* patch taken from upstream svn
"<sthen_p> makes sense if you can get it in before lock" on rui's diff
ok rui@ (MAINTAINER) who came up with the same diff
A bug in the getbulk handling code could let anyone with even minimal
access crash the agent.
(straight out of malloc(3) "be careful to avoid...")
ok rui@ (maintainer)
any problems on tested arch (including the ones that used to
have trouble).
- repair sysctl() use in cpu_sysctl.c, it was using the wrong
type and at least on some arch the system call was failing, so
because the code isn't careful about checking return codes and
thus used uninitialized space, it tried to allocate memory for
info structures for 128 million CPUs on one of my systems...
"definitely ok" rui@
A vulnerability has been reported in Net-SNMP, which can be exploited
by malicious people to spoof authenticated SNMPv3 packets.
The authentication code reads the length to be checked from sender
input, this allows the sender to supply single byte HMAC code and
have a 1 in 256 chance of matching the correct HMAC and authenticating,
as only the first byte will be checked. The sender would need to
know a valid username.
ok rui (maintainer)
