I missed this. I'm uploading now although with the freeze it might not matter anyway.
- Craig On Thu, 24 Dec 2020 at 16:52, Salvatore Bonaccorso <car...@debian.org> wrote: > Hi Craig, > > On Sun, Nov 22, 2020 at 07:09:29PM +0000, Adam D. Barratt wrote: > > Control: tags -1 + confirmed > > > > On Tue, 2020-10-13 at 21:30 +1100, Craig Small wrote: > > > The security release in deb10u1 made EXTEND-MIB read-only > > > to close a security hole (CVE-2020-15862/Bug #9651166) > > > However this meant the cacheTime and execType could not be > > > changed which caused problems with some SNMP managers or setups. > > > > > > [ Impact ] > > > The cachetime and execType cannot be set anywhere as these > > > parameters appear in net-snmp 5.8 which is in sid but not > > > buster. > > > > +net-snmp (5.7.3+dfsg-5+deb10u2) buster-security; urgency=high > > > > The distribution wants to simply be "buster" for a stable upload. > > > > + * snmpd: Add cacheTime and execType flags to EXTEND-MIB. > > + Previous security release made EXTEND-MIB read-only which meant > > + it was not possible to set the timeout of the cache. This patch > > + allows administrator to set the value in the snmpd.conf file. > > > > s/administrator/&s/ (or "the administrator", I guess). > > > > Bearing the above in mind, please go ahead. > > Did you saw this ack from Adam to upload it for buster-pu? > > Regards, > Salvatore >
