Thanks Alex & Niels ! I could generate patch and use it.
How to we test this fix ? does net-snmp has some security test suites
to be used ?
Sampath
On Tue, Sep 1, 2015 at 1:06 AM, Alexander Bergmann wrote:
> Hi Sampath,
>
> you need to have 'V5-7-patches' as a local
On Mon, Aug 31, 2015 at 11:22:35AM -0700, Sampathkumar Santhanakrishnan wrote:
> Hi Alex,
> Thanks for sharing this info. I tried to get the diff and it
> complains about "V5-7-patches".
This works:
git diff 345b9633ea4df23b863cba5defe5187d81fc505d^
345b9633ea4df23b863cba5defe5187d81fc505d
Hi Sampath,
you need to have 'V5-7-patches' as a local branch. Otherwise you're
getting an error message.
Just do a 'git checkout V5-7-patches' once and it should work.
Regards,
Alex~
On Mon, Aug 31, 2015 at 11:22:35AM -0700, Sampathkumar Santhanakrishnan wrote:
> Hi Alex,
> Thanks for
Hi Alex,
Thanks for sharing this info. I tried to get the diff and it
complains about "V5-7-patches".
git diff v5.7.1 V5-7-patches snmplib/snmp_api.c > fix-5.7.1.patch
fatal: ambiguous argument 'V5-7-patches': unknown revision or path not
in the working tree.
Use '--' to separate paths from
Hi Sampathkumar,
you can use git to get you a patch diff for this fix.
Just clone the repo and run the following command.
# git diff v5.7.1 V5-7-patches snmplib/snmp_api.c fix-5.7.1.patch
Then edit the file and delete everything execpt of changes inside the
snmp_pdu_parse() function. Double
Hello,
I am looking for net-snmp 5.7.1 based patch for CVE-2015-5621
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and
earlier does not remove the varBind variable in a
netsnmp_variable_list item when parsing of the SNMP PDU fails, which
allows remote attackers to cause a denial of