[SECURITY] Fedora 9 Update: net-snmp-5.4.1-18.fc9

updates at fedoraproject.org updates at fedoraproject.org
Wed Jun 11 04:39:24 UTC 2008 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-5215
2008-06-11 02:00:18
--------------------------------------------------------------------------------

Name        : net-snmp
Product     : Fedora 9
Version     : 5.4.1
Release     : 18.fc9
URL         : http://net-snmp.sourceforge.net/
Summary     : A collection of SNMP protocol tools and libraries
Description :
SNMP (Simple Network Management Protocol) is a protocol used for
network management. The NET-SNMP project includes various SNMP tools:
an extensible agent, an SNMP library, tools for requesting or setting
information from SNMP agents, tools for generating and handling SNMP
traps, a version of the netstat command which uses SNMP, and a Tk/Perl
mib browser. This package contains the snmpd and snmptrapd daemons,
documentation, etc.

You will probably also want to install the net-snmp-utils package,
which contains NET-SNMP utilities.

Building option:
	--without tcp_wrappers : disable tcp_wrappers support

--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 10 2008 Jan Safranek <jsafranek at redhat.com> 5.4.1-18
- explicitly require lm_sensor > 3 for build (#442718)
- fix various flaws (CVE-2008-2292 CVE-2008-0960)
* Sat May 31 2008 Dennis Gilmore <dennis at ausil.us> 5.4.1-17
- fix sparc handling in /usr/bin/net-snmp-config
* Thu May 29 2008 Dennis Gilmore <dennis at ausil.us> 5.4.1-16
- fix /usr/include/net-snmp-config.h for sparc
* Sun May 25 2008 Dennis Gilmore <dennis at ausil.us> 5.4.1-15
- sparc multilib handling
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #447974 - CVE-2008-0960 net-snmp SNMPv3 authentication bypass (VU#877044)
        https://bugzilla.redhat.com/show_bug.cgi?id=447974
  [ 2 ] Bug #447262 - CVE-2008-2292 net-snmp: buffer overflow in perl module's Perl Module __snprint_value()
        https://bugzilla.redhat.com/show_bug.cgi?id=447262
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update net-snmp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list