[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Does this require an update to stable

Hi All,

I received the attached bug report on my snmpd package.  Ordinarily, I
would fix it and upload a new version.  The problem is that the
version in question (4.2.3) no longer provides the snmpd package since
it has been superceded by a major, new version (5.0.3).  For testing
and unstable, the old version now only provides the library packages.
Furthermore, there already is a way to control the snmptrapd daemon by
setting the appropriate variable in /etc/default/snmp.  Should I
direct the user to use /etc/default/snmp and close this report or
should I update the older version and request it go into stable only?

David Engel
--- Begin Message ---
Package: snmpd
Version: 4.2.3-2
Severity: normal
Tags: security

Hi there!

To stop snmptrapd from starting I always remove the
/etc/snmp/snmptrapd.conf file. Today after rebooting the machine I
noticed snmptrapd running. This could be tracked to a missing '-f' in
the check for the existence of the conffile.

Since starting networked services which are should be stopped 
is no good idea, I tagged this security.

Thank you for your time and work.

Regards, David Schmitt

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux helios 2.4.18 #1 Fri Jun 14 17:48:18 CEST 2002 i686
Locale: LANG=C, LC_CTYPE=de_AT

Versions of packages snmpd depends on:
ii  libc6                         2.2.5-11.1 GNU C Library: Shared libraries an
ii  libsnmp4.2                    4.2.3-2    NET SNMP (Simple Network Managemen
ii  libwrap0                      7.6-9      Wietse Venema's TCP wrappers libra

--- End Message ---

Reply to: