Overview

File _patchinfo of Package patchinfo.27327

<patchinfo incident="27327">
  <issue tracker="bnc" id="1206044">L3: MIB host-resource size calculation is broken for XFS - ref:_00D1igLOd._5005qGHkGL:ref</issue>
  <issue tracker="bnc" id="1205150">VUL-0: CVE-2022-44792: net-snmp,net-snmp-openssl1: remote attacker with write access can cause a NULL pointer dereference in handle_ipDefaultTTL()</issue>
  <issue tracker="bnc" id="1206828">net-snmp package doesn't support aes256 as privacy protocol</issue>
  <issue tracker="bnc" id="1205148">VUL-0: CVE-2022-44793: net-snmp-openssl1,net-snmp: remote attacker with write access can cause a NULL pointer dereference in handle_ipv6IpForwarding()</issue>
  <issue tracker="cve" id="2022-44793"/>
  <issue tracker="cve" id="2022-44792"/>
  <packager>abergmann</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for net-snmp</summary>
  <description>This update for net-snmp fixes the following issues:

- CVE-2022-44793: Fixed a NULL pointer dereference issue that could
  allow a remote attacker with write access to crash the server
  instance (bsc#1205148).
- CVE-2022-44792: Fixed a NULL pointer dereference issue that could
  allow a remote attacker with write access to crash the server
  instance (bsc#1205150).

Other fixes:
- Enabled AES-192 and AES-256 privacy protocols (bsc#1206828).
- Fixed an incorrect systemd hardening that caused home directory
  size and allocation to be listed incorrectly (bsc#1206044)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places