Skip to content

Commit 54cf456

Browse files
CBL-Mariner-Botarchana25-msKanishk BansalKanishk-Bansal
authored
Merge PR "[AUTO-CHERRYPICK] [CRITICAL] Upgrade net-snmp to 5.9.5.2 for CVE-2025-68615 - branch main" #15420
Co-authored-by: Archana Shettigar <v-shettigara@microsoft.com> Co-authored-by: Kanishk Bansal <kanbansal@microsoft.com> Co-authored-by: Kanishk Bansal <103916909+Kanishk-Bansal@users.noreply.github.com>
1 parent ce3b10b commit 54cf456

File tree

5 files changed

+51
-6
lines changed

5 files changed

+51
-6
lines changed
Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,38 @@
1+
diff --git a/isisd/isis_snmp.c b/isisd/isis_snmp.c
2+
index a184b5b..de56b85 100644
3+
--- a/isisd/isis_snmp.c
4+
+++ b/isisd/isis_snmp.c
5+
@@ -859,6 +859,7 @@ static int isis_snmp_area_addr_lookup_exact(oid *oid_idx, size_t oid_idx_len,
6+
struct area_addr *addr = NULL;
7+
struct listnode *addr_node;
8+
struct isis *isis = isis_lookup_by_vrfid(VRF_DEFAULT);
9+
+ int res;
10+
11+
if (isis == NULL)
12+
return 0;
13+
@@ -870,7 +871,7 @@ static int isis_snmp_area_addr_lookup_exact(oid *oid_idx, size_t oid_idx_len,
14+
15+
area = listgetdata(listhead(isis->area_list));
16+
17+
- int res = isis_snmp_conv_exact(cmp_buf, sizeof(cmp_buf), &addr_len,
18+
+ res = isis_snmp_conv_exact(cmp_buf, sizeof(cmp_buf), &addr_len,
19+
oid_idx, oid_idx_len);
20+
21+
22+
@@ -909,6 +910,7 @@ static int isis_snmp_area_addr_lookup_next(oid *oid_idx, size_t oid_idx_len,
23+
struct area_addr *addr = NULL;
24+
struct listnode *addr_node;
25+
struct isis *isis = isis_lookup_by_vrfid(VRF_DEFAULT);
26+
+ int res;
27+
28+
if (isis == NULL)
29+
return 0;
30+
@@ -920,7 +922,7 @@ static int isis_snmp_area_addr_lookup_next(oid *oid_idx, size_t oid_idx_len,
31+
32+
area = listgetdata(listhead(isis->area_list));
33+
34+
- int res = isis_snmp_conv_next(cmp_buf, sizeof(cmp_buf), &addr_len,
35+
+ res = isis_snmp_conv_next(cmp_buf, sizeof(cmp_buf), &addr_len,
36+
&try_exact, oid_idx, oid_idx_len);
37+
38+
if (!res)

SPECS/frr/frr.spec

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
Summary: Routing daemon
44
Name: frr
55
Version: 8.5.5
6-
Release: 3%{?dist}
6+
Release: 4%{?dist}
77
License: GPL-2.0-or-later
88
Vendor: Microsoft Corporation
99
Distribution: Mariner
@@ -18,6 +18,7 @@ Patch3: 0003-fips-mode.patch
1818
Patch4: 0004-remove-grpc-test.patch
1919
Patch5: CVE-2024-44070.patch
2020
Patch6: CVE-2024-55553.patch
21+
Patch7: 0001-Fix-frr-c90-complaint-error.patch
2122

2223
BuildRequires: autoconf
2324
BuildRequires: automake
@@ -200,6 +201,9 @@ rm tests/lib/*grpc*
200201
%{_sysusersdir}/%{name}.conf
201202

202203
%changelog
204+
* Mon Dec 29 2025 Archana Shettigar <v-shettigara@microsoft.com> - 8.5.5-4
205+
- Rebuilt for net-snmp version up with c90 fix
206+
203207
* Fri Jun 13 2025 Kanishk Bansal <kanbansal@microsoft.com> - 8.5.5-3
204208
- Backport Patch CVE-2024-55553
205209

SPECS/net-snmp/net-snmp.signatures.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,6 @@
22
"Signatures": {
33
"snmpd.service": "5e17bf9f66f2b77e1a6c6dff7356cecb8ed488ce3df361738a72b4436096b694",
44
"snmptrapd.service": "ef3e3dbe80c8ab455b30cd83db23db136263c1295ce2f23dcc4a1a1b60799229",
5-
"net-snmp-5.9.4.tar.gz": "8b4de01391e74e3c7014beb43961a2d6d6fa03acc34280b9585f4930745b0544"
5+
"net-snmp-5.9.5.2.tar.gz": "16707719f833184a4b72835dac359ae188123b06b5e42817c00790d7dc1384bf"
66
}
77
}

SPECS/net-snmp/net-snmp.spec

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
%global __requires_exclude perl\\(.*\\)
22
Summary: Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6.
33
Name: net-snmp
4-
Version: 5.9.4
4+
Version: 5.9.5.2
55
Release: 1%{?dist}
66
License: MIT
77
Vendor: Microsoft Corporation
@@ -123,10 +123,13 @@ popd
123123
%{_localstatedir}/run/net-snmp
124124

125125
%changelog
126+
* Mon Dec 29 2025 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 5.9.5.2-1
127+
- Auto-upgrade to 5.9.5.2 - for CVE-2025-68615
128+
126129
* Tue Apr 23 2024 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 5.9.4-1
127130
- Auto-upgrade to 5.9.4 - Fixes for CVE-2022-44792 and CVE-2022-44793
128131

129-
* Fri Apr 07 2022 Minghe Ren <mingheren@microsoft.com> - 5.9.1-2
132+
* Thu Apr 07 2022 Minghe Ren <mingheren@microsoft.com> - 5.9.1-2
130133
- Add net-snmp-lib subpackage and UCD-SNMP
131134

132135
* Fri Mar 04 2022 Minghe Ren <mingheren@microsoft.com> - 5.9.1-1

cgmanifest.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14133,8 +14133,8 @@
1413314133
"type": "other",
1413414134
"other": {
1413514135
"name": "net-snmp",
14136-
"version": "5.9.4",
14137-
"downloadUrl": "https://sourceforge.net/projects/net-snmp/files/net-snmp/5.9.4/net-snmp-5.9.4.tar.gz"
14136+
"version": "5.9.5.2",
14137+
"downloadUrl": "https://sourceforge.net/projects/net-snmp/files/net-snmp/5.9.5.2/net-snmp-5.9.5.2.tar.gz"
1413814138
}
1413914139
}
1414014140
},

0 commit comments

Comments
 (0)