This is the mail archive of the
ecos-patches@sourceware.org
mailing list for the eCos project.
fix SNMP vulnerability fix
- From: Bart Veer <bartv at ecoscentric dot com>
- To: ecos-patches at ecos dot sourceware dot org
- Date: Wed, 02 Jul 2008 20:46:53 +0100
- Subject: fix SNMP vulnerability fix
The previous patch to fix an SNMP vulnerability
(http://ecos.sourceware.org/ml/ecos-patches/2008-06/msg00003.html) was
incomplete. This sorts it out.
Bart
Index: ChangeLog
===================================================================
RCS file: /cvs/ecos/ecos-opt/snmp/lib/current/ChangeLog,v
retrieving revision 1.15
diff -u -r1.15 ChangeLog
--- ChangeLog 11 Jun 2008 13:14:09 -0000 1.15
+++ ChangeLog 2 Jul 2008 19:43:44 -0000
@@ -1,3 +1,8 @@
+2008-07-02 Bart Veer <bartv@ecoscentric.com>
+
+ * include/snmpusm.h: add missing definition needed for the CERT
+ fix below.
+
2008-06-11 Jonathan Larmour <jifl@eCosCentric.com>
* src/scapi.c: Fix CVE-2008-0960 (CERT/CC VU#481564).
Index: include/snmpusm.h
===================================================================
RCS file: /cvs/ecos/ecos-opt/snmp/lib/current/include/snmpusm.h,v
retrieving revision 1.4
diff -u -r1.4 snmpusm.h
--- include/snmpusm.h 23 May 2002 23:08:17 -0000 1.4
+++ include/snmpusm.h 2 Jul 2008 19:46:15 -0000
@@ -112,6 +112,7 @@
#define USM_MAX_KEYEDHASH_LENGTH 128 /* In BITS. */
#define USM_TIME_WINDOW 150
+#define USM_MD5_AND_SHA_AUTH_LEN 12 /* bytes */
/*