Debian 10267 Published by

A net-snmp security update has been released for Debian GNU/Linux 8 Extended LTS to address a privilege escalation vulnerability.



ELA-257-1 net-snmp security update

Package net-snmp
Version 5.7.2.1+dfsg-1+deb8u4
Related CVEs CVE-2020-15861 CVE-2020-15862

A privilege escalation vulnerability was discovered in Net-SNMP due to incorrect symlink handling (CVE-2020-15861).

This security update also applies an upstream fix to their previous handling of CVE-2020-15862 as part of ELA-252-1.

For Debian 8 Jessie, these problems have been fixed in version 5.7.2.1+dfsg-1+deb8u4.

We recommend that you upgrade your net-snmp packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-257-1 net-snmp security update