Security update for net-snmp (important)

2018-10-24T15:16:26
ID OPENSUSE-SU-2018:3381-1
Type suse
Reporter Suse
Modified 2018-10-24T15:16:26

Description

This update for net-snmp fixes the following issues:

Security issues fixed:

  • CVE-2018-18065: _set_key in agent/helpers/table_container.c had a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. (bsc#1111122)

Non-security issues fixed:

  • swintst_rpm: Protect against unspecified Group name (bsc#1102775)
  • Add tsm and tlstm MIBs and the USM security module. (bsc#1081164)
  • Fix agentx freezing on timeout (bsc#1027353)

This update was imported from the SUSE:SLE-15:Update update project.