Compare commits
13 Commits
Author | SHA1 | Date |
---|---|---|
Tom Callaway | 042ee9a1a8 | |
Jan Safranek | 8086ba9a5b | |
Jan Safranek | a151384dba | |
Jan Safranek | d2a97c8a98 | |
Jan Safranek | 071eca2b77 | |
Jan Safranek | 1a21e09692 | |
Jan Safranek | 96506c45a9 | |
Dan Horák | 006d211008 | |
Jan Safranek | a86ea61287 | |
Jan Safranek | de37ec93ad | |
Jan Safranek | 371b68d836 | |
Jan Safranek | e6fb813c13 | |
Jan Safranek | b3f9805afe |
|
@ -0,0 +1,41 @@
|
|||
MIBs included in this software taken from IETF Documents are considered
|
||||
Code Components in accordance with the IETF Trust License Policy, as found
|
||||
here:
|
||||
|
||||
http://trustee.ietf.org/license-info/
|
||||
|
||||
They are available under the terms of the Simplified BSD license, a copy of
|
||||
which is included below.
|
||||
|
||||
*****
|
||||
|
||||
Copyright (c) 2013 IETF Trust and the persons identified as authors of
|
||||
the code. All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
met:
|
||||
|
||||
· Redistributions of source code must retain the above copyright notice,
|
||||
this list of conditions and the following disclaimer.
|
||||
|
||||
· Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
|
||||
· Neither the name of Internet Society, IETF or IETF Trust, nor the
|
||||
names of specific contributors, may be used to endorse or promote
|
||||
products derived from this software without specific prior written
|
||||
permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS
|
||||
IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
|
||||
OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
||||
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
||||
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
@ -0,0 +1,21 @@
|
|||
commit 4c5633f1603e4bd03ed05c37d782ec8911759c47
|
||||
Author: Robert Story <rstory@freesnmp.com>
|
||||
Date: Mon May 14 11:40:06 2012 -0400
|
||||
|
||||
NEWS: snmp: BUG: 3526549: CVE-2012-2141 Array index error leading to crash
|
||||
|
||||
diff --git a/agent/mibgroup/agent/extend.c b/agent/mibgroup/agent/extend.c
|
||||
index d00475f..1f8586a 100644
|
||||
--- a/agent/mibgroup/agent/extend.c
|
||||
+++ b/agent/mibgroup/agent/extend.c
|
||||
@@ -1299,6 +1299,10 @@ handle_nsExtendOutput2Table(netsnmp_mib_handler *handler,
|
||||
* Determine which line we've been asked for....
|
||||
*/
|
||||
line_idx = *table_info->indexes->next_variable->val.integer;
|
||||
+ if (line_idx < 1 || line_idx > extension->numlines) {
|
||||
+ netsnmp_set_request_error(reqinfo, request, SNMP_NOSUCHINSTANCE);
|
||||
+ continue;
|
||||
+ }
|
||||
cp = extension->lines[line_idx-1];
|
||||
|
||||
/*
|
|
@ -0,0 +1,51 @@
|
|||
Bug 789441 - net-snmp reports incorrect used disk space for large filesystems
|
||||
|
||||
From upstream git:
|
||||
|
||||
commit 76ff25d9bf97579e7213102065fd5096f049a4c5
|
||||
Author: Bart Van Assche <bvanassche@acm.org>
|
||||
Date: Fri Oct 7 14:13:18 2011 +0200
|
||||
|
||||
CHANGES: snmpd: HOST-RESOURCES-MIB::hrStorageTable: fix bug in handling large filesystems, where large means above 8 TB (= 2**31 * 4096 bytes).
|
||||
|
||||
This patch fixes a bug introduced in commit
|
||||
71d8293f387a6cd66bb0dbb13c0f50174d2e678b.
|
||||
For the original bug report, see also
|
||||
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=3419825&group_id=12694.
