Your message dated Fri, 30 Mar 2018 19:52:43 +0000 with message-id <e1f204p-0005wa...@fasolo.debian.org> and subject line Bug#894110: fixed in net-snmp 5.7.2.1+dfsg-1+deb8u1 has caused the Debian Bug report #894110, regarding net-snmp: CVE-2018-1000116 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 894110: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894110 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: net-snmp Version: 5.7.2.1+dfsg-1 X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for net-snmp: CVE-2018-1000116[0]: | NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the | UDP protocol handler that can result in command execution. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-1000116 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000116 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-
--- End Message ---
--- Begin Message ---Source: net-snmp Source-Version: 5.7.2.1+dfsg-1+deb8u1 We believe that the bug you reported is fixed in the latest version of net-snmp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 894...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Chris Lamb <la...@debian.org> (supplier of updated net-snmp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 25 Mar 2018 20:58:00 -0400 Source: net-snmp Binary: snmpd snmptrapd snmp libsnmp-base libsnmp30 libsnmp30-dbg libsnmp-dev libsnmp-perl python-netsnmp tkmib Architecture: source amd64 all Version: 5.7.2.1+dfsg-1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Net-SNMP Packaging Team <pkg-net-snmp-de...@lists.alioth.debian.org> Changed-By: Chris Lamb <la...@debian.org> Description: libsnmp-base - SNMP configuration script, MIBs and documentation libsnmp-dev - SNMP (Simple Network Management Protocol) development files libsnmp-perl - SNMP (Simple Network Management Protocol) Perl5 support libsnmp30 - SNMP (Simple Network Management Protocol) library libsnmp30-dbg - SNMP (Simple Network Management Protocol) library debug python-netsnmp - SNMP (Simple Network Management Protocol) Python support snmp - SNMP (Simple Network Management Protocol) applications snmpd - SNMP (Simple Network Management Protocol) agents snmptrapd - Net-SNMP notification receiver tkmib - SNMP (Simple Network Management Protocol) MIB browser Closes: 894110 Changes: net-snmp (5.7.2.1+dfsg-1+deb8u1) jessie-security; urgency=high . * CVE-2018-1000116: Correct a heap corruption vulnerability prior to the authentication process. (Closes: #894110) Checksums-Sha1: 5646a22f183e0a4daa8f19a5f149ae8049fd4eff 3074 net-snmp_5.7.2.1+dfsg-1+deb8u1.dsc 887dfc3c27770ba53740f9fe70907b3ab77b1cfe 3300532 net-snmp_5.7.2.1+dfsg.orig.tar.xz 280805902a13016ebf5a34a990dbd81aa0de2b9e 64408 net-snmp_5.7.2.1+dfsg-1+deb8u1.debian.tar.xz d133d5b7a8616cb8427d63f31df7415a6a319d1f 56718 snmpd_5.7.2.1+dfsg-1+deb8u1_amd64.deb 8e42ad4ed6d6f1f2bf7f0695089ab20641d264e1 23130 snmptrapd_5.7.2.1+dfsg-1+deb8u1_amd64.deb 68dd62b0833f41cf530d91054ef7b267c0043d69 146918 snmp_5.7.2.1+dfsg-1+deb8u1_amd64.deb e837ddaab18a8a2750dc9ef242a184bf40f9e34b 1543180 libsnmp-base_5.7.2.1+dfsg-1+deb8u1_all.deb a0062c3e6dcd6401e9211a22a472bd109feb331c 2157690 libsnmp30_5.7.2.1+dfsg-1+deb8u1_amd64.deb b2fc54cc9ed6bb3f874b5d87042dea90d792e523 2016220 libsnmp30-dbg_5.7.2.1+dfsg-1+deb8u1_amd64.deb d3bd5c831a728006f2cfd71de7efa8019d0ab5f3 1073446 libsnmp-dev_5.7.2.1+dfsg-1+deb8u1_amd64.deb 16f2b2999529e58a706bbfaf797c36d7b1839bb2 1459098 libsnmp-perl_5.7.2.1+dfsg-1+deb8u1_amd64.deb f268f10dc02124edda5e1e9846690a3888bc63b6 19682 python-netsnmp_5.7.2.1+dfsg-1+deb8u1_amd64.deb 498560d3cc9620091a034203e93b63c4617f0803 