[Pkg-net-snmp-devel] Bug#963713: net-snmp: CVE-2019-20892
Salvatore Bonaccorso
carnil at debian.org
Sun Jun 28 13:26:49 BST 2020
Hi Andreas,
On Fri, Jun 26, 2020 at 06:31:44PM -0300, Andreas Hasenack wrote:
> I believe it was introduced in 5.8. The previous version we had was 5.7.3
> and we didn't reproduce it there.
I can confirm that it is not reproducible with the buster version with
the avalable reproducer, but I was still searching evidence via a code
change/upstream commit where the issue was really introduced.
If you find/found so, could you please update us as well with that
informaation so we can sync up the security-tracker information.
Thanks for your work!
Regards,
Salvatore
More information about the Pkg-net-snmp-devel
mailing list