As it's security fix, will be the patch provided via http://www.net-snmp.org/official_patches/ ?
Radek On Thu, 2005-06-30 at 12:14 -0700, Wes Hardaker wrote: > >>>>> On Thu, 30 Jun 2005 11:45:15 +0400, Roman Tsiroulnikov <[EMAIL > >>>>> PROTECTED]> said: > > Roman> Thank you for fast reply! > > No problem. Thanks for explaining the problem so well! Anytime > people give us a well documented reproducible bug it makes it much > easier to track down the problem. And then you supplied a patch as > well! > > However, the patch you actually supplied broke things in other ways. > In particular, you check for the expected pdu length being <= 0. The > check_packet routine actually returns a -1 for serious error, where > the connection should be dropped, and a 0 for "I don't even have > enough data to determine how much data I need to expect". Thus, > really slow trickles over slow/broken networks will cause problems. > So the patch wasn't applied directly as is, but modified so that it > only closes the stream iff a -1 was returned. > > Roman> Yes, at this time, it's reproducible only via TCP, but, in principle, > Roman> there was no matter, what transport we are using. > > It would break for all stream-based protocols. However, you original > message said that UDP was an issue to, but it was not as it's not a > stream based protocol... > -- Radek Vokál <[EMAIL PROTECTED]>
signature.asc
Description: This is a digitally signed message part
