[Pkg-net-snmp-devel] Bug#966544: snmpd: extend option broken after update
Salvatore Bonaccorso
carnil at debian.org
Sat Aug 1 07:37:17 BST 2020
Hi Felix and all,
On Fri, Jul 31, 2020 at 03:36:54PM +0200, Felix Sperling wrote:
> Hi,
>
> we were also effected from the update 5.7.3+dfsg-1.7+deb9u2 causing lots of
> broken icinga checks.
>
> Our workaround is pinning 5.7.3+dfsg-1.7+deb9u1.
>
> What's unclear from the solution if 5.8 also will be available in stretch
> and buster which we need. Otherwise it would be great to enable extend in
> 5.7.3 for those versions.
5.8+dfsg-5 cannot go to buster and stretch, so this is not an option.
For buster the update the maintainer (Craig Small) is planning for the
security update is mirroring what went into unstable.
As 5.7.3+dfsg-1.7+deb9u2 went out as DLA 2299-1, I'm looping in here
the LTS team. LTS team: Would suggest to issue a regression update for
the DLA and revisit the fix for CVE-2020-15862 to do the same, not to
disable EXTEND-MIB completely but making it read-only.
Hope this helps so far,
Regards,
Salvatore
More information about the Pkg-net-snmp-devel
mailing list