[Pkg-net-snmp-commits] r247 - branches/net-snmp54/debian
jochen at alioth.debian.org
jochen at alioth.debian.org
Wed Jul 9 13:42:42 UTC 2008
Author: jochen
Date: 2008-07-09 13:42:41 +0000 (Wed, 09 Jul 2008)
New Revision: 247
Modified:
branches/net-snmp54/debian/changelog
Log:
Import NMU release net-snmp_5.4.1~dfsg-8.1
Modified: branches/net-snmp54/debian/changelog
===================================================================
--- branches/net-snmp54/debian/changelog 2008-07-09 13:41:17 UTC (rev 246)
+++ branches/net-snmp54/debian/changelog 2008-07-09 13:42:41 UTC (rev 247)
@@ -1,3 +1,13 @@
+net-snmp (5.4.1~dfsg-8.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * This update fixes the following security issue:
+ - CVE-2008-0960: The authentication code relies on the client specified
+ HMAC length which makes it easier for an attacker to match a correct HMAC
+ and authentication if a single byte HMAC is supplied (Closes: #485945)
+
+ -- Nico Golde <nion at debian.org> Thu, 12 Jun 2008 22:22:52 +0200
+
net-snmp (5.4.1~dfsg-8) unstable; urgency=low
* NACK NMU as the patch broke perl (Closes: #483588)
More information about the Pkg-net-snmp-commits
mailing list