From 2cd51388ab7fceb492081cd45f0060f0730676d9 Mon Sep 17 00:00:00 2001 From: CBL-Mariner Servicing Account Date: Tue, 23 Dec 2025 14:08:43 +0000 Subject: [PATCH 1/3] Upgrade net-snmp to 5.9.5 for CVE-2025-68615 --- SPECS/net-snmp/net-snmp.signatures.json | 2 +- SPECS/net-snmp/net-snmp.spec | 5 ++++- cgmanifest.json | 4 ++-- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/SPECS/net-snmp/net-snmp.signatures.json b/SPECS/net-snmp/net-snmp.signatures.json index b66781eb87d..4dc03d9cdab 100644 --- a/SPECS/net-snmp/net-snmp.signatures.json +++ b/SPECS/net-snmp/net-snmp.signatures.json @@ -2,6 +2,6 @@ "Signatures": { "snmpd.service": "5e17bf9f66f2b77e1a6c6dff7356cecb8ed488ce3df361738a72b4436096b694", "snmptrapd.service": "ef3e3dbe80c8ab455b30cd83db23db136263c1295ce2f23dcc4a1a1b60799229", - "net-snmp-5.9.4.tar.gz": "8b4de01391e74e3c7014beb43961a2d6d6fa03acc34280b9585f4930745b0544" + "net-snmp-5.9.5.tar.gz": "07f94f06a8d681485e43eeec4f190d9bea43e1b335146d0de466b6de3f3f4c5a" } } diff --git a/SPECS/net-snmp/net-snmp.spec b/SPECS/net-snmp/net-snmp.spec index 1583c9d897e..48d609d6c65 100644 --- a/SPECS/net-snmp/net-snmp.spec +++ b/SPECS/net-snmp/net-snmp.spec @@ -1,7 +1,7 @@ %global __requires_exclude perl\\(.*\\) Summary: Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6. Name: net-snmp -Version: 5.9.4 +Version: 5.9.5 Release: 1%{?dist} License: MIT Vendor: Microsoft Corporation @@ -123,6 +123,9 @@ popd %{_localstatedir}/run/net-snmp %changelog +* Tue Dec 23 2025 CBL-Mariner Servicing Account - 5.9.5-1 +- Auto-upgrade to 5.9.5 - for CVE-2025-68615 + * Tue Apr 23 2024 CBL-Mariner Servicing Account - 5.9.4-1 - Auto-upgrade to 5.9.4 - Fixes for CVE-2022-44792 and CVE-2022-44793 diff --git a/cgmanifest.json b/cgmanifest.json index 378aee69be4..9a96058ea48 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -14133,8 +14133,8 @@ "type": "other", "other": { "name": "net-snmp", - "version": "5.9.4", - "downloadUrl": "https://sourceforge.net/projects/net-snmp/files/net-snmp/5.9.4/net-snmp-5.9.4.tar.gz" + "version": "5.9.5", + "downloadUrl": "https://sourceforge.net/projects/net-snmp/files/net-snmp/5.9.5/net-snmp-5.9.5.tar.gz" } } }, From 6c7a8332542e7355dfa5ab212b30c9c65b942009 Mon Sep 17 00:00:00 2001 From: Kanishk Bansal Date: Tue, 23 Dec 2025 17:48:16 +0000 Subject: [PATCH 2/3] Fix Build Failure Signed-off-by: Kanishk Bansal --- SPECS/net-snmp/net-snmp.spec | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/SPECS/net-snmp/net-snmp.spec b/SPECS/net-snmp/net-snmp.spec index 48d609d6c65..273438eaa45 100644 --- a/SPECS/net-snmp/net-snmp.spec +++ b/SPECS/net-snmp/net-snmp.spec @@ -48,6 +48,7 @@ binaries and applications. %build MIBS="ucd-snmp/diskio" +export NETSNMP_DONT_CHECK_VERSION=1 %configure \ --host=ia64-linux \ @@ -129,7 +130,7 @@ popd * Tue Apr 23 2024 CBL-Mariner Servicing Account - 5.9.4-1 - Auto-upgrade to 5.9.4 - Fixes for CVE-2022-44792 and CVE-2022-44793 -* Fri Apr 07 2022 Minghe Ren - 5.9.1-2 +* Thu Apr 07 2022 Minghe Ren - 5.9.1-2 - Add net-snmp-lib subpackage and UCD-SNMP * Fri Mar 04 2022 Minghe Ren - 5.9.1-1 From f3fae88d05c8bf98a121b0493b9c9dd45c49dcae Mon Sep 17 00:00:00 2001 From: Kanishk Bansal <103916909+Kanishk-Bansal@users.noreply.github.com> Date: Wed, 24 Dec 2025 16:18:22 +0530 Subject: [PATCH 3/3] Change SNMP version to 5.9.5 Update version from 5.9.4 to 5.9.5 in configure script. --- SPECS/net-snmp/net-snmp.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SPECS/net-