[oe-commits] Roy Li : net-snmp: fix for Security Advisory - CVE-2014-3565
git at git.openembedded.org
git at git.openembedded.org
Fri Nov 7 14:47:23 UTC 2014
Module: meta-openembedded.git
Branch: master-next
Commit: 4bb8bb5e478453d64a899e500c33aaa56981dc75
URL: http://git.openembedded.org/?p=meta-openembedded.git&a=commit;h=4bb8bb5e478453d64a899e500c33aaa56981dc75
Author: Roy Li <rongqing.li at windriver.com>
Date: Tue Nov 4 14:09:29 2014 +0800
net-snmp: fix for Security Advisory - CVE-2014-3565
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used,
allows remote attackers to cause a denial of service (snmptrapd crash) via
a crafted SNMP trap message, which triggers a conversion to the variable
type designated in the MIB file, as demonstrated by a NULL type in an ifMtu
trap message.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3565
Signed-off-by: Roy Li <rongqing.li at windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald at mentor.com>
---
...s-for-printing-variables-with-wrong-types.patch | 455 +++++++++++++++++++++
.../recipes-protocols/net-snmp/net-snmp_5.7.2.1.bb | 1 +
2 files changed, 456 insertions(+)
Diff: http://git.openembedded.org/?p=meta-openembedded.git/?a=commitdiff;h=4bb8bb5e478453d64a899e500c33aaa56981dc75
More information about the Openembedded-commits
mailing list