Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Net-SNMP: Multiple vulnerabilities — GLSA 202008-12

Multiple vulnerabilities have been found in Net-SNMP, the worst of which could result in privilege escalation.

Affected packages

Package net-analyzer/net-snmp on all architectures
Affected versions < 5.8.1_pre1
Unaffected versions >= 5.8.1_pre1

Background

Net-SNMP bundles software for generating and retrieving SNMP data.

Description

Multiple vulnerabilities have been discovered in Net-SNMP. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All Net-SNMP users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose
 ">=net-analyzer/net-snmp-5.8.1_pre1"

References

Release date
August 26, 2020

Latest revision
August 26, 2020: 1

Severity
normal

Exploitable
local, remote

Bugzilla entries