fix SNMP vulnerability fix

Bart Veer Wed, 02 Jul 2008 12:47:25 -0700

The previous patch to fix an SNMP vulnerability
(http://ecos.sourceware.org/ml/ecos-patches/2008-06/msg00003.html) was
incomplete. This sorts it out.


Bart

Index: ChangeLog
===================================================================
RCS file: /cvs/ecos/ecos-opt/snmp/lib/current/ChangeLog,v
retrieving revision 1.15
diff -u -r1.15 ChangeLog
--- ChangeLog   11 Jun 2008 13:14:09 -0000      1.15
+++ ChangeLog   2 Jul 2008 19:43:44 -0000
@@ -1,3 +1,8 @@
+2008-07-02  Bart Veer  <[EMAIL PROTECTED]>
+
+       * include/snmpusm.h: add missing definition needed for the CERT
+       fix below.
+
 2008-06-11  Jonathan Larmour  <[EMAIL PROTECTED]>
 
        * src/scapi.c: Fix CVE-2008-0960 (CERT/CC VU#481564).
Index: include/snmpusm.h
===================================================================
RCS file: /cvs/ecos/ecos-opt/snmp/lib/current/include/snmpusm.h,v
retrieving revision 1.4
diff -u -r1.4 snmpusm.h
--- include/snmpusm.h   23 May 2002 23:08:17 -0000      1.4
+++ include/snmpusm.h   2 Jul 2008 19:46:15 -0000
@@ -112,6 +112,7 @@
 #define USM_MAX_KEYEDHASH_LENGTH       128             /* In BITS. */
 
 #define USM_TIME_WINDOW                        150
+#define USM_MD5_AND_SHA_AUTH_LEN        12      /* bytes */
 
 
 /*

fix SNMP vulnerability fix

Reply via email to