Debian 10225 Published by

A net-snmp security update has been released for Debian GNU/Linux 10 to address an issue that could result in denial of service or the execution of arbitrary code.



DLA 3088-1: net-snmp security update



- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3088-1 debian-lts@lists.debian.org
  https://www.debian.org/lts/security/ Thorsten Alteholz
August 30, 2022   https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : net-snmp
Version : 5.7.3+dfsg-5+deb10u3
CVE ID : CVE-2022-24805 CVE-2022-24806 CVE-2022-24807
CVE-2022-24808 CVE-2022-24809 CVE-2022-24810

Yu Zhang and Nanyu Zhong discovered several vulnerabilities in net-snmp, a
suite of Simple Network Management Protocol applications, which could
result in denial of service or the execution of arbitrary code.

For Debian 10 buster, these problems have been fixed in version
5.7.3+dfsg-5+deb10u3.

We recommend that you upgrade your net-snmp packages.

For the detailed security status of net-snmp please refer to
its security tracker page at:
  https://security-tracker.debian.org/tracker/net-snmp

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at:   https://wiki.debian.org/LTS