rpms/net-snmp/devel net-snmp-5.3-5.3.0.1.patch, NONE, 1.1 net-snmp.spec, 1.61, 1.62
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Jan 18 09:07:14 UTC 2006
Author: rvokal
Update of /cvs/dist/rpms/net-snmp/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv26841
Modified Files:
net-snmp.spec
Added Files:
net-snmp-5.3-5.3.0.1.patch
Log Message:
Security fix. Bug granting write access to read-only users
or communities which were configured using the "rocommunity"
or "rouser" snmpd.conf tokens fixed
net-snmp-5.3-5.3.0.1.patch:
agent/mibgroup/mibII/vacm_conf.c | 6 +++---
testing/tests/T030snmpv3usercreation | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
--- NEW FILE net-snmp-5.3-5.3.0.1.patch ---
diff -rdu net-snmp-5.3/agent/mibgroup/mibII/vacm_conf.c net-snmp-5.3.0.1/agent/mibgroup/mibII/vacm_conf.c
--- net-snmp-5.3/agent/mibgroup/mibII/vacm_conf.c 2005-12-20 02:46:11.000000000 +0100
+++ net-snmp-5.3.0.1/agent/mibgroup/mibII/vacm_conf.c 2006-01-14 00:23:36.000000000 +0100
@@ -927,7 +927,7 @@
view_ptr = NULL;
}
- if (viewtypes & VACM_VIEW_WRITE)
+ if (viewtypes & VACM_VIEW_WRITE_BIT)
rw = viewname;
commcount++;
@@ -1008,8 +1008,8 @@
/*
* map everything together
*/
- if (viewtypes == VACM_VIEW_READ ||
- viewtypes == (VACM_VIEW_READ || VACM_VIEW_WRITE)) {
+ if ((viewtypes == VACM_VIEW_READ_BIT) ||
+ (viewtypes == (VACM_VIEW_READ_BIT | VACM_VIEW_WRITE_BIT))) {
/* Use the simple line access command */
/*
* access anonymousGroupNameNUM "" MODEL AUTHTYPE prefix anonymousViewNUM [none/anonymousViewNUM] [none/anonymousViewNUM]
diff -rdu net-snmp-5.3/testing/tests/T030snmpv3usercreation net-snmp-5.3.0.1/testing/tests/T030snmpv3usercreation
--- net-snmp-5.3/testing/tests/T030snmpv3usercreation 2005-11-25 00:14:38.000000000 +0100
+++ net-snmp-5.3.0.1/testing/tests/T030snmpv3usercreation 2006-01-14 02:05:18.000000000 +0100
@@ -24,7 +24,7 @@
NEWAUTHPRIVPASS=newauthprivpass
# configure agent
-CONFIGAGENT rouser $NEWUSER
+CONFIGAGENT rwuser $NEWUSER
# Start the agent
STARTAGENT
Index: net-snmp.spec
===================================================================
RCS file: /cvs/dist/rpms/net-snmp/devel/net-snmp.spec,v
retrieving revision 1.61
retrieving revision 1.62
diff -u -r1.61 -r1.62
--- net-snmp.spec 2 Jan 2006 12:00:12 -0000 1.61
+++ net-snmp.spec 18 Jan 2006 09:06:56 -0000 1.62
@@ -3,7 +3,7 @@
Summary: A collection of SNMP protocol tools and libraries.
Name: net-snmp
Version: 5.3
-Release: 1
+Release: 2
License: BSDish
Group: System Environment/Daemons
URL: http://net-snmp.sourceforge.net/
@@ -25,6 +25,7 @@
#Patch10: net-snmp-5.1.1-ipAdEntIfIndex.patch
Patch12: net-snmp-5.1.2-dir-fix.patch
Patch19: net-snmp-5.2.1-file_offset.patch
+Patch20: net-snmp-5.3-5.3.0.1.patch
Prereq: /sbin/chkconfig
Obsoletes: ucd-snmp
@@ -124,6 +125,7 @@
%patch9 -b .64bit
%patch12 -p1 -b .dir-fix
%patch19 -p1 -b .file_offset
+%patch20 -p1 -b .5.3.0.1
# Do this patch with a perl hack...
perl -pi -e "s|'\\\$install_libdir'|'%{_libdir}'|" ltmain.sh
@@ -307,6 +309,11 @@
%{_libdir}/*.a
%changelog
+* Wed Jan 18 2006 Radek Vokal <rvokal at redhat.com> 5.3-2
+- Security fix. Bug granting write access to read-only users
+ or communities which were configured using the "rocommunity"
+ or "rouser" snmpd.conf tokens fixed
+
* Fri Dec 30 2005 Radek Vokal <rvokal at redhat.com>
- upgrade to 5.3
More information about the fedora-cvs-commits
mailing list