|
||||
|
||||
diff --git a/agent/mibgroup/hardware/fsys/hw_fsys.c b/agent/mibgroup/hardware/fsys/hw_fsys.c
|
||||
index c96284e..be698b2 100644
|
||||
--- a/agent/mibgroup/hardware/fsys/hw_fsys.c
|
||||
+++ b/agent/mibgroup/hardware/fsys/hw_fsys.c
|
||||
@@ -321,19 +321,23 @@ netsnmp_fsys_avail( netsnmp_fsys_info *f) {
|
||||
|
||||
/* recalculate f->size_32, used_32, avail_32 and units_32 from f->size & comp.*/
|
||||
void
|
||||
-netsnmp_fsys_calculate32( netsnmp_fsys_info *f)
|
||||
+netsnmp_fsys_calculate32(netsnmp_fsys_info *f)
|
||||
{
|
||||
unsigned long long s = f->size;
|
||||
- unsigned long long u = f->units;
|
||||
- int factor = 0;
|
||||
+ unsigned shift = 0;
|
||||
+
|
||||
while (s > INT32_MAX) {
|
||||
s = s >> 1;
|
||||
- u = u << 1;
|
||||
- factor++;
|
||||
+ shift++;
|
||||
}
|
||||
|
||||
f->size_32 = s;
|
||||
- f->units_32 = u;
|
||||
- f->avail_32 = f->avail << factor;
|
||||
- f->used_32 = f->used << factor;
|
||||
+ f->units_32 = f->units << shift;
|
||||
+ f->avail_32 = f->avail >> shift;
|
||||
+ f->used_32 = f->used >> shift;
|
||||
+
|
||||
+ DEBUGMSGTL(("fsys", "Results of 32-bit conversion: size %llu -> %lu;"
|
||||
+ " units %llu -> %lu; avail %llu -> %lu; used %llu -> %lu\n",
|
||||
+ f->size, f->size_32, f->units, f->units_32,
|
||||
+ f->avail, f->avail_32, f->used, f->used_32));
|
||||
}
|
|
@ -11,7 +11,7 @@
|
|||
Summary: A collection of SNMP protocol tools and libraries
|
||||
Name: net-snmp
|
||||
Version: 5.7.1
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}.1
|
||||
Epoch: 1
|
||||
|
||||
License: BSD
|
||||
|
@ -29,6 +29,7 @@ Source8: net-snmptrapd.sysconfig
|
|||
Source9: net-snmp-tmpfs.conf
|
||||
Source10: snmpd.service
|
||||
Source11: snmptrapd.service
|
||||
Source12: IETF-MIB-LICENSE.txt
|
||||
Patch1: net-snmp-5.6-pie.patch
|
||||
Patch2: net-snmp-5.5-dir-fix.patch
|
||||
Patch3: net-snmp-5.6-multilib.patch
|
||||
|
@ -40,6 +41,8 @@ Patch8: net-snmp-5.6.1-mysql.patch
|
|||
Patch9: net-snmp-5.7.1-systemd.patch
|
||||
Patch10: net-snmp-5.7-libtool.patch
|
||||
Patch11: net-snmp-5.7-mibs-perl-linking.patch
|
||||
Patch12: net-snmp-5.7-hrStorage-units.patch
|
||||
Patch13: net-snmp-5.7-CVE-2012-2141.patch
|
||||
|
||||
Requires(post): chkconfig
|
||||
Requires(preun): chkconfig
|
||||
|
@ -184,6 +187,7 @@ The net-snmp-sysvinit package provides SysV init scripts for Net-SNMP daemons.
|
|||
|
||||
%prep
|
||||
%setup -q
|
||||
cp %{SOURCE12} .
|
||||
|
||||
%ifnarch ia64
|
||||
%patch1 -p1 -b .pie
|
||||
|
@ -203,6 +207,8 @@ The net-snmp-sysvinit package provides SysV init scripts for Net-SNMP daemons.
|
|||
%patch9 -p1 -b .systemd
|
||||
%patch10 -p1 -b .libtool
|
||||
%patch11 -p1 -b .mibs-perl
|
||||
%patch12 -p1 -b .hrStorage-units
|
||||
%patch13 -p1 -b .CVE-2012-2141
|
||||
|
||||
%ifarch sparc64 s390 s390x
|
||||
# disable failing test - see https://bugzilla.redhat.com/show_bug.cgi?id=680697
|
||||
|
@ -421,6 +427,7 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||
%doc README README.agent-mibs README.agentx README.krb5 README.snmpv3
|
||||
%doc local/passtest local/ipf-mod.pl
|
||||
%doc README.thread AGENT.txt PORTING local/README.mib2c README.systemd
|
||||
%doc IETF-MIB-LICENSE.txt
|
||||
%dir %{_sysconfdir}/snmp
|
||||
%config(noreplace,missingok) %{_sysconfdir}/snmp/snmpd.conf
|
||||
%config(noreplace,missingok) %{_sysconfdir}/snmp/snmptrapd.conf
|
||||
|
@ -491,6 +498,7 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||
%files libs
|
||||
%defattr(-,root,root)
|
||||
%doc COPYING README ChangeLog.trimmed FAQ NEWS TODO
|
||||
%doc IETF-MIB-LICENSE.txt
|
||||
%{_libdir}/libnetsnmp.so.*
|
||||
%dir %{_datadir}/snmp
|
||||
%dir %{_datadir}/snmp/mibs
|
||||
|
@ -509,6 +517,14 @@ rm -rf ${RPM_BUILD_ROOT}
|
|||
%{_initrddir}/snmptrapd
|
||||
|
||||
%changelog
|
||||
* Thu Feb 14 2013 Tom Callaway <spot@fedoraproject.org> 1:5.7.1-5.1
|
||||
- add missing IETF MIB license text (BSD)
|
||||
|
||||
* Mon Oct 22 2012 Jan Safranek <jsafrane@redhat.com> - 1:5.7.1-5
|
||||
- fixed units in hrStorageTable and hrFSTable (#789441)
|
||||
- fixed CVE-2012-2141: Array index error, leading to out-of heap-based
|
||||
buffer read
|
||||
|
||||
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:5.7.1-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||
|
||||
|
|
Loading…
Reference in New Issue