[Frugalware-git] frugalware-current: net-snmp-5.4.1-5-i686

Tue, 10 Jun 2008 04:11:53 -0700 

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=25fab576310e3b8bee75cb925fc473dbefae51c8

commit 25fab576310e3b8bee75cb925fc473dbefae51c8
Author: Miklos Vajna <[EMAIL PROTECTED]>
Date:   Tue Jun 10 13:10:53 2008 +0200

net-snmp-5.4.1-5-i686
- add CVE-2008-0960.patch
- closes #3142

diff --git a/source/network-extra/net-snmp/CVE-2008-0960.patch 
b/source/network-extra/net-snmp/CVE-2008-0960.patch
new file mode 100644
index 0000000..a3534f5
--- /dev/null
+++ b/source/network-extra/net-snmp/CVE-2008-0960.patch
@@ -0,0 +1,17 @@
+CVE-2008-0960 net-snmp SNMPv3 authentication bypass (VU#877044)
+
+Source: upstream, 
https://sourceforge.net/tracker/index.php?func=detail&aid=1989089&group_id=12694&atid=456380
+
+diff -up net-snmp-5.0.9/snmplib/scapi.c.orig net-snmp-5.0.9/snmplib/scapi.c
+--- net-snmp-5.0.9/snmplib/scapi.c.orig        2008-06-04 10:19:26.000000000 
+0200
++++ net-snmp-5.0.9/snmplib/scapi.c     2008-06-04 10:20:45.000000000 +0200
+@@ -460,6 +460,9 @@ sc_check_keyed_hash(const oid * authtype
+         QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
+     }
+
++    if (maclen != USM_MD5_AND_SHA_AUTH_LEN) {
++        QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
++    }
+
+     /*
+      * Generate a full hash of the message, then compare
diff --git a/source/network-extra/net-snmp/FrugalBuild 
b/source/network-extra/net-snmp/FrugalBuild
index c54bbf7..6be264a 100644
--- a/source/network-extra/net-snmp/FrugalBuild
+++ b/source/network-extra/net-snmp/FrugalBuild
@@ -4,7 +4,7 @@

pkgname=net-snmp
pkgver=5.4.1
-pkgrel=4
+pkgrel=5
pkgdesc="A suite of applications used to implement SNMP v1, SNMP v2c and SNMP 
v3 using both IPv4 and IPv6"
depends=('openssl' 'perl>=5.10.0')
groups=('network-extra')
@@ -12,9 +12,10 @@ archs=('i686' 'x86_64')
Finclude sourceforge
url="http://www.net-snmp.org/";
up2date="lynx -dump http://www.net-snmp.org/download.html |grep Supported -A 2 
|sed -ne 's/.*\([0-9].[0-9].[0-9]\).*/\1/;$ p'"
-source=([EMAIL PROTECTED] CVE-2008-2292.patch rc.snmpd)
+source=([EMAIL PROTECTED] CVE-2008-2292.patch CVE-2008-0960.patch rc.snmpd)
sha1sums=('ac5ba033c10d53d3057415121f8c4936c643c208' \
'7f7f770fcebdeb8bb19515937895c9c545cc0609' \
+          'bfb79ccb4db8b524655a78739bbf0e5255c1f14a' \
'df7a817499d12c53e9d2809f68c24fea9d3307b0')

build() {
_______________________________________________
Frugalware-git mailing list
[email protected]
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to