Univention Bugzilla – Bug 55572
net-snmp: Multiple issues (5.0)
Last modified: 2023-01-18 18:46:29 CET
New Debian net-snmp 5.7.3+dfsg-5+deb10u4 fixes: This update addresses the following issues: * NULL Pointer Exception when handling ipDefaultTTL (CVE-2022-44792) * NULL Pointer Exception when handling pv6IpForwarding (CVE-2022-44793)
--- mirror/ftp/pool/main/n/net-snmp/net-snmp_5.7.3+dfsg-5+deb10u3.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/net-snmp_5.7.3+dfsg-5+deb10u4.dsc @@ -1,3 +1,13 @@ +5.7.3+dfsg-5+deb10u4 [Sat, 14 Jan 2023 18:19:36 +0100] Guilhem Moulin <guilhem@debian.org>: + + * Non-maintainer upload by the LTS Security Team. + * CVE-2022-44792: A NULL dereference in handle_ipDefaultTTL() could allow a + remote attacker (with write access) to crash the instance via a crafted + UDP packet, resulting in Denial of Service. (Closes: #1024020) + * CVE-2022-44793: A NULL dereference in handle_ipv6IpForwarding() could + allow a remote attacker (with write access) to crash the instance via a + crafted UDP packet, resulting in Denial of Service. (Closes: #1024020) + 5.7.3+dfsg-5+deb10u3 [Fri, 26 Aug 2022 22:03:02 +0200] Thorsten Alteholz <debian@alteholz.de>: * Non-maintainer upload by the LTS Team. <http://piuparts.knut.univention.de/5.0-2/#7570603618319687839>
OK: bug OK: yaml OK: announce_errata OK: patch ~OK: piuparts > Modified(user, group, mode, size, target): /var/lib/snmp/ expected(root, root, d 40755, 4096, None) != found(#101, #101, d 40755, 4096, None) > /var/lib/dpkg/info/snmpd.postinst:21: chown -R "$SNMP_USER"."$SNMP_GROUP" "$SNMP_DIR" [5.0-2] 9e8228edc2 Bug #55572: net-snmp 5.7.3+dfsg-5+deb10u4 doc/errata/staging/net-snmp.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x542>