- roll in a security fix for SA33884, which could disclose sensitive information

* patch taken from upstream svn

"<sthen_p> makes sense if you can get it in before lock" on rui's diff
ok rui@ (MAINTAINER) who came up with the same diff

net/net-snmp/Makefile

@@ -1,11 +1,11 @@
-# $OpenBSD: Makefile,v 1.37 2008/12/22 10:43:59 sthen Exp $
+# $OpenBSD: Makefile,v 1.38 2009/02/13 09:39:38 jasper Exp $
 
 COMMENT-main=	extendable SNMP implementation
 COMMENT-perl=	SNMP modules for Perl
 
 V=		5.4.2.1
 DISTNAME=	net-snmp-${V}
-PKGNAME-main=	${DISTNAME}p0
+PKGNAME-main=	${DISTNAME}p1
 PKGNAME-perl=	p5-SNMP-${V}p0
 SHARED_LIBS=	netsnmp		8.0	\
 		netsnmpagent	8.1	\

net/net-snmp/patches/patch-snmplib_snmpUDPDomain_c

@@ -0,0 +1,23 @@
+$OpenBSD: patch-snmplib_snmpUDPDomain_c,v 1.1 2009/02/13 09:39:38 jasper Exp $
+
+Fix for SA33884, which could disclose sensitive information.
+Patch taken from upstream svn, -r17367. 
+
+--- snmplib/snmpUDPDomain.c.orig	Fri Feb 13 10:20:08 2009
++++ snmplib/snmpUDPDomain.c	Fri Feb 13 10:21:07 2009
+@@ -104,12 +104,12 @@ netsnmp_udp_fmtaddr(netsnmp_transport *t, void *data, 
+ 	char tmp[64];
+         to = (struct sockaddr_in *) &(addr_pair->remote_addr);
+         if (to == NULL) {
+-            sprintf(tmp, "UDP: [%s]->unknown",
++            sprintf(tmp, "UDP: unknown->[%s]",
+                     inet_ntoa(addr_pair->local_addr));
+         } else {
+-            sprintf(tmp, "UDP: [%s]->", inet_ntoa(addr_pair->local_addr));
+-            sprintf(tmp + strlen(tmp), "[%s]:%hd",
++            sprintf(tmp, "UDP: [%s]:%hu->",
+                     inet_ntoa(to->sin_addr), ntohs(to->sin_port));
++	    sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr));
+         }
+         return strdup(tmp);
+     }