERVE1: | ||||||
|  |          if (var_val_type != ASN_INTEGER) { | ||||||
|  | @@ -1592,7 +1598,7 @@ fixExec2Error(int action,
 | ||||||
|  |      case MODE_SET_COMMIT: | ||||||
|  |          netsnmp_cache_check_and_reload( exten->efix_entry->cache ); | ||||||
|  |      } | ||||||
|  | -#endif /* !NETSNMP_NO_WRITE_SUPPORT */
 | ||||||
|  | +#endif /* !NETSNMP_NO_WRITE_SUPPORT && ENABLE_EXTEND_WRITE_ACCESS */
 | ||||||
|  |      return SNMP_ERR_NOERROR; | ||||||
|  |  } | ||||||
|  |  #endif /* USING_UCD_SNMP_EXTENSIBLE_MODULE */ | ||||||
							
								
								
									
										51
									
								
								SOURCES/net-snmp-5.8-bulk.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										51
									
								
								SOURCES/net-snmp-5.8-bulk.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,51 @@ | |||||||
|  | diff -urNp a/snmplib/snmp_api.c b/snmplib/snmp_api.c
 | ||||||
|  | --- a/snmplib/snmp_api.c	2020-09-29 14:08:09.821479662 +0200
 | ||||||
|  | +++ b/snmplib/snmp_api.c	2020-10-01 10:15:46.607374362 +0200
 | ||||||
|  | @@ -769,7 +769,7 @@ snmp_sess_init(netsnmp_session * session
 | ||||||
|  |      session->retries = SNMP_DEFAULT_RETRIES; | ||||||
|  |      session->version = SNMP_DEFAULT_VERSION; | ||||||
|  |      session->securityModel = SNMP_DEFAULT_SECMODEL; | ||||||
|  | -    session->rcvMsgMaxSize = SNMP_MAX_MSG_SIZE;
 | ||||||
|  | +    session->rcvMsgMaxSize = netsnmp_max_send_msg_size();
 | ||||||
|  |      session->sndMsgMaxSize = netsnmp_max_send_msg_size(); | ||||||
|  |      session->flags |= SNMP_FLAGS_DONT_PROBE; | ||||||
|  |  } | ||||||
|  | @@ -2731,7 +2731,7 @@ snmpv3_packet_build(netsnmp_session * se
 | ||||||
|  |      /* | ||||||
|  |       * build a scopedPDU structure into spdu_buf | ||||||
|  |       */ | ||||||
|  | -    spdu_buf_len = SNMP_MAX_MSG_SIZE;
 | ||||||
|  | +    spdu_buf_len = sizeof(spdu_buf);
 | ||||||
|  |      DEBUGDUMPSECTION("send", "ScopedPdu"); | ||||||
|  |      cp = snmpv3_scopedPDU_header_build(pdu, spdu_buf, &spdu_buf_len, | ||||||
|  |                                         &spdu_hdr_e); | ||||||
|  | @@ -2743,6 +2743,11 @@ snmpv3_packet_build(netsnmp_session * se
 | ||||||
|  |       */ | ||||||
|  |      DEBUGPRINTPDUTYPE("send", ((pdu_data) ? *pdu_data : 0x00)); | ||||||
|  |      if (pdu_data) { | ||||||
|  | +        if (cp + pdu_data_len > spdu_buf + sizeof(spdu_buf)) {
 | ||||||
|  | +            snmp_log(LOG_ERR, "%s: PDU too big (%" NETSNMP_PRIz "d > %" NETSNMP_PRIz "d)\n",
 | ||||||
|  | +                     __func__, pdu_data_len, sizeof(spdu_buf));
 | ||||||
|  | +            return -1;
 | ||||||
|  | +        }
 | ||||||
|  |          memcpy(cp, pdu_data, pdu_data_len); | ||||||
|  |          cp += pdu_data_len; | ||||||
|  |      } else { | ||||||
|  | @@ -2756,7 +2761,7 @@ snmpv3_packet_build(netsnmp_session * se
 | ||||||
|  |       * re-encode the actual ASN.1 length of the scopedPdu | ||||||
|  |       */ | ||||||
|  |      spdu_len = cp - spdu_hdr_e; /* length of scopedPdu minus ASN.1 headers */ | ||||||
|  | -    spdu_buf_len = SNMP_MAX_MSG_SIZE;
 | ||||||
|  | +    spdu_buf_len = sizeof(spdu_buf);
 | ||||||
|  |      if (asn_build_sequence(spdu_buf, &spdu_buf_len, | ||||||
|  |                             (u_char) (ASN_SEQUENCE | ASN_CONSTRUCTOR), | ||||||
|  |                             spdu_len) == NULL) | ||||||
|  | @@ -2769,7 +2774,7 @@ snmpv3_packet_build(netsnmp_session * se
 | ||||||
|  |       * message - the entire message to transmitted on the wire is returned | ||||||
|  |       */ | ||||||
|  |      cp = NULL; | ||||||
|  | -    *out_length = SNMP_MAX_MSG_SIZE;
 | ||||||
|  | +    *out_length = sizeof(spdu_buf);
 | ||||||
|  |      DEBUGDUMPSECTION("send", "SM msgSecurityParameters"); | ||||||
|  |      sptr = find_sec_mod(pdu->securityModel); | ||||||
|  |      if (sptr && sptr->encode_forward) { | ||||||
							
