Security update for net-snmp
SUSE Security Update: Security update for net-snmp
This update to net-snmp resolves the following issues:
* Specially crafted SNMP GET requests could cause a
denial of service (application crash) via a heap-based
out-out-bounds read flaw which could be exploited remotely
(CVE-2012-2141).
* The snmpd agent should read shared memory information
from /proc/meminfo when running on Linux Kernel 2.6 or
newer (bnc#762887).
* The snmpd agent could crash when an AgentX sub-agent
disconnects in the middle of a request (bnc#670789).
* After rotating the net-snmp log file, use
"try-restart" to restart the daemon. Reloading with a
SIGHUP signal may trigger crashes when dynamic modules
(dlmod) are in use (bnc#762433).
Security Issue reference:
* CVE-2012-2141
>
http://support.novell.com/security/cve/CVE-2012-2141.html
https://bugzilla.novell.com/670789
https://bugzilla.novell.com/759352
https://bugzilla.novell.com/762433
https://bugzilla.novell.com/762887
http://download.suse.com/patch/finder/?keywords=59f077255350ef94a864a7c48ecca695
| Announcement ID: | SUSE-SU-2012:0888-1 |
| Rating: | moderate |
| References: | #670789 #759352 #762433 #762887 |
| Affected Products: |
An update that solves one vulnerability and has three fixes is now available.
Description:
This update to net-snmp resolves the following issues:
* Specially crafted SNMP GET requests could cause a
denial of service (application crash) via a heap-based
out-out-bounds read flaw which could be exploited remotely
(CVE-2012-2141).
* The snmpd agent should read shared memory information
from /proc/meminfo when running on Linux Kernel 2.6 or
newer (bnc#762887).
* The snmpd agent could crash when an AgentX sub-agent
disconnects in the middle of a request (bnc#670789).
* After rotating the net-snmp log file, use
"try-restart" to restart the daemon. Reloading with a
SIGHUP signal may trigger crashes when dynamic modules
(dlmod) are in use (bnc#762433).
Security Issue reference:
* CVE-2012-2141
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP2:
zypper in -t patch sdksp1-libsnmp15-6517 - SUSE Linux Enterprise Software Development Kit 11 SP1:
zypper in -t patch sdksp1-libsnmp15-6517 - SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp1-libsnmp15-6517 - SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-libsnmp15-6517 - SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-libsnmp15-6517 - SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp1-libsnmp15-6517 - SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-libsnmp15-6517
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64):
- net-snmp-devel-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Software Development Kit 11 SP2 (x86_64):
- libsnmp15-32bit-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Software Development Kit 11 SP2 (ppc64):
- net-snmp-devel-32bit-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64 s390x x86_64):
- net-snmp-devel-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (x86_64):
- libsnmp15-32bit-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Software Development Kit 11 SP1 (ppc64):
- net-snmp-devel-32bit-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64):
- libsnmp15-5.4.2.1-8.12.10.1
- net-snmp-5.4.2.1-8.12.10.1
- perl-SNMP-5.4.2.1-8.12.10.1
- snmp-mibs-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Server 11 SP2 (ppc64 s390x x86_64):
- libsnmp15-32bit-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Server 11 SP2 (ia64):
- libsnmp15-x86-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
- libsnmp15-5.4.2.1-8.12.10.1
- net-snmp-5.4.2.1-8.12.10.1
- perl-SNMP-5.4.2.1-8.12.10.1
- snmp-mibs-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):
- libsnmp15-32bit-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
- libsnmp15-5.4.2.1-8.12.10.1
- net-snmp-5.4.2.1-8.12.10.1
- perl-SNMP-5.4.2.1-8.12.10.1
- snmp-mibs-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):
- libsnmp15-32bit-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Server 11 SP1 (ia64):
- libsnmp15-x86-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64):
- libsnmp15-5.4.2.1-8.12.10.1
- net-snmp-5.4.2.1-8.12.10.1
- perl-SNMP-5.4.2.1-8.12.10.1
- snmp-mibs-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Desktop 11 SP2 (x86_64):
- libsnmp15-32bit-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
- libsnmp15-5.4.2.1-8.12.10.1
- net-snmp-5.4.2.1-8.12.10.1
- perl-SNMP-5.4.2.1-8.12.10.1
- snmp-mibs-5.4.2.1-8.12.10.1
- SUSE Linux Enterprise Desktop 11 SP1 (x86_64):
- libsnmp15-32bit-5.4.2.1-8.12.10.1