[Buildroot] [2025.02.x, PATCH] package/netsnmp: revert drop stale ignore CVE entries
Arnout Vandecappelle
arnout at rnout.be
Thu Oct 30 08:14:56 UTC 2025
On 27/10/2025 22:37, Thomas Perale via buildroot wrote:
> In commit [1] the package netsnmp was bumped on master to version 5.9.4.
> This version included fixes for CVE that were already patched in
> buildroot and thus was not picked on the LTS branch.
>
> As a consequence, the commit [2] was made on master which removed the
> stale 'IGNORE_CVES' for the patches no longer presents. This commit was
> wrongly picked on the LTS branch.
>
> This reverts commit [3] which was included in 2025.02.x to set the
> 'IGNORE_CVES' back to the state of version 5.9.3.
>
> [1] 1799cfebfd package/netsnmp: bump to version 5.9.4
> [2] 4a3eab8341 package/netsnmp: drop stale ignore CVE entries
> [3] 3ef8c1d0db package/netsnmp: drop stale ignore CVE entries
>
> Signed-off-by: Thomas Perale <thomas.perale at mind.be>
Applied to 2025.02.x, thanks.
Regards,
Arnout
> ---
> package/netsnmp/netsnmp.mk | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/package/netsnmp/netsnmp.mk b/package/netsnmp/netsnmp.mk
> index 7cd31ff209..6575ff1afa 100644
> --- a/package/netsnmp/netsnmp.mk
> +++ b/package/netsnmp/netsnmp.mk
> @@ -11,6 +11,10 @@ NETSNMP_LICENSE = Various BSD-like
> NETSNMP_LICENSE_FILES = COPYING
> NETSNMP_CPE_ID_VENDOR = net-snmp
> NETSNMP_CPE_ID_PRODUCT = $(NETSNMP_CPE_ID_VENDOR)
> +# 0001-snmp_agent-disallow-SET-with-NULL-varbind.patch
> +NETSNMP_IGNORE_CVES = \
> + CVE-2022-44792 \
> + CVE-2022-44793
> NETSNMP_SELINUX_MODULES = snmp
> NETSNMP_INSTALL_STAGING = YES
> NETSNMP_CONF_ENV = \
More information about the buildroot
mailing list