New pre-release versions of the 5.4.x and 5.2.x agents are
now available from the SourceForge download servers.
These are mostly bug fixes over the previous releases.
Details of the more significant changes and relevant tracker
entries are attached.
Note that both of these versions contain the fix for
CVE-2008-4309 (which was also included in the security
releases 5.2.5.1 and 5.4.2.1)
The 5.2.6 release is envisaged as being the final version
on the 5.2.x line. No further development is planned on
this branch.
Please try this code on your systems (particularly if you have
access to relatively unusual environments or O/Ss), and let us
know of any problems you might encounter.
Download URLs:
http://sourceforge.net/projects/net-snmp/files/net-snmp/5.2.6_pre-releases/
http://sourceforge.net/projects/net-snmp/files/net-snmp/5.4.3_pre-releases/
Dave
This file contains a list of specific bugs that have been fixed, and patches
that have been applied in released versions. Please see the NEWS file for
a summary of the major changes, and the ChangeLog file for a comprehensive
listing of all changes made to the code.
*5.2.6*
snmplib:
- [BUG 2027834]: Extend string print buffer by the minimum necessary
- [BUG 2217367]: Fix a memory leak (backport of Patch 1616912)
- [BUG 2838243]: Correct the output of unsigned values
- [BUG 2919320]: Avoid accessing freed memory
- [BUG 2922390]: Fix test for missing contextName parameter
- [PATCH 2003450]: Fix a couple of 64-bit problems
- [PATCH 2043018]: Fix recvfrom hangs
- [PATCH 2258229]: Remove misleading comment
- [PATCH 2479700]: Fix zoned IP address used as table indices
- [PATCH 2505488]: Fix alarm behaviour on large clock skews
- [PATCH 2538169]: Prevent infinite retries for invalid error-index
- [PATCH 2689362]: Fix handling of IPv6 hostnames
- [PATCH 2713841]: Fix runtime errors triggered by high-ASCII chars
- Change the parsing of ranges to accept all valid values
- Ensure O_CREATE mask is always specified
- Make -LN stop dumping core.
- Make bad debug levels report the offending symbol
snmpd:
- [BUG 1693039]: Be silent when insert fails
- [BUG 2003144]: Increase size of AgentX packet build buffer
- [BUG 2023803]: Remove irrelevant configure dependency (HP-UX 11)
- [BUG 2822360]: Fix memory leak when building table OIDs
- [BUG 2841008]: Protect against crash following failed AgentX response
- [BUG 2894059]: Handle errors when counting interfaces
- [BUG 2914410]: Fix crash on empty command lines
- [PATCH 1550730]: Report errors from iterator-based handlers
- [PATCH 1944581]: Don't core dump on long string index values
- [PATCH 1977439]: Fix pass/_persist bug with SET oid value
- [PATCH 2014204]: Support -g {groupname}
- [PATCH 2022936]: Fix AgentX Counter64 decoding on 64-bit architectures
- [PATCH 2082726]: correctly report NIC speeds higher than 4Gbit/s
- [PATCH 2124288]: Fix setting of usmUserPrivProtocol at creation
- [PATCH 2384779]: Fix handling of GetBulk with N>0,M==0
- [PATCH 2693670]: Don't open AgentX sockets if other transports fail
- [PATCH 2877518]: Fix handling of scoped AgentX variables
- [PATCH 2883155]: Fix memory leak in proxy handling.
- [PATCH 2887816]: Protect against division-by-zero crash
- [PATCH 2912584]: Fix null OID handling in Agentx on 64bit
- Ensure O_CREATE mask is always specified
- Fix CVE-2008-4309 (GETBULK issue reported by Oscar Mira-Sanchez)
- Fix memory leak when multiple interfaces have the same IPv6 address
- Fix possible crash when 64-bit counters exceed 2^32
- Fix two bugs with smux password support.
