diff --git a/SOURCES/net-snmp-5.9-message-severity.patch b/SOURCES/net-snmp-5.9-message-severity.patch new file mode 100644 index 0000000..02bbf54 --- /dev/null +++ b/SOURCES/net-snmp-5.9-message-severity.patch @@ -0,0 +1,48 @@ +From 7330e3e3e08d9baff23332e764f9a53561939fff Mon Sep 17 00:00:00 2001 +From: Bart Van Assche +Date: Thu, 2 Sep 2021 21:06:54 -0700 +Subject: [PATCH] libsnmp: Log "Truncating integer value >32 bits" once + +Log this message once instead of every time sysUpTime and/or +hrSystemUptime are accessed after snmpd is running for more than 497 days. + +Fixes: https://github.com/net-snmp/net-snmp/issues/144 +--- + snmplib/snmp_client.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/snmplib/snmp_client.c b/snmplib/snmp_client.c +index 0f539c63fe..b00670d973 100644 +--- a/snmplib/snmp_client.c ++++ b/snmplib/snmp_client.c +@@ -853,7 +853,8 @@ snmp_set_var_value(netsnmp_variable_list * vars, + = (const u_long *) value; + *(vars->val.integer) = *val_ulong; + if (*(vars->val.integer) > 0xffffffff) { +- snmp_log(LOG_ERR,"truncating integer value > 32 bits\n"); ++ NETSNMP_LOGONCE((LOG_INFO, ++ "truncating integer value > 32 bits\n")); + *(vars->val.integer) &= 0xffffffff; + } + } +@@ -865,7 +866,8 @@ snmp_set_var_value(netsnmp_variable_list * vars, + = (const unsigned long long *) value; + *(vars->val.integer) = (long) *val_ullong; + if (*(vars->val.integer) > 0xffffffff) { +- snmp_log(LOG_ERR,"truncating integer value > 32 bits\n"); ++ NETSNMP_LOGONCE((LOG_INFO, ++ "truncating integer value > 32 bits\n")); + *(vars->val.integer) &= 0xffffffff; + } + } +@@ -877,7 +879,8 @@ snmp_set_var_value(netsnmp_variable_list * vars, + = (const uintmax_t *) value; + *(vars->val.integer) = (long) *val_uintmax_t; + if (*(vars->val.integer) > 0xffffffff) { +- snmp_log(LOG_ERR,"truncating integer value > 32 bits\n"); ++ NETSNMP_LOGONCE((LOG_INFO, ++ "truncating integer value > 32 bits\n")); + *(vars->val.integer) &= 0xffffffff; + } + } + diff --git a/SOURCES/net-snmp-5.9-rpmdb.patch b/SOURCES/net-snmp-5.9-rpmdb.patch new file mode 100644 index 0000000..55a1f85 --- /dev/null +++ b/SOURCES/net-snmp-5.9-rpmdb.patch @@ -0,0 +1,42 @@ +diff -urNp a/agent/mibgroup/host/data_access/swinst_rpm.c b/agent/mibgroup/host/data_access/swinst_rpm.c +--- a/agent/mibgroup/host/data_access/swinst_rpm.c 2023-10-23 16:59:37.392368620 +0200 ++++ b/agent/mibgroup/host/data_access/swinst_rpm.c 2023-10-23 17:01:59.760640169 +0200 +@@ -73,15 +73,21 @@ netsnmp_swinst_arch_init(void) + #endif + + snprintf( pkg_directory, SNMP_MAXPATH, "%s/Packages", dbpath ); ++ if (-1 == stat( pkg_directory, &stat_buf )) { ++ ++ /* check for SQLite DB backend */ ++ snprintf( pkg_directory, SNMP_MAXPATH, "%s/rpmdb.sqlite", dbpath ); ++ ++ if (-1 == stat( pkg_directory, &stat_buf )) { ++ snmp_log(LOG_ERR, "Can't find directory of RPM packages\n"); ++ pkg_directory[0] = '\0'; ++ } ++ } + SNMP_FREE(rpmdbpath); + dbpath = NULL; + #ifdef HAVE_RPMGETPATH + rpmFreeRpmrc(); + #endif +- if (-1 == stat( pkg_directory, &stat_buf )) { +- snmp_log(LOG_ERR, "Can't find directory of RPM packages"); +- pkg_directory[0] = '\0'; +- } + } + + void +diff -urNp a/agent/mibgroup/host/hr_swinst.c b/agent/mibgroup/host/hr_swinst.c +--- a/agent/mibgroup/host/hr_swinst.c 2023-10-23 16:59:37.391368611 +0200 ++++ b/agent/mibgroup/host/hr_swinst.c 2023-10-23 17:02:47.159063503 +0200 +@@ -229,6 +229,9 @@ init_hr_swinst(void) + snprintf(path, sizeof(path), "%s/Packages", swi->swi_dbpath); + if (stat(path, &stat_buf) == -1) + snprintf(path, sizeof(path), "%s/packages.rpm", swi->swi_dbpath); ++ /* check for SQLite DB backend */ ++ if (stat(path, &stat_buf) == -1) ++ snprintf(path, sizeof(path), "%s/rpmdb.sqlite", swi->swi_dbpath); + path[ sizeof(path)-1 ] = 0; + swi->swi_directory = strdup(path); + #ifdef HAVE_RPMGETPATH diff --git a/SOURCES/net-snmp-5.9-sendmsg-error-code.patch b/SOURCES/net-snmp-5.9-sendmsg-error-code.patch new file mode 100644 index 0000000..6709cef --- /dev/null +++ b/SOURCES/net-snmp-5.9-sendmsg-error-code.patch @@ -0,0 +1,31 @@ +From 298c8103db80b292791616af4fd497342a71867f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Josef=20=C5=98=C3=ADdk=C3=BD?