Описание
ELSA-2023-2969: net-snmp security and bug fix update (MODERATE)
[5.8-27.0.1]
- fix error index value when snmpget is used a proxy pass [Orabug: 34905643]
[1:5.8-27]
- fix memory leak due of proc file creating (#2105957)
- fix CVE-2022-44792 and CVE-2022-44793 (#2141901) and (#2141905)
- fix memory leak when ipv6 disable set to 1 (#2151537)
- fix proxy timeout issue (#2160723)
[1:5.8-26]
- backport two memory leaks from upstream (#2134635)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
net-snmp
5.8-27.0.1.el8
net-snmp-agent-libs
5.8-27.0.1.el8
net-snmp-devel
5.8-27.0.1.el8
net-snmp-libs
5.8-27.0.1.el8
net-snmp-perl
5.8-27.0.1.el8
net-snmp-utils
5.8-27.0.1.el8
Oracle Linux x86_64
net-snmp
5.8-27.0.1.el8
net-snmp-agent-libs
5.8-27.0.1.el8
net-snmp-devel
5.8-27.0.1.el8
net-snmp-libs
5.8-27.0.1.el8
net-snmp-perl
5.8-27.0.1.el8
net-snmp-utils
5.8-27.0.1.el8
Связанные CVE
Связанные уязвимости
ELSA-2023-2444: net-snmp security and bug fix update (MODERATE)
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.