- Improve parsing of -LS command line argument
- Support large HW addresses (>6bytes)
snmptrapd:
- Remove glibc-specific printf-formatting tokens
apps:
- [BUG 1964136]: Drop NULL type from snmpset usage
- [BUG 2811577]: Fix bug in GetBulk handling
- Improve parsing of -LS command line argument
snmptable:
- [BUG 2837998]: Handle missing instance subidentifiers in results
build:
- Limit the use of _KERNEL definitions in configure
- [BUG 2023803]: Compilation problems on HP-UX 11.31
- [BUG 2782700]: build failure when using --with-pkcs on Solaris
- [PATCH 1681035]: improve net-snmp-config /bin/sh compatibility
- [PATCH 1899762]: Tweak embedded_perl configure checks
- [PATCH 2184039]: Misc fixes for freeing memory
- add --with-temp-file-pattern configure option
documentation:
- [BUG 2027129]: fix typo in snmpcmd.1
mib2c:
- [BUG 2827269]: Suppress non-ordered TODO comments
- [BUG 2888569]: Fix generation of table columns array
- [PATCH 2316127]: Fix bug in iterate_access generated code
perl:
- [BUG 1554817]: Fix class assigment so getRootOID works properly
- [PATCH 2021444]: Support SNMPv2c in gettable
- [PATCH 2022948]: Fix for Counter64 in perl subagent
- [PATCH 2890931]: Better handling of Counter64 values
AIX:
- [BUG 2712670]: Agent crashes on AIX with hrStorage
*BSD:
- Fix a make test
HP:
- UX: BUG: 2779472: Filesystems missing in hrStorage
Solaris:
- [PATCH 2012404]: deal with more than 10 interfaces
- [PATCH 2751588]: Fix inconsistent/zero data being reported
- Protect against missing package version
Win32:
- [PATCH 2688342]: Fix various VS2005 compiler warnings
This file contains a list of specific bugs that have been fixed, and patches
that have been applied in released versions. Please see the NEWS file for
a summary of the major changes, and the ChangeLog file for a comprehensive
listing of all changes made to the code.
* 5.4.3 *
snmplib:
- [BUG 2838243]: Correct the output of unsigned values.
- [BUG 2919320]: Avoid accessing freed memory
- [BUG 2922390]: Fix test for missing contextName parameter
- [PATCH 2043018]: fix recvfrom hangs
- [PATCH 2258229]: Remove misleading comment
- [PATCH 2479700]: Fix zoned IP address used as table indices
- [PATCH 2492377]: Fix typo/bug in snmp_enable_callback()
- [PATCH 2505488]: Fix alarm behaviour on large clock skews
- [PATCH 2538169]: Prevent infinite retries for invalid error-index
- [PATCH 2688345]: Fix netsnmp_assert() for Visual Studio
- [PATCH 2689362]: Fix handling of IPv6 hostnames
- [PATCH 2713841]: Fix runtime errors triggered by high-ASCII chars
- [PATCH 2780411]: Fix compiler warnings
- [PATCH 2797251]: Fix memory leaks
- [PATCH 2871747]: Fix memory leak in OID processing
- Change the parsing of ranges to accept all valid values
- Ensure O_CREATE mask is always specified
- Fix extern "C" wrapping
- Make -LN stop dumping core.
- Make bad debug levels report the offending symbol
snmpd:
- [BUG 1693039]: Be silent when insert fails.
- [BUG 2822360]: Fix memory leak when building table OIDs
- [BUG 2841008]: Protect against crash following failed AgentX response
- [BUG 2873858]: Fix handling of schedOwner index.
- [BUG 2894059]: Handle errors when counting interfaces
- [BUG 2897000]: Suppress 32-bit counter truncation warnings.
- [BUG 2914410]: Fix crash on empty command lines
- [BUG 2924140]: Fix termination of CPU/FPU types
- [PATCH 1257347]: Non-fixed size connection buffer
- [PATCH 1550730]: Report errors from iterator-based handlers
- [PATCH 1977439]: Fix pass/_persist bug with SET oid value
- [PATCH 2012402]: Handle failure to look up interface error counters
- [PATCH 2082726]: correctly report NIC speeds higher than 4Gbit/s
- [PATCH 2124288]: Fix setting of usmUserPrivProtocol at creation
- [PATCH 2162652]: Fix simple hrfs checks when NFS is in use
- [PATCH 2384779]: Fix handling of GetBulk with N>0,M==0
- [PATCH 2686280]: Report duplicate registrations as an error
- [PATCH 2693670]: Don't open AgentX sockets if other transports fail
- [PATCH 2791417]: Fix snmpd segfault when run with -DALL
- [PATCH 2797251]: Support multiple initialisation and shutdown
- [PATCH 2822337]: Fix memory leak in ipAddressPrefixTable
- [PATCH 2877518]: Fix handling of scoped AgentX variables
- [PATCH 2883155]: Fix memory leak in proxy handling.