								
								
									
										23
									
								
								SOURCES/net-snmp-5.8-clientaddr-error-message.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										23
									
								
								SOURCES/net-snmp-5.8-clientaddr-error-message.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,23 @@ | |||||||
|  | diff -urNp a/snmplib/snmp_api.c b/snmplib/snmp_api.c
 | ||||||
|  | --- a/snmplib/snmp_api.c	2020-11-26 11:05:51.084788775 +0100
 | ||||||
|  | +++ b/snmplib/snmp_api.c	2020-11-26 11:08:27.850751397 +0100
 | ||||||
|  | @@ -235,7 +235,7 @@ static const char *api_errors[-SNMPERR_M
 | ||||||
|  |      "No error",                 /* SNMPERR_SUCCESS */ | ||||||
|  |      "Generic error",            /* SNMPERR_GENERR */ | ||||||
|  |      "Invalid local port",       /* SNMPERR_BAD_LOCPORT */ | ||||||
|  | -    "Unknown host",             /* SNMPERR_BAD_ADDRESS */
 | ||||||
|  | +    "Invalid address",          /* SNMPERR_BAD_ADDRESS */
 | ||||||
|  |      "Unknown session",          /* SNMPERR_BAD_SESSION */ | ||||||
|  |      "Too long",                 /* SNMPERR_TOO_LONG */ | ||||||
|  |      "No socket",                /* SNMPERR_NO_SOCKET */ | ||||||
|  | @@ -1662,7 +1662,9 @@ _sess_open(netsnmp_session * in_session)
 | ||||||
|  |          DEBUGMSGTL(("_sess_open", "couldn't interpret peername\n")); | ||||||
|  |          in_session->s_snmp_errno = SNMPERR_BAD_ADDRESS; | ||||||
|  |          in_session->s_errno = errno; | ||||||
|  | -        snmp_set_detail(in_session->peername);
 | ||||||
|  | +        if (!netsnmp_ds_get_string(NETSNMP_DS_LIBRARY_ID,
 | ||||||
|  | +                                    NETSNMP_DS_LIB_CLIENT_ADDR))
 | ||||||
|  | +            snmp_set_detail(in_session->peername);
 | ||||||
|  |          return NULL; | ||||||
|  |      } | ||||||
|  |   | ||||||
							
								
								
									
										30
									
								
								SOURCES/net-snmp-5.8-empty-passphrase.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										30
									
								
								SOURCES/net-snmp-5.8-empty-passphrase.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,30 @@ | |||||||
|  | From 09a0c9005fb72102bf4f4499b28282f823e3e526 Mon Sep 17 00:00:00 2001 | ||||||
|  | From: Josef Ridky <jridky@redhat.com> | ||||||
|  | Date: Wed, 18 Nov 2020 20:54:34 -0800 | ||||||
|  | Subject: [PATCH] net-snmp-create-v3-user: Handle empty passphrases correctly | ||||||
|  | 
 | ||||||
|  | See also https://github.com/net-snmp/net-snmp/issues/86. | ||||||
|  | 
 | ||||||
|  | Fixes: e5ad10de8e17 ("Quote provided encryption key in createUser line") | ||||||
|  | Reported-by: Chris Cheney | ||||||
|  | ---
 | ||||||
|  |  net-snmp-create-v3-user.in | 6 +++++- | ||||||
|  |  1 file changed, 5 insertions(+), 1 deletion(-) | ||||||
|  | 
 | ||||||
|  | diff --git a/net-snmp-create-v3-user.in b/net-snmp-create-v3-user.in
 | ||||||
|  | index 452c2699d..31b4c58c1 100644
 | ||||||
|  | --- a/net-snmp-create-v3-user.in
 | ||||||
|  | +++ b/net-snmp-create-v3-user.in
 | ||||||
|  | @@ -120,7 +120,11 @@ fi
 | ||||||
|  |  fi | ||||||
|  |  outdir="@PERSISTENT_DIRECTORY@" | ||||||
|  |  outfile="$outdir/snmpd.conf" | ||||||
|  | -line="createUser $user $Aalgorithm \"$apassphrase\" $Xalgorithm \"$xpassphrase\""
 | ||||||
|  | +if test "x$xpassphrase" = "x" ; then
 | ||||||
|  | +    line="createUser $user $Aalgorithm \"$apassphrase\" $Xalgorithm"
 | ||||||
|  | +else
 | ||||||
|  | +    line="createUser $user $Aalgorithm \"$apassphrase\" $Xalgorithm \"$xpassphrase\""
 | ||||||
|  | +fi
 | ||||||
|  |  echo "adding the following line to $outfile:" | ||||||
|  |  echo "  " $line | ||||||
|  |  # in case it hasn't ever been started yet, start it. | ||||||
							
