Overview

File _patchinfo of Package patchinfo.986

<patchinfo incident="986">
  <issue id="940188" tracker="bnc">VUL-0: CVE-2015-5621: net-snmp: snmp_pdu_parse() incompletely parsed varBinds left in list of variables</issue>
  <issue id="935876" tracker="bnc">FIPS: snmptranslate - with fips=1 segfauls</issue>
  <issue id="935863" tracker="bnc">net-snmp-config ps command missing "-acx"</issue>
  <issue id="940084" tracker="bnc">net-snmp / snmptrapd segfaults with fips=1 because it tries to use MD5</issue>
  <issue id="909479" tracker="bnc">L3: snmpd on a SLES12 system doesn't report root file system if it's a btrfs.</issue>
  <issue id="CVE-2015-5621" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>abergmann</packager>
  <description>
The following issues have been fixed within this update:

* fix btrfs output inside HOST-RESOURCES-MIB::hrStorageDescr.
  (bsc#909479)
* fix an incompletely initialized vulnerability within the
  snmp_pdu_parse() function of snmp_api.c. (bsc#940188, CVE-2015-5621)
* add build requirement 'procps' to fix a net-snmp-config error
  (bsc#935863)
* --disable-md5 to allow operation in FIPS mode and not use the
  old algorithm (bsc#935876 bsc#940084)
* also stop snmptrapd on removal

</description>
  <summary>Security update for net-snmp</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places