1430984 tkmib_5.7.2.1+dfsg-1+deb8u1_all.deb Checksums-Sha256: 08c453fde54873455b4310caa249535ba60096a6b2b8a422c0dc9ba182f2d9cc 3074 net-snmp_5.7.2.1+dfsg-1+deb8u1.dsc 0cea52558582a8e104d58c47e49cd967e6b78d8b086adc52bd0d195a8b5733e9 3300532 net-snmp_5.7.2.1+dfsg.orig.tar.xz 15b0b5940bf073ed327f45bdb857a2d3b55a9b38baddc533e5f8494509b4d198 64408 net-snmp_5.7.2.1+dfsg-1+deb8u1.debian.tar.xz c2f97d873e4a20a059543e453cadbffbca370fa8d775b38cf4f3e74db5fd6dc0 56718 snmpd_5.7.2.1+dfsg-1+deb8u1_amd64.deb ee6ca8fa6c553c67c1b8183059c6f0d7741d890ecc22a97edc65ec0276e5a538 23130 snmptrapd_5.7.2.1+dfsg-1+deb8u1_amd64.deb c686c79eed5ebbbc30c31d5d6d822ca04feb5847f8c327689b781ecdaaa3e0ad 146918 snmp_5.7.2.1+dfsg-1+deb8u1_amd64.deb f03cacaee14b2b8c7e35dd6b628f60583113d8d60fab47a6a89ca48992db7b7d 1543180 libsnmp-base_5.7.2.1+dfsg-1+deb8u1_all.deb a4c8ec240f35f4c7fab451daa5f5d58ae2ec94b2602db5dee5a2a138d8f9bb7e 2157690 libsnmp30_5.7.2.1+dfsg-1+deb8u1_amd64.deb 3f0bfc597894169bbb81eed1540d4161d1e1e70788bfe65d1d3a27873763981d 2016220 libsnmp30-dbg_5.7.2.1+dfsg-1+deb8u1_amd64.deb 36dce7f54e2f951f7ecd1c5e3850eeaca3e2fb1019c4083e06ac898b19cf72af 1073446 libsnmp-dev_5.7.2.1+dfsg-1+deb8u1_amd64.deb 186cf6f452161517a340d4f8ef77d70b8b9ebefd1d43d223bb050c4a3381c606 1459098 libsnmp-perl_5.7.2.1+dfsg-1+deb8u1_amd64.deb 30c679aab0a0f8874a529c0b207b6a153161850b15e966ddb6b4596572ac6110 19682 python-netsnmp_5.7.2.1+dfsg-1+deb8u1_amd64.deb 6ee3dc90274c7be524691d17014da543e10c92aca4e3537363a779d4a3ac44c0 1430984 tkmib_5.7.2.1+dfsg-1+deb8u1_all.deb Files: 5da89abc608d270c9f356d3e21f7a70f 3074 net optional net-snmp_5.7.2.1+dfsg-1+deb8u1.dsc 4f878c027f36aeab0118d10606fac8f1 3300532 net optional net-snmp_5.7.2.1+dfsg.orig.tar.xz 2cb4794b1d4a8365f74e44062b5e068f 64408 net optional net-snmp_5.7.2.1+dfsg-1+deb8u1.debian.tar.xz be43c98f371214c3d74a4b34a2a69784 56718 net optional snmpd_5.7.2.1+dfsg-1+deb8u1_amd64.deb 9588f224aa083f7fa5f1ce57eae646e0 23130 net optional snmptrapd_5.7.2.1+dfsg-1+deb8u1_amd64.deb 8213ab246dc41a484da019ef0f87745e 146918 net optional snmp_5.7.2.1+dfsg-1+deb8u1_amd64.deb 982acb39c8113bb8de50cd15ac1fd8af 1543180 libs optional libsnmp-base_5.7.2.1+dfsg-1+deb8u1_all.deb 154728715549f391396eacbb16befbb0 2157690 libs optional libsnmp30_5.7.2.1+dfsg-1+deb8u1_amd64.deb 9a3aa0e314db95e2d3686ff41336ee2e 2016220 debug extra libsnmp30-dbg_5.7.2.1+dfsg-1+deb8u1_amd64.deb bbf2b575350880e749ee7ba8cf824079 1073446 libdevel optional libsnmp-dev_5.7.2.1+dfsg-1+deb8u1_amd64.deb 56d99e1acf6b18708cf10a89c7ed340d 1459098 perl optional libsnmp-perl_5.7.2.1+dfsg-1+deb8u1_amd64.deb 39168839ac959c114fb02b4e715e4695 19682 python optional python-netsnmp_5.7.2.1+dfsg-1+deb8u1_amd64.deb b29a7c18e6407f45ed18442e6a0fafae 1430984 net optional tkmib_5.7.2.1+dfsg-1+deb8u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlq5BooACgkQHpU+J9Qx HljCvxAAoNfsXJq23Rcesh/s9patE1spVPRtRDmsIm+x04/lq/fMZ2uUQ0uR8mS7 UU2An2hobX72tXSA11LXfO+85dk1T83IYL2GvVKtK9VE4pDon9JK0nCjT4A5nqYW FYpKanhsdEEQ2x2V4nKgFjJA/m56xZxfHC8MR9tScrue9qkOwEq4wGnreCOMG3Ji zlIQIJLoRCh/ibinr5VoLdeEWLUoEF42ltip2LfkYmClzHMVeLjvykKWUEL8/IpV i4Orwqy2ju2useMHU8j9VCtVg3AZXP++Pcs+5CtN8lnz10OysxI2yDPYrWHgJMjO 5gvaJRhk8ZcFGUsHIjqp9eIKdHSyFVHT2xvTB+B03iVIRqBmg1UwpOL2ArrPGpjW qAMZ3zb2OFQ/SVWi9jn0uE9qe9E52t734f2/Psr9USHsf23EFDPzK/c0A5tgsWzZ beInhoBX59sok9u+jKu24fpyAB8wg746dRblJtAk1AG+lG+F5v2qef9RGbeXudA+ 7qVaUbiM1uxFt0xaXBZzoX6fhX4OI/jQYgl6vH2Q02Y3c+iLjeePC5JHmpdH5Pe6 r+cpj20XJgrqOVzpBEKi2xoUAnXfZlPHVDT4ZlRvHTpAS+DcmvTdCNhExK3iMufq BjQVkGK2wkOKHquKA5H4BnYwbnkXf0PyTmjlQIAqt/GZNF4yla4= =aVMt -----END PGP SIGNATURE-----
--- End Message ---
