mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-09 01:57:40 +00:00
bf4a826c7d
Upgrade summary: ---------------- - drop 0002-configure-fix-a-cc-check-issue.patch, as it was replaced with upstream commit https://github.com/net-snmp/net-snmp/commit/dbb49acfa2af - drop 0001-snmpd-always-exit-after-displaying-usage.patch backport - rebase net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch manually - refresh patches with devtool to get rid of fuzz Changelog: ---------- *5.9.3*: security: - These two CVEs can be exploited by a user with read-only credentials: - CVE-2022-24805 A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. - These CVEs can be exploited by a user with read-write credentials: - CVE-2022-24806 Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously - CVE-2022-24807 A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. - CVE-2022-24808 A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. - To avoid these flaws, use strong SNMPv3 credentials and do not share them. If you must use SNMPv1 or SNMPv2c, use a complex community string and enhance the protection by restricting access to a given IP address range. - Thanks are due to Yu Zhang of VARAS@IIE and Nanyu Zhong of VARAS@IIE for reporting the following CVEs that have been fixed in this release, and to Arista Networks for providing fixes. Windows: - WinExtDLL: Fix multiple compiler warnings - WinExtDLL: Make long strings occupy a single line Make it easier to look up error messages in the source code by making long strings occupy a single source code line. - WinExtDLL: Restore MIB-II support Make winExtDLL work on 64-bit Windows systems") caused snmpd to skip MIB-II on 64-bit systems. IF-MIB: Update ifTable entries even if the interface name has changed At least on Linux a network interface index may be reused for a network interface with a different name. Hence this patch that enables replacing network interface information even if the network interface name has changed. unspecified: - Moved transport code into a separate subdirectory in snmplib - Snmplib: remove inline versions of container funcs". misc: - snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is expanded in ${datarootdir} so datarootdir must be set before @datadir@ is used. *5.9.2*: skipped due to a last minute library versioning found bug -- use 5.9.3 instead Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
meta-networking
===============
This layer is intended to be a central point for networking-related
packages and configuration. It should be useful directly on top of
oe-core and compliments meta-openembedded. It should be primarily useful
to the following groups:
- Anyone building a small networking device (eg. a home router /
bridge / switch).
- Anyone wanting to add network services to their device (eg.
anything that might benefit from a small ftp/tftp server)
Dependencies
------------
This layer depends on:
URI: git://git.openembedded.org/openembedded-core
branch: master
For some recipes, the meta-oe layer is required:
URI: git://git.openembedded.org/meta-openembedded
subdirectory: meta-oe
branch: master
URI: git://git.openembedded.org/meta-openembedded
subdirectory: meta-python
branch: master
Maintenance
-----------
Layer maintainers: Khem Raj <raj.khem@gmail.com>
Armin Kuster <akuster808@gmail.com> (recipes-netkit)
Please see the MAINTAINERS file for information on contacting the
maintainers of this layer, as well as instructions for submitting patches.