Re: Patch for CVE-2015-5621 in 5.7.1 code base

Thanks Alex & Niels ! I could generate patch and use it. How to we test this fix ? does net-snmp has some security test suites to be used ? Sampath On Tue, Sep 1, 2015 at 1:06 AM, Alexander Bergmann wrote: > Hi Sampath, > > you need to have 'V5-7-patches' as a local

Re: Patch for CVE-2015-5621 in 5.7.1 code base

On Mon, Aug 31, 2015 at 11:22:35AM -0700, Sampathkumar Santhanakrishnan wrote: > Hi Alex, > Thanks for sharing this info. I tried to get the diff and it > complains about "V5-7-patches". This works: git diff 345b9633ea4df23b863cba5defe5187d81fc505d^ 345b9633ea4df23b863cba5defe5187d81fc505d

Re: Patch for CVE-2015-5621 in 5.7.1 code base

Hi Sampath, you need to have 'V5-7-patches' as a local branch. Otherwise you're getting an error message. Just do a 'git checkout V5-7-patches' once and it should work. Regards, Alex~ On Mon, Aug 31, 2015 at 11:22:35AM -0700, Sampathkumar Santhanakrishnan wrote: > Hi Alex, > Thanks for

Re: Patch for CVE-2015-5621 in 5.7.1 code base

Hi Alex, Thanks for sharing this info. I tried to get the diff and it complains about "V5-7-patches". git diff v5.7.1 V5-7-patches snmplib/snmp_api.c > fix-5.7.1.patch fatal: ambiguous argument 'V5-7-patches': unknown revision or path not in the working tree. Use '--' to separate paths from

Re: Patch for CVE-2015-5621 in 5.7.1 code base

Hi Sampathkumar, you can use git to get you a patch diff for this fix. Just clone the repo and run the following command. # git diff v5.7.1 V5-7-patches snmplib/snmp_api.c fix-5.7.1.patch Then edit the file and delete everything execpt of changes inside the snmp_pdu_parse() function. Double

Patch for CVE-2015-5621 in 5.7.1 code base

Hello, I am looking for net-snmp 5.7.1 based patch for CVE-2015-5621 The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of