[packages/net-snmp] - updated to 5.9.3 (fixes CVE-2022-24805 CVE-2022-24806 CVE-2022-24807 CVE-2022-24808 CVE-2022-24809

qboosh qboosh at pld-linux.org
Sat Oct 8 16:28:03 CEST 2022 

commit 12a36c5c7780bbb8071cf596d022e93f12d12aac
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Sat Oct 8 16:28:31 2022 +0200

    - updated to 5.9.3 (fixes CVE-2022-24805 CVE-2022-24806 CVE-2022-24807 CVE-2022-24808 CVE-2022-24809 CVE-2022-24810)
    - updated link patch
    - removed obsolete openssl3 patch

 net-snmp-link.patch | 28 ++++++++++++++--------------
 net-snmp.spec       |  8 +++-----
 openssl3.patch      | 24 ------------------------
 3 files changed, 17 insertions(+), 43 deletions(-)
---
diff --git a/net-snmp.spec b/net-snmp.spec
index f0af0e9..dba3abf 100644
--- a/net-snmp.spec
+++ b/net-snmp.spec
@@ -24,12 +24,12 @@ Summary(pt_BR.UTF-8):	Agente SNMP da UCD
 Summary(ru.UTF-8):	Набор утилит для протокола SNMP от UC-Davis
 Summary(uk.UTF-8):	Набір утиліт для протоколу SNMP від UC-Davis
 Name:		net-snmp
-Version:	5.9.1
-Release:	4
+Version:	5.9.3
+Release:	1
 License:	BSD-like
 Group:		Networking/Daemons
 Source0:	https://downloads.sourceforge.net/net-snmp/%{name}-%{version}.tar.gz
-# Source0-md5:	e5ee202dfb15000342354d64f1837d19
+# Source0-md5:	11dc7dd91e3aadd6a6d953c7dd216574
 Source1:	%{name}d.init
 Source2:	%{name}d.conf
 Source3:	%{name}d.sysconfig
@@ -54,7 +54,6 @@ Patch12:	%{name}-TCP_STATS_CACHE_TIMEOUT.patch
 Patch13:	%{name}-logging.patch
 Patch14:	%{name}-Remove-U64-typedef.patch
 Patch15:	1314610.patch
-Patch16:	openssl3.patch
 URL:		http://www.net-snmp.org/
 BuildRequires:	autoconf >= 2.63
 BuildRequires:	automake
@@ -479,7 +478,6 @@ SNMP dla trzech wersji tego protokołu (SNMPv3, SNMPv2c, SNMPv1).
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
-%patch16 -p1
 
 %{__sed} -E -i -e '1s,#!\s*/usr/bin/env\s+perl(\s|$),#!%{__perl}\1,' \
       perl/SNMP/examples/pingmib.pl
diff --git a/net-snmp-link.patch b/net-snmp-link.patch
index f6a5587..3e72401 100644
--- a/net-snmp-link.patch
+++ b/net-snmp-link.patch
@@ -1,5 +1,5 @@
---- net-snmp-5.9.1/agent/Makefile.in.orig	2021-05-26 00:19:35.000000000 +0200
-+++ net-snmp-5.9.1/agent/Makefile.in	2022-02-06 19:58:48.005400223 +0100
+--- net-snmp-5.9.3/agent/Makefile.in.orig	2022-07-13 23:14:14.000000000 +0200
++++ net-snmp-5.9.3/agent/Makefile.in	2022-10-08 10:42:17.704677933 +0200
 @@ -111,7 +111,7 @@ INSTALLUCDHEADERS= \
  #
  # how to build it info
@@ -9,17 +9,17 @@
  AGENTLIB	= libnetsnmpagent.$(LIB_EXTENSION)$(LIB_VERSION)
  MIBLIB		= libnetsnmpmibs.$(LIB_EXTENSION)$(LIB_VERSION)
  
-@@ -300,11 +300,11 @@ snmpd$(EXEEXT):	${LAGENTOBJS} $(USELIBS)
+@@ -303,11 +303,11 @@ snmpd$(EXEEXT):	${LAGENTOBJS} $(USELIBS)
  	$(LINK) $(CFLAGS) -o $@ ${LAGENTOBJS} ${LDFLAGS} ${OUR_AGENT_LIBS}
  
  libnetsnmpagent.$(LIB_EXTENSION)$(LIB_VERSION):    ${LLIBAGENTOBJS} $(USELIBS)
--	$(LIB_LD_CMD) $(AGENTLIB) ${LLIBAGENTOBJS} $(USELIBS) ${LAGENTLIBS} @LD_NO_UNDEFINED@ $(LDFLAGS) $(PERLLDOPTS_FOR_LIBS) @AGENTLIBS@
-+	$(LIB_LD_CMD) $(AGENTLIB) ${LLIBAGENTOBJS} $(USELIBS) $(LDFLAGS) ${LAGENTLIBS} @LD_NO_UNDEFINED@ $(PERLLDOPTS_FOR_LIBS) @AGENTLIBS@
+-	$(LIB_LD_CMD) $(AGENTLIB) ${LLIBAGENTOBJS} $(USELIBS) ${LAGENTLIBS} $(LDFLAGS) $(PERLLDOPTS_FOR_LIBS) @AGENTLIBS@
++	$(LIB_LD_CMD) $(AGENTLIB) ${LLIBAGENTOBJS} $(LDFLAGS) $(USELIBS) ${LAGENTLIBS} $(PERLLDOPTS_FOR_LIBS) @AGENTLIBS@
  	$(RANLIB) $(AGENTLIB)
  