								
								
									
										31
									
								
								SOURCES/net-snmp-5.8-ipv6-disabled.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										31
									
								
								SOURCES/net-snmp-5.8-ipv6-disabled.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,31 @@ | |||||||
|  | diff -urNp a/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c b/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c
 | ||||||
|  | --- a/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c	2020-09-29 14:08:09.742478965 +0200
 | ||||||
|  | +++ b/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c	2020-10-01 14:20:25.575174851 +0200
 | ||||||
|  | @@ -19,6 +19,7 @@
 | ||||||
|  |   | ||||||
|  |  #include <errno.h> | ||||||
|  |  #include <sys/ioctl.h> | ||||||
|  | +#include <sys/stat.h>
 | ||||||
|  |   | ||||||
|  |  netsnmp_feature_require(prefix_info) | ||||||
|  |  netsnmp_feature_require(find_prefix_info) | ||||||
|  | @@ -234,7 +235,18 @@ _load_v6(netsnmp_container *container, i
 | ||||||
|  |   | ||||||
|  |  #define PROCFILE "/proc/net/if_inet6" | ||||||
|  |      if (!(in = fopen(PROCFILE, "r"))) { | ||||||
|  | -        NETSNMP_LOGONCE((LOG_ERR, "ipaddress_linux: could not open " PROCFILE));
 | ||||||
|  | +
 | ||||||
|  | +        /* 
 | ||||||
|  | +         * If PROCFILE exists, but isn't readable, file ERROR message.
 | ||||||
|  | +         * Otherwise log nothing, due of IPv6 support on this machine is
 | ||||||
|  | +         * intentionaly disabled/unavailable.
 | ||||||
|  | +         */
 | ||||||
|  | +
 | ||||||
|  | +        struct stat filestat;
 | ||||||
|  | +
 | ||||||
|  | +        if(stat(PROCFILE, &filestat) == 0){
 | ||||||
|  | +            NETSNMP_LOGONCE((LOG_ERR, "ipaddress_linux: could not open " PROCFILE));
 | ||||||
|  | +        }
 | ||||||
|  |          return -2; | ||||||
|  |      } | ||||||
|  |   | ||||||
| @ -10,7 +10,7 @@ | |||||||
| Summary:    A collection of SNMP protocol tools and libraries | Summary:    A collection of SNMP protocol tools and libraries | ||||||
| Name:       net-snmp | Name:       net-snmp | ||||||
| Version:    5.8 | Version:    5.8 | ||||||
| Release:    17%{?dist} | Release:    19%{?dist} | ||||||
| Epoch:      1 | Epoch:      1 | ||||||
| 
 | 
 | ||||||
| License:    BSD | License:    BSD | ||||||
| @ -56,6 +56,11 @@ Patch27:    net-snmp-5.8-ipAddress-faster-load.patch | |||||||
| Patch28:    net-snmp-5.8-rpm-memory-leak.patch | Patch28:    net-snmp-5.8-rpm-memory-leak.patch | ||||||
| Patch29:    net-snmp-5.8-sec-memory-leak.patch | Patch29:    net-snmp-5.8-sec-memory-leak.patch | ||||||
| Patch30:    net-snmp-5.8-aes-config.patch | Patch30:    net-snmp-5.8-aes-config.patch | ||||||
|  | Patch31:    net-snmp-5.7.2-CVE-2020-15862.patch | ||||||
|  | Patch32:    net-snmp-5.8-bulk.patch | ||||||
|  | Patch33:    net-snmp-5.8-clientaddr-error-message.patch | ||||||
|  | Patch34:    net-snmp-5.8-ipv6-disabled.patch | ||||||
|  | Patch35:    net-snmp-5.8-empty-passphrase.patch | ||||||
| 
 | 
 | ||||||
| # Modern RPM API means at least EL6 | # Modern RPM API means at least EL6 | ||||||
| Patch101:   net-snmp-5.8-modern-rpm-api.patch | Patch101:   net-snmp-5.8-modern-rpm-api.patch | ||||||
| @ -211,6 +216,11 @@ rm -r python | |||||||
| %patch28 -p1 -b .rpm-memory-leak | %patch28 -p1 -b .rpm-memory-leak | ||||||
