netsnmp: security bump to version 5.7.2.1 (517c1dee) · Commits · Dom Sekotill / buildroot

package/netsnmp/netsnmp-001-CVE-2014-2285.patch

0 → 100644

+31 −0

Original line number	Diff line number	Diff line
		Fix for CVE-2014-2285 from upstream:
		http://sourceforge.net/p/net-snmp/patches/1275/

		Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

		--- net-snmp-5.7.3.pre3/perl/TrapReceiver/TrapReceiver.xs.null 2014-02-25 21:50:16.000000000 +0100
		+++ net-snmp-5.7.3.pre3/perl/TrapReceiver/TrapReceiver.xs 2014-03-03 18:59:20.261766270 +0100
		@@ -81,18 +81,18 @@ int perl_trapd_handler( netsnmp_pdu
		STOREPDUi("securitymodel", pdu->securityModel);
		STOREPDUi("securitylevel", pdu->securityLevel);
		STOREPDU("contextName",
		- newSVpv(pdu->contextName, pdu->contextNameLen));
		+ newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen));
		STOREPDU("contextEngineID",
		- newSVpv((char *) pdu->contextEngineID,
		+ newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "",
		pdu->contextEngineIDLen));
		STOREPDU("securityEngineID",
		- newSVpv((char *) pdu->securityEngineID,
		+ newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "",
		pdu->securityEngineIDLen));
		STOREPDU("securityName",
		- newSVpv((char *) pdu->securityName, pdu->securityNameLen));
		+ newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen));
		} else {
		STOREPDU("community",
		- newSVpv((char *) pdu->community, pdu->community_len));
		+ newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len));
		}

		if (transport && transport->f_fmtaddr) {

+1 −1

Original line number	Diff line number	Diff line
		@@ -4,7 +4,7 @@
		#
		################################################################################

		NETSNMP_VERSION = 5.7.2
		NETSNMP_VERSION = 5.7.2.1
		NETSNMP_SITE = http://downloads.sourceforge.net/project/net-snmp/net-snmp/$(NETSNMP_VERSION)
		NETSNMP_SOURCE = net-snmp-$(NETSNMP_VERSION).tar.gz
		NETSNMP_LICENSE = Various BSD-like