I would like to know if there is a plan to upgrade net-snmp to 5.9.5. I see that we backporting all the vulnerabilities and important fixes to 5.9.4 in LTS branch (scarthgap).
As per NVD, it recommends upgrading to 5.9.5/5.10.pre2 to address CVE-2025-68615. https://nvd.nist.gov/vuln/detail/CVE-2025-68615 Since vulnerable tools report, net-snmp 5.9.4 is vulnerable to CVE-2025-68615, despite the fix is backported to 5.9.4, raises a false alarm among users. I think it's better we upgrade LTS branch NetSNMP to version 5.9.5. Regards, Feroz Ahmed
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#231927): https://lists.openembedded.org/g/openembedded-core/message/231927 Mute This Topic: https://lists.openembedded.org/mt/117990392/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
