Please Install the Updated Packages.

These packages provide various libraries and tools for the Simple Network Management Protocol (SNMP). An out-of-bounds buffer read flaw was found in the net-snmp agent. A remote attacker with read privileges to a Management Information Base (MIB) subtree handled by the &quot extend&quot directive (in &quot /etc/snmp/snmpd.conf&quot ) could use this flaw to crash snmpd via a crafted SNMP GET request. (CVE-2012-2141) Bug fixes: * Devices that used certain file systems were not reported in the &quot HOST-RESOURCES-MIB::hrStorageTable&quot table. As a result, the snmpd daemon did not recognize devices using tmpfs, ReiserFS, and Oracle Cluster File System (OCFS2) file systems. This update recognizes these devices and reports them in the &quot HOST-RESOURCES-MIB::hrStorageTable&quot table. (BZ#754652, BZ#755958, BZ#822061) * The snmptrapd (8) man page did not correctly describe how to load multiple configuration files using the &quot -c&quot option. This update describes correctly that multiple configuration files must be separated by a comma. (BZ#760001) * Integers truncated from 64 to 32-bit were not correctly evaluated. As a consequence, the snmpd daemon could enter an endless loop when encoding the truncated integers to network format. This update modifies the underlying code so that snmpd correctly checks truncated 64-bit integers. Now, snmpd avoids an endless loop. (BZ#783892) * snmpd did not correctly check for interrupted system calls when enumerating existing IPv6 network prefixes during startup. As a consequence, snmpd could prematurely exit when receiving a signal during this enumeration. This update checks the network prefix enumeration code for interrupted system calls. Now, snmpd no longer terminates when a signal is received. (BZ#799699) * snmpd used the wrong length of COUNTER64 values in the AgentX protocol. As a consequence, snmpd could not decode two consecutive COUNTER64 values in one AgentX packet. This update uses the correct COUNTER64 size and can process two or mode COUNTER64 values in AgentX communication. (BZ#803585) * snmpd ignored the &quot -e&quot parameter of the &quot trapsess&quot option in the snmpd configuration file. As a result, outgoing traps were incorrectly sent with the default EngineID of snmpd when configuring &quot trapsess&quot with an explicit EngineID. This update modifies the underlying code to send outgoing traps using the EngineID as specified in the &quot trapsess -e&quot parameter in the configuration file. (BZ#805689) * snmpd did not cor ... Description truncated, for more information please check the Reference URL

net-snmp on CentOS 5

• http://lists.centos.org/pipermail/centos-announce/2013-January/019127.html

---

Updated on 2015-03-25