| %patch29 -p1 -b .sec-memory-leak | %patch29 -p1 -b .sec-memory-leak | ||||||
| %patch30 -p1 -b .aes-config | %patch30 -p1 -b .aes-config | ||||||
|  | %patch31 -p1 -b .CVE-2020-15862 | ||||||
|  | %patch32 -p1 -b .bulk | ||||||
|  | %patch33 -p1 -b .clientaddr-error-message | ||||||
|  | %patch34 -p1 -b .ipv6-disabled | ||||||
|  | %patch35 -p1 -b .empty-passphrase | ||||||
| 
 | 
 | ||||||
| %patch101 -p1 -b .modern-rpm-api | %patch101 -p1 -b .modern-rpm-api | ||||||
| 
 | 
 | ||||||
| @ -389,8 +399,8 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test | |||||||
| %doc README.thread AGENT.txt PORTING local/README.mib2c | %doc README.thread AGENT.txt PORTING local/README.mib2c | ||||||
| %doc IETF-MIB-LICENSE.txt | %doc IETF-MIB-LICENSE.txt | ||||||
| %dir %{_sysconfdir}/snmp | %dir %{_sysconfdir}/snmp | ||||||
| %config(noreplace) %attr(0650,root,root) %{_sysconfdir}/snmp/snmpd.conf | %config(noreplace) %attr(0600,root,root) %{_sysconfdir}/snmp/snmpd.conf | ||||||
| %config(noreplace) %attr(0650,root,root) %{_sysconfdir}/snmp/snmptrapd.conf | %config(noreplace) %attr(0600,root,root) %{_sysconfdir}/snmp/snmptrapd.conf | ||||||
| %{_bindir}/snmpconf | %{_bindir}/snmpconf | ||||||
| %{_bindir}/net-snmp-create-v3-user | %{_bindir}/net-snmp-create-v3-user | ||||||
| %{_sbindir}/* | %{_sbindir}/* | ||||||
| @ -465,6 +475,17 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test | |||||||
| %{_libdir}/libnetsnmptrapd*.so.%{soname}* | %{_libdir}/libnetsnmptrapd*.so.%{soname}* | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
|  | * Tue Dec 01 2020 Josef Ridky <jridky@redhat.com> - 1:5.8-19 | ||||||
|  | - revert permission of config files to 600 (#1601060) | ||||||
|  | - fix error message when the address specified by clientaddr option | ||||||
|  |   is wrong or cannot be bound (#1877375) | ||||||
|  | - log error with /proc/net/if_inet6 only when IPv6 is enabled (#1824367) | ||||||
|  | - fix issue with quoting empty passphrase (#1817225) | ||||||
|  | 
 | ||||||
|  | * Wed Nov 11 2020 Josef Ridky <jridky@redhat.com> - 1:5.8-18 | ||||||
|  | - fix CVE-2020-15862 (#1875497) | ||||||
|  | - fix bulk responses for invalid PID (#1817190) | ||||||
|  | 
 | ||||||
| * Tue Aug 11 2020 Josef Ridky <jridky@redhat.com> - 1:5.8-17 | * Tue Aug 11 2020 Josef Ridky <jridky@redhat.com> - 1:5.8-17 | ||||||
| - add math library in LDFLAGS (#1846252) | - add math library in LDFLAGS (#1846252) | ||||||
| 
 | 
 | ||||||
| @ -524,7 +545,7 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test | |||||||
| 
 | 
 | ||||||
| * Mon Aug 13 2018 Josef Ridky <jridky@redhat.com> - 1:5.8-2 | * Mon Aug 13 2018 Josef Ridky <jridky@redhat.com> - 1:5.8-2 | ||||||
| - fix default configuration file (#1589480 and #1594147) | - fix default configuration file (#1589480 and #1594147) | ||||||
| - modify permissions for /var/log files (#1601060) | - modify permissions for config files (#1601060) | ||||||
| 
 | 
 | ||||||
| * Thu Aug 09 2018 Josef Ridky <jridky@redhat.com> - 1:5.8-1 | * Thu Aug 09 2018 Josef Ridky <jridky@redhat.com> - 1:5.8-1 | ||||||
| - remove python package and update to the last upstream version (#1584510) | - remove python package and update to the last upstream version (#1584510) | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user