This bug was fixed in the package net-snmp - 5.7.3+dfsg-1.8ubuntu3.5
---------------
net-snmp (5.7.3+dfsg-1.8ubuntu3.5) bionic-security; urgency=medium
* SECURITY UPDATE: Elevation of privileges - symlink handling
- debian/patches/CVE-2020-15861.patch: stop reading and writing
the mib_indexes files in include/net-snmp/library/mib.h,
include/net-snmp/library/parse.h, snmplib/mib.c, snmplib/parse.c.
- CVE-2020-15861
* SECURITY UPDATE: Elevation of privileges
- debian/patches/CVE-2020-15862.patch: make the extend mib
read-only by default in agent/mibgroup/agent/extend.c.
- CVE-2020-15862
-- [email protected] (Leonidas S. Barbosa) Mon, 17 Aug 2020
16:16:25 -0300
** Changed in: net-snmp (Ubuntu Bionic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-15861
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-15862
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1875926
Title:
snmpd upgrade (Bionic->Focal) changes Debian-snmp UID/GID
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1875926/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