= +Date: Wed, 24 May 2023 10:49:41 +0200 +Subject: [PATCH] libsnmp, UDP transport: Fix sendmsg() error code handling + +This change has been made because of Linux kernel commit "ipv4: Return +-ENETUNREACH if we can't create route but saddr is valid" +(https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=595e0651d029) + +Fixes: https://github.com/net-snmp/net-snmp/issues/564 +Fixes: https://github.com/net-snmp/net-snmp/pull/576 + +[ bvanassche: edited commit message ] +--- + snmplib/transports/snmpUDPBaseDomain.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/snmplib/transports/snmpUDPBaseDomain.c b/snmplib/transports/snmpUDPBaseDomain.c +index ca8f9a5554..cd6b15e2ad 100644 +--- a/snmplib/transports/snmpUDPBaseDomain.c ++++ b/snmplib/transports/snmpUDPBaseDomain.c +@@ -315,7 +315,7 @@ int netsnmp_udpbase_sendto_unix(int fd, const struct in_addr *srcip, + sizeof(struct sockaddr)); + else + rc = sendmsg(fd, &m, MSG_DONTWAIT); +- if (rc >= 0 || errno != EINVAL) ++ if (rc >= 0 || (errno != EINVAL && errno != ENETUNREACH)) + return rc; + + /* + diff --git a/SPECS/net-snmp.spec b/SPECS/net-snmp.spec index d7b1491..3aba2de 100644 --- a/SPECS/net-snmp.spec +++ b/SPECS/net-snmp.spec @@ -10,7 +10,7 @@ Summary: A collection of SNMP protocol tools and libraries Name: net-snmp Version: 5.9.1 -Release: 9%{?dist} +Release: 13%{?dist} Epoch: 1 License: BSD @@ -54,6 +54,9 @@ Patch24: net-snmp-5.9-twice-IP-parsing.patch Patch25: net-snmp-5.9-openssl-3.0.patch Patch26: net-snmp-5.9-CVE-2022-44792-44793.patch Patch27: net-snmp-5.9-ipv6-disable-leak.patch +Patch28: net-snmp-5.9-sendmsg-error-code.patch +Patch29: net-snmp-5.9-message-severity.patch +Patch30: net-snmp-5.9-rpmdb.patch # Modern RPM API means at least EL6 Patch101: net-snmp-5.8-modern-rpm-api.patch @@ -188,9 +191,9 @@ binaries and applications. %package -n python3-net-snmp %{?python_provide:%python_provide python3-net-snmp} # Remove before F30 -Provides: %{name}-python = %{version}-%{release} -Provides: %{name}-python%{?_isa} = %{version}-%{release} -Obsoletes: %{name}-python < %{version}-%{release} +Provides: %{name}-python = %{epoch}:%{version}-%{release} +Provides: %{name}-python%{?_isa} = %{epoch}:%{version}-%{release} +Obsoletes: %{name}-python < %{epoch}:%{version}-%{release} Summary: The Python 'netsnmp' module for the Net-SNMP Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} @@ -233,6 +236,9 @@ cp %{SOURCE10} . %patch25 -p1 -b .openssl-3-0 %patch26 -p1 %patch27 -p1 -b .ipv6-disable-leak +%patch28 -p1 -b .sendmsg-error-code +%patch29 -p1 -b .message-severity +%patch30 -p1 -b .rpmdb %patch101 -p1 -b .modern-rpm-api %patch102 -p1 @@ -502,6 +508,18 @@ LD_LIBRARY_PATH=%{buildroot}/%{_libdir} make test %{_libdir}/libnetsnmptrapd*.so.%{soname}* %changelog +* Thu Oct 19 2023 Josef Ridky - 1:5.9.1-13 +- add support for SQLite db background of rpm (RHEL-6854) + +* Thu Oct 19 2023 Josef Ridky - 1:5.9.1-12 +- fix message severity issue (RHEL-13960) + +* Thu Aug 03 2023 Josef Ridky - 1:5.9.1-11 +- fix python3 missing epoch + +* Wed Aug 02 2023 Josef Ridky - 1:5.9.1-10 +- fix sendmsg error code for new kernel (#2210892) + * Wed Feb 15 2023 Josef Ridky - 1:5.9.1-9 - fix CVE-2022-44792 and CVE-2022-44793 (#2141902) and (#2141906) - fix memory leak when ipv6 disable set to 1 (#2151540)