24797203 OpenStack RBAC profiles allow reading too many files
24797238 keystone RBAC and SMF should point at Apache log files
24797256 cinder RBAC and SMF should point at Apache log files
24830959 horizon RBAC and SMF should point at Apache log files
# http://sourceforge.net/p/net-snmp/code/ci/76e8d6d100320629d8a23be4b0128619600c919d/
# CVE-2014-2285
# https://security-tracker.debian.org/tracker/CVE-2014-2285
# The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in
# Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows
# remote attackers to cause a denial of service (snmptrapd crash) via an empty
# community string in an SNMP trap, which triggers a NULL pointer dereference
# within the newSVpv function in Perl.
#
# Fix picked from upstream. Will be available in 5.7.3 and above.
#
--- net-snmp-5.7.2.1/perl/TrapReceiver/TrapReceiver.xs Wed Feb 19 16:36:42 2014
+++ TrapReceiver.xs Thu Oct 30 02:48:45 2014
@@ -81,18 +81,18 @@
STOREPDUi("securitymodel", pdu->securityModel);
STOREPDUi("securitylevel", pdu->securityLevel);
STOREPDU("contextName",
- newSVpv(pdu->contextName, pdu->contextNameLen));
+ newSVpv(pdu->contextName ? pdu->contextName : "", pdu->contextNameLen));
STOREPDU("contextEngineID",
- newSVpv((char *) pdu->contextEngineID,
+ newSVpv(pdu->contextEngineID ? (char *) pdu->contextEngineID : "",
pdu->contextEngineIDLen));
STOREPDU("securityEngineID",
- newSVpv((char *) pdu->securityEngineID,
+ newSVpv(pdu->securityEngineID ? (char *) pdu->securityEngineID : "",
pdu->securityEngineIDLen));
STOREPDU("securityName",
- newSVpv((char *) pdu->securityName, pdu->securityNameLen));
+ newSVpv(pdu->securityName ? (char *) pdu->securityName : "", pdu->securityNameLen));
} else {
STOREPDU("community",
- newSVpv((char *) pdu->community, pdu->community_len));
+ newSVpv(pdu->community ? (char *) pdu->community : "", pdu->community_len));
}
if (transport && transport->f_fmtaddr) {