Debian alert DLA-3088-1 (net-snmp) [LWN.net]


From:
               Thorsten Alteholz <debian@alteholz.de>
To:
               debian-lts-announce@lists.debian.org
Subject:
               [SECURITY] [DLA 3088-1] net-snmp security update
Date:
               Tue, 30 Aug 2022 21:26:32 +0000
Message-ID:
               <alpine.DEB.2.21.2208302124450.20954@postfach.intern.alteholz.me>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3088-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
August 30, 2022                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : net-snmp
Version        : 5.7.3+dfsg-5+deb10u3
CVE ID         : CVE-2022-24805 CVE-2022-24806 CVE-2022-24807
                  CVE-2022-24808 CVE-2022-24809 CVE-2022-24810


Yu Zhang and Nanyu Zhong discovered several vulnerabilities in net-snmp, a 
suite of Simple Network Management Protocol applications, which could 
result in denial of service or the execution of arbitrary code.


For Debian 10 buster, these problems have been fixed in version
5.7.3+dfsg-5+deb10u3.

We recommend that you upgrade your net-snmp packages.

For the detailed security status of net-snmp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/net-snmp

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmMOgIhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEe25g/9EzafycPNZkmu2SSBPWmfVO/2eMJ+j/nYXxHEWKQBa3Tn5MYwJgHDesnF
tzlzl+oDQdElE4DHowwouMARVkfHxyq8VQ1n7IP4MSwLUxo7TgNpMAOoZir/lp6x
bIouIKzQGPZMa+DdcHMK8G6QpVjR4wGmS0ub7ezN1xf3IX8YF71VhggCVhTiSLtA
9Rrtb0Nt5nhJiovYQr5+g+wZJYWYjK0TJ9StfworCZVoyc7ika70XzXTB2TcpDjS
Xnw4o6SuA1ZWM68B8f/+yTE/WgnBwgjINdhmXqRzlcSp408DKf8Drr/YsZZQ/TQt
4ta5V+4UUrNX6G6Xem/SObv2mlQYpocyF0yW2iWCLJ2wRGTr05as7lqZuO0CRN50
AH7SHjq7WG2o+5Vbf73vpC6NjCKB9cU0u9dNS1Y7z70sp4LjfyCB6OCabzIU0eez
XkJhHUvNE85A6vBoFc9tY5/tus+eKXTlObVKrRjzJPwQbXINrXOp3TemmuNJVJhv
zxDClX8u6lgwSgUG9e8Z2PWsuvd+96AZgLm8o75VSeJoPEVjcv0NKpblpOhocNoj
2Igs48+jHcNpRXT9YW/jqSyKelTaiJyR5nYa3BReF+kwn0cMDg6Wk7xnLjWfmHbj
RlhVgkl1du3626gDMqyGRe6te4kzRDPrqvfHcWTJSPY1Ds9HXsQ=
=06xK
-----END PGP SIGNATURE-----

From:		Thorsten Alteholz <debian@alteholz.de>
To:		debian-lts-announce@lists.debian.org
Subject:		[SECURITY] [DLA 3088-1] net-snmp security update
Date:		Tue, 30 Aug 2022 21:26:32 +0000
Message-ID:		<alpine.DEB.2.21.2208302124450.20954@postfach.intern.alteholz.me>