net-snmp (5.7.2~dfsg-8.1ubuntu3) trusty; urgency=medium
* SECURITY UPDATE: denial of service via AgentX subagent timeout
- debian/patches/CVE-2012-6151.patch: track cancelled sessions in
agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
include/net-snmp/agent/snmp_agent.h.
- CVE-2012-6151
* SECURITY UPDATE: denial of service when ICMP-MIB is in use
- debian/patches/CVE-2014-2284.patch: fix ICMP mib table handling in
agent/mibgroup/mibII/icmp.c, agent/mibgroup/mibII/kernel_linux.*.
- CVE-2014-2284
* SECURITY UPDATE: denial of service in perl trap handler
- debian/patches/CVE-2014-2285.patch: handle empty community string in
perl/TrapReceiver/TrapReceiver.xs.
- CVE-2014-2285
-- Marc Deslauriers <email address hidden> Tue, 08 Apr 2014 08:17:14 -0400
