Overview

File _patchinfo of Package patchinfo.9069

<patchinfo incident="9069">
  <issue tracker="bnc" id="1081164">Missing compile net-snmp options prevent using SNMP over DTLS</issue>
  <issue tracker="bnc" id="1102775">Segfault in snmpd</issue>
  <issue tracker="bnc" id="1111122">VUL-0: CVE-2018-18065: net-snmp: remote DoS (_set_key)</issue>
  <issue tracker="bnc" id="1027353">snmpd has hungs up but systemctl does not show that</issue>
  <issue tracker="cve" id="2018-18065"/>
  <category>security</category>
  <rating>important</rating>
  <packager>abergmann</packager>
  <description>This update for net-snmp fixes the following issues:

Security issues fixed:

- CVE-2018-18065: _set_key in agent/helpers/table_container.c had a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. (bsc#1111122)

Non-security issues fixed:

- swintst_rpm: Protect against unspecified Group name (bsc#1102775)
- Add tsm and tlstm MIBs and the USM security module. (bsc#1081164)
- Fix agentx freezing on timeout (bsc#1027353)
</description>
  <summary>Security update for net-snmp</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places