1.129. net-snmp

Updated net-snmp packages that resolve several issues are now available.

The Simple Network Management Protocol (SNMP) is a protocol used for network management. The net-snmp packages include various SNMP tools:an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl MIB browser.

These updated net-snmp packages provide fixes for the following bugs:

* snmpd, the SNMP daemon, did not expect the packet counters in the /proc/net/snmp and /proc/net/snmp6 directories to be 64-bit on 64-bit systems. When these counters exceeded 32 bits in size, which would occur when the Linux kernel sent or received greater than 4,294,967,296 (2^32) packets, then the snmpd daemon would terminate abnormally. With this update, the snmpd daemon no longer crashes when it encounters a packet counter in the directories listed above that is greater than 32 bits in size, thus resolving the issue. (BZ#516183)

* snmpd, the SNMP daemon, contained several memory leaks in the ipNetToMediaTable module. These leaks caused snmpd to leak memory relatively slowly, but at a rate which could cause problems on machines with multi-month uptimes. These memory leaks have been plugged in these updated packages so that snmpd no longer leaks memory slowly. (BZ#517041)

All users of net-snmp are advised to upgrade to these updated packages, which resolve these issues.

Updated net-snmp packages that fix various bugs and add enhancements are now available.

The Simple Network Management Protocol (SNMP) is a protocol used for network management. The net-snmp packages include various SNMP tools: an extensible agent; an SNMP library; tools for requesting or setting information from SNMP agents; tools for generating and handling SNMP traps; a version of the netstat command which uses SNMP; and a Tk/Perl MIB browser.

These updated net-snmp packages provide fixes for the following bugs:

* when two default routes with the same content existed in the machine's routing table, the snmpd daemon could have entered an endless loop and logged the following error to syslog: "error on subcontainer 'dr_index' insert(-1)". Processing of the routing table has been improved in this update so that snmpd no longer enters an endless route when this occurs. (BZ#504742)

* on 64-bit systems experiencing very high network traffic, the snmpd daemon periodically logged the following message to syslog: "truncating integer value > 32 bits". With this update, snmpd correctly adjusts reported counters and no error is logged. (BZ#507528)

* the snmpd daemon did not expect the packet counters in the /proc/net/snmp and /proc/net/snmp6 directories to be 64-bit on 64-bit systems. When these counters exceeded 32 bits in size, which occurred when the Linux kernel sent or received greater than 4,294,967,296 (2^32) packets, then the snmpd daemon would terminate abnormally. With this update, the snmpd daemon no longer crashes when it encounters a packet counter in the directories listed above that is greater than 32 bits in size, thus resolving the issue. (BZ#514703)

* the snmpd daemon contained several memory leaks in the ipNetToMediaTable, mteEventSetTable and ipAddressPrefixTable objects. These slow memory leaks could have caused problems on machines with multi-month uptimes. These memory leaks have been plugged in these updated packages. (BZ#518633,

BZ#515650)

* this update ensures that the snmpd daemon is able to process and respond to broadcast UDP requests. (BZ#521175)

* header files contained within the net-snmp-devel package differed according to the architecture of the system, i386 or Itanium, they were installed on. Because net-snmp is a multilib package, this update moves architecture-dependent header files into separate files, thus allowing development packages for different architectures to be installed on the same system. (BZ#521820)

* the libnetsnmp shared object library maintains cached data in the /usr/share/snmp/mibs/.index file. Because this file did not have the proper SELinux context, SELinux denied applications write access to this file. This update ensures that this .index file is properly labeled with the correct SELinux context so that applications are permitted to access it. (BZ#523249)

* the snmpd daemon was unable to process requests to create a new User-Based Security Model (USM) veiw with Object ID components larger than 255. With ths update, snmpd is able to create new USM views with all valid OIDs. (BZ#527364)

* SNMP applications such as snmpget and snmpwalk reported "truncating unsigned value to 32 bits" errors on 64-bit achitectures when they received invalid SNMP responses from legacy systems. With this update, SNMP programs suppress these error messages when the received SNMP response can still be parsed. (BZ#528164)

* the snmpd daemon assumed that network interface hardware addresses were always 6 bytes in length. Hardware such as InfiniBand network cards can have addresses of a different size, in which case snmpd reported "ioctl 35123 returned -1" to syslog. With this update, snmpd does not make the 6-byte assumption, and this error is no longer logged. (BZ#543499)

* the snmpd daemon reported IP addresses in the ipCidrRouteTable object as 8 bytes on 64-bit hardware. This update ensures that snmpd reports IPv4 addresses as 4 bytes. (BZ#547698)

All SNMP users are advised to upgrade to these updated net-snmp packages, which resolve these issues and add these enhancements.