[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#966544: snmpd: extend option broken after update

Hi Felix and all,

On Sat, Aug 01, 2020 at 08:37:17AM +0200, Salvatore Bonaccorso wrote:
> Hi Felix and all,
> On Fri, Jul 31, 2020 at 03:36:54PM +0200, Felix Sperling wrote:
> > Hi,
> > 
> > we were also effected from the update 5.7.3+dfsg-1.7+deb9u2 causing lots of
> > broken icinga checks.
> > 
> > Our workaround is pinning 5.7.3+dfsg-1.7+deb9u1.
> > 
> > What's unclear from the solution if 5.8 also will be available in stretch
> > and buster which we need. Otherwise it would be great to enable extend in
> > 5.7.3 for those versions.
> 5.8+dfsg-5 cannot go to buster and stretch, so this is not an option.
> For buster the update the maintainer (Craig Small) is planning for the
> security update is mirroring what went into unstable.
> As 5.7.3+dfsg-1.7+deb9u2 went out as DLA 2299-1, I'm looping in here
> the LTS team. LTS team: Would suggest to issue a regression update for
> the DLA and revisit the fix for CVE-2020-15862 to do the same, not to
> disable EXTEND-MIB completely but making it read-only.

This should be handled with DLA 2313-1[1].

 [1] https://lists.debian.org/debian-lts-announce/2020/08/msg00009.html


Reply to: