[Pkg-net-snmp-devel] Bug#483588: libsnmp-perl: Fix for CVE-2008-2292 (#482333) breaks OCTETSTR parsing
Peter Hicks
peter.hicks at poggs.co.uk
Thu May 29 16:59:54 UTC 2008
Package: libsnmp-perl
Version: 5.4.1~dfsg-7.1
Severity: important
Bug #482333 addresses CVE-2008-2292, a buffer overflow in __snprint_value.
However, this also breaks the perl module, which returns garbage for any
OCTETSTRs passed back.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.25-angel-poggs (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libsnmp-perl depends on:
ii libc6 2.7-11 GNU C Library: Shared libraries
ii libsnmp15 5.4.1~dfsg-7.1 SNMP (Simple Network Management Pr
ii perl 5.10.0-10 Larry Wall's Practical Extraction
ii perl-base [perlapi-5.10.0 5.10.0-10 The Pathologically Eclectic Rubbis
libsnmp-perl recommends no packages.
-- no debconf information
More information about the Pkg-net-snmp-devel
mailing list