Network Security Audits / Vulnerability Assessments by SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-5224
2008-06-11 02:01:14
--------------------------------------------------------------------------------

Name        : net-snmp
Product     : Fedora 7
Version     : 5.4
Release     : 18.fc7
URL         : http://net-snmp.sourceforge.net/
Summary     : A collection of SNMP protocol tools and libraries
Description :
SNMP (Simple Network Management Protocol) is a protocol used for
network management. The NET-SNMP project includes various SNMP tools:
an extensible agent, an SNMP library, tools for requesting or setting
information from SNMP agents, tools for generating and handling SNMP
traps, a version of the netstat command which uses SNMP, and a Tk/Perl
mib browser. This package contains the snmpd and snmptrapd daemons,
documentation, etc.

You will probably also want to install the net-snmp-utils package,
which contains NET-SNMP utilities.

Building option:
--without tcp_wrappers : disable tcp_wrappers support

--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 10 2008 Jan Safranek <jsafranek@redhat.com> 5.4-18
- fix various flaws (CVE-2008-2292 CVE-2008-0960)
* Thu Feb 14 2008 Jan Safranek <jsafranek@redhat.com> 5.4-17
- fixing ipNetToMediaNetAddress to show IP address (#432780)
* Fri Oct 19 2007 Jan Safranek <jsafranek@redhat.com> 5.4-16
- License: field fixed to "BSD and CMU"
- fix hrSWInst (#250237)
- fix leak in UDP transport (#247771)
- fix remote DoS attack (CVE-2007-5846)
* Mon Oct  8 2007 Jan Safranek <jsafranek@redhat.com> 5.4-15
- License: field changed to MIT
- fix segfault on parsing smuxpeer without password (#316621)
* Thu Jun 28 2007 Jan Safranek <jsafranek@redhat.com> 5.4-14
- fix snmptrapd hostname logging (#238587)
- fix udpEndpointProcess remote IP address (#236551)
- fix -M option of net-snmp-utils (#244784)
- default snmptrapd.conf added (#243536)
- fix crash when multiple exec statements have the same name
  (#243536)
- fix ugly error message when more interfaces share
  one IP address (#209861)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #447974 - CVE-2008-0960 net-snmp SNMPv3 authentication bypass (VU#877044)
        https://bugzilla.redhat.com/show_bug.cgi?id=447974
  [ 2 ] Bug #447262 - CVE-2008-2292 net-snmp: buffer overflow in perl module's Perl Module __snprint_value()
        https://bugzilla.redhat.com/show_bug.cgi?id=447262
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update net-snmp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce