Hi, On Thu, Mar 06, 2014 at 02:43:34PM +0100, Simon Paillard wrote: > On Thu, Aug 09, 2012 at 01:32:37PM +0200, Vincent Bernat wrote: > > AgentX support is ineffective when a manager requests unrelated OID in > > the same GET request. snmpd will send those unrelated variables into > > the same PDU to the subagent and the subagent will choke with: > > > > agentx: Oversized Object ID > [..] > > First three OID contain 11 subid while the next one has 12 > > subid. snmpd will try several time to communicate those OID to the > > subagent and will give up. A manager requesting always the same OID > > will never get an answer. [..] > As the bugfix is already present in testing, would you consider an upload to > stable-proposed-updates ? > http://sources.debian.net/src/net-snmp/5.7.2~dfsg-8.1/agent/mibgroup/agentx/protocol.c#L1774
NMU debdiff attached. I don't know if security team want this to be fixed via security updates (FTR Redhat considers this bug not grave, https://bugzilla.redhat.com/show_bug.cgi?id=1074631#c3) -- Simon Paillard
diffstat for net-snmp-5.4.3~dfsg net-snmp-5.4.3~dfsg changelog | 8 ++++++++ patches/67_CVE-2014-2310.patch | 22 ++++++++++++++++++++++ patches/series | 1 + 3 files changed, 31 insertions(+) diff -Nru net-snmp-5.4.3~dfsg/debian/changelog net-snmp-5.4.3~dfsg/debian/changelog --- net-snmp-5.4.3~dfsg/debian/changelog 2012-11-24 14:06:46.000000000 +0100 +++ net-snmp-5.4.3~dfsg/debian/changelog 2014-03-17 21:02:49.000000000 +0100 @@ -1,3 +1,11 @@ +net-snmp (5.4.3~dfsg-2.8) stable; urgency=medium + + * Non-maintainer upload. + * Fix agentx subagent issues with multiple-object requests and increasing + object length (CVE-2014-2310) (Closes: #684388) + + -- Simon Paillard <spaill...@debian.org> Mon, 17 Mar 2014 20:56:52 +0100 + net-snmp (5.4.3~dfsg-2.7) unstable; urgency=low * Non-maintainer upload. diff -Nru net-snmp-5.4.3~dfsg/debian/patches/67_CVE-2014-2310.patch net-snmp-5.4.3~dfsg/debian/patches/67_CVE-2014-2310.patch --- net-snmp-5.4.3~dfsg/debian/patches/67_CVE-2014-2310.patch 1970-01-01 01:00:00.000000000 +0100 +++ net-snmp-5.4.3~dfsg/debian/patches/67_CVE-2014-2310.patch 2014-03-17 20:51:06.000000000 +0100 @@ -0,0 +1,22 @@ +Description: Patch 3141462: from fenner: fix agentx subagent issues with multiple-object requests +Bug: http://sourceforge.net/p/net-snmp/patches/1113/ +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684388 +Origin: upstream, http://sourceforge.net/p/net-snmp/code/ci/8d160ac04e7087c10fbda1d1d76d5f2854d58057 +Index: net-snmp-5.4.3~dfsg/agent/mibgroup/agentx/protocol.c +=================================================================== +--- net-snmp-5.4.3~dfsg.orig/agent/mibgroup/agentx/protocol.c 2014-03-17 20:51:06.668331699 +0100 ++++ net-snmp-5.4.3~dfsg/agent/mibgroup/agentx/protocol.c 2014-03-17 20:51:06.660331611 +0100 +@@ -1765,11 +1765,11 @@ + (u_char *) end_oid_buf, + end_oid_buf_len); + } ++ oid_buf_len = MAX_OID_LEN; ++ end_oid_buf_len = MAX_OID_LEN; + } + + DEBUGINDENTLESS(); +- oid_buf_len = MAX_OID_LEN; +- end_oid_buf_len = MAX_OID_LEN; + break; + + diff -Nru net-snmp-5.4.3~dfsg/debian/patches/series net-snmp-5.4.3~dfsg/debian/patches/series --- net-snmp-5.4.3~dfsg/debian/patches/series 2012-11-24 13:30:03.000000000 +0100 +++ net-snmp-5.4.3~dfsg/debian/patches/series 2014-03-17 21:33:32.000000000 +0100 @@ -17,3 +17,4 @@ 64_missing_lib.patch 65_CVE-2012-2141.patch 66_formatstrings.patch +67_CVE-2014-2310.patch