  libnetsnmpmibs.$(LIB_EXTENSION)$(LIB_VERSION): ${LMIBOBJS} $(AGENTLIB) $(USELIBS) subdirs
--	$(LIB_LD_CMD) $(MIBLIB) ${LMIBOBJS} $(AGENTLIB) $(USELIBS) @LD_NO_UNDEFINED@ $(LDFLAGS) ${LMIBLIBS} $(PERLLDOPTS_FOR_LIBS) @AGENTLIBS@
-+	$(LIB_LD_CMD) $(MIBLIB) ${LMIBOBJS} $(LDFLAGS) $(AGENTLIB) $(USELIBS) @LD_NO_UNDEFINED@ ${LMIBLIBS} $(PERLLDOPTS_FOR_LIBS) @AGENTLIBS@
+-	$(LIB_LD_CMD) $(MIBLIB) ${LMIBOBJS} $(AGENTLIB) $(USELIBS) $(LDFLAGS) ${LMIBLIBS} $(PERLLDOPTS_FOR_LIBS) @AGENTLIBS@
++	$(LIB_LD_CMD) $(MIBLIB) ${LMIBOBJS} $(LDFLAGS) $(AGENTLIB) $(USELIBS) ${LMIBLIBS} $(PERLLDOPTS_FOR_LIBS) @AGENTLIBS@
  	$(RANLIB) $(MIBLIB)
  
  agentlib: $(AGENTLIB)
@@ -57,9 +57,9 @@
  
  installsubdirlibs:
  	@if test "$(SUBDIRS)" != ""; then \
---- net-snmp-5.6/snmplib/Makefile.in.orig	2010-05-27 06:06:32.000000000 +0200
-+++ net-snmp-5.6/snmplib/Makefile.in	2010-10-24 10:35:59.615743558 +0200
-@@ -134,7 +134,6 @@
+--- net-snmp-5.9.3/snmplib/Makefile.in.orig	2022-07-13 23:14:14.000000000 +0200
++++ net-snmp-5.9.3/snmplib/Makefile.in	2022-10-08 10:43:23.604320924 +0200
+@@ -134,7 +134,6 @@ INSTALLUCDHEADERS=\
  
  # libraries
  INSTALLLIBS=libnetsnmp.$(LIB_EXTENSION)$(LIB_VERSION)
@@ -67,16 +67,16 @@
  
  #
  # Things to build
-@@ -200,11 +199,7 @@
+@@ -230,11 +229,7 @@ all: standardall
  
  # how to build the libraries.
  libnetsnmp.$(LIB_EXTENSION)$(LIB_VERSION):    $(TOBJS)
--	$(LIB_LD_CMD) $@ $(TOBJS) @LD_NO_UNDEFINED@ $(LDFLAGS) @LNETSNMPLIBS@
+-	$(LIB_LD_CMD) $@ $(TOBJS) $(LDFLAGS) @LNETSNMPLIBS@
 -	$(RANLIB) $@
 -
 -libsnmp.$(LIB_EXTENSION)$(LIB_VERSION):    $(TOBJS)
--	$(LIB_LD_CMD) $@ $(TOBJS) @LD_NO_UNDEFINED@ $(LDFLAGS) @LNETSNMPLIBS@
-+	$(LIB_LD_CMD) $@ $(TOBJS) @LD_NO_UNDEFINED@ $(LDFLAGS) @LNETSNMPLIBS@ @LIBS@
+-	$(LIB_LD_CMD) $@ $(TOBJS) $(LDFLAGS) @LNETSNMPLIBS@
++	$(LIB_LD_CMD) $@ $(TOBJS) $(LDFLAGS) @LNETSNMPLIBS@ @LIBS@
  	$(RANLIB) $@
  
  #
diff --git a/openssl3.patch b/openssl3.patch
deleted file mode 100644
index ad30114..0000000
--- a/openssl3.patch
+++ /dev/null
@@ -1,24 +0,0 @@
---- net-snmp-5.9/configure.d/config_os_libs2~	2020-08-14 23:41:47.000000000 +0200
-+++ net-snmp-5.9/configure.d/config_os_libs2	2021-10-05 22:08:41.470701151 +0200
-@@ -338,7 +338,7 @@
-             LIBS="$netsnmp_save_LIBS"
-         fi
-         netsnmp_save_LIBS="$LIBS"
--        LIBS="-lssl"
-+        LIBS="-lssl -lcrypto"
-         AC_CHECK_FUNCS([TLS_method TLSv1_method DTLS_method DTLSv1_method]dnl
-                        [SSL_library_init SSL_load_error_strings]dnl
- 		       [ERR_get_error_all])
---- net-snmp-5.9/snmplib/snmp_openssl.c~	2020-08-14 23:41:47.000000000 +0200
-+++ net-snmp-5.9/snmplib/snmp_openssl.c	2021-10-05 22:13:02.946834772 +0200
-@@ -901,8 +901,8 @@
-     unsigned long err;
-     for (err = ERR_get_error(); err; err = ERR_get_error()) {
-         snmp_log(LOG_ERR,"%s: %ld\n", prefix ? prefix: "openssl error", err);
--        snmp_log(LOG_ERR, "library=%d, function=%d, reason=%d\n",
--                 ERR_GET_LIB(err), ERR_GET_FUNC(err), ERR_GET_REASON(err));
-+        snmp_log(LOG_ERR, "library=%d, reason=%d\n",
-+                 ERR_GET_LIB(err), ERR_GET_REASON(err));
-     }
- }
- #endif /* NETSNMP_FEATURE_REMOVE_OPENSSL_ERR_LOG */
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/net-snmp.git/commitdiff/12a36c5c7780bbb8071cf596d022e93f12d12aac

More information about the pld-cvs-commit mailing list