- [PATCH 2887816]: Protect against division-by-zero crash
- [PATCH 2901029]: Fix compiler warning on CloseHandle()
- [PATCH 2911323]: Fix agent lockup when monitoring AgentX-delegated
information
- [PATCH 2912584]: Fix null OID handling in Agentx on 64bit
- Allow "monitor" to handle negative threshold values
- Clean up notification
- Ensure O_CREATE mask is always specified
- Fix CVE-2008-4309 (GETBULK issue reported by Oscar Mira-Sanchez)
- Fix creation of views using snmpusm
- Fix invalid access to memory in TCP-MIB
- Fix logging of 'truncating integer values' in IP-MIB and TCP-MIB
- Fix memory leak when multiple interfaces have the same IPv6 address
- Fix possible crash when 64-bit counters exceed 2^32
- Fix two bugs with smux password support
- Fix udpTable indexes on big-endian 64bit Linux.
- Improve parsing of -LS command line argument
- Register CPU/memory hardware modules with nsCacheTable
- Support large HW addresses (>6bytes)
snmptrapd:
- [PATCH 2726302]: Pass results of Perl trap handlers to trap daemon
- Remove glibc-specific printf-formatting tokens
snmptable:
- [BUG 2837998]: Handle missing instance subidentifiers in results
apps:
- [BUG 2811577]: Fix bug in GetBulk handling
- Improve parsing of -LS command line argument
build:
- [BUG 2095983]: Fix errors in find-requires helper script
- [BUG 2782700]: Build failure when using --with-pkcs on Solaris
- [PATCH 2184039]: Misc fixes for freeing memory
docs:
- [PATCH 2788072]: Document 'logmatch' functionality.
- [PATCH 2795739]: Fix incorrect disk/file size descriptions & unit
specifiers
mib2c:
- [BUG 2827269]: Suppress non-ordered TODO comments
- [BUG 2888569]: Fix generation of table columns array
- [PATCH 2136437]: Improve 64-bit handling of large table FLAG defines
- [PATCH 2316127]: Fix bug in iterate_access generated code.
perl:
- [BUG 1554817]: Fix class assigment so getRootOID works properly
- [PATCH 2022948]: Fix for Counter64 in perl subagent
- [PATCH 2182079]: Fix various warnings & allow use of "use strict"
- [PATCH 2361712]: Fix getbulk optimization during walks
- [PATCH 2793857]: Report failed asynchronous requests
- [PATCH 2890931]: Better handling of Counter64 values.
python:
- [BUG 2258935]: Python Extension Module fails on Solaris
- [BUG 2919379]: Initialise SNMP sessions properly
- [PATCH 2074817]: Fix regexp engine CPU performance issues
- [PATCH 2260828]: Fix python snmpwalk memory leak
- [PATCH 2580979]: Fix python session pointers on 64-bit systems
- [PATCH 2667415]: Support "UseNumeric" option
AIX:
- [BUG 2712670]: Agent crashes on AIX with hrStorage
*BSD:
- [PATCH 2435793]: Support 64-bit IF-MIB counters on sysctl systems
- Fix a make test
HP-UX:
- [BUG 2779472]: Filesystems missing in hrStorage table (HP-UX 11.31)
- [PATCH 2088726]: Fix an issue reporting negative memory values
Linux:
- [BUG 2822355]: Fix memory leaks on udpEndpointTable
Solaris:
- [PATCH 2012404]: Deal with more than 10 interfaces
- [PATCH 2406378]: Fix hrSWRunPerfMem on 64-bit Solaris systems
- [PATCH 2751588]: Inconsistent data (e.g. UDP/TCP MIB scalar values
of zero) can be reported on Solaris 10U4+
- Protect against missing package version
Win32:
- [BUG 2779541]: Fixed handle leak in pass_persist
- [PATCH 2686248]: Applied patch by Bart Van Assche
- [PATCH 2688342]: Fix various VS2005 compiler warnings
- [PATCH 2691876]: Applied patch by rdiez to allow
- [PATCH 2693746]: improved socket startup support
------------------------------------------------------------------------------
Throughout its 18-year history, RSA Conference consistently attracts the
world's best and brightest in the field, creating opportunities for Conference
attendees to learn about information security's most important issues through
interactions with peers, luminaries and emerging and established companies.
http://p.sf.net/sfu/rsaconf-dev2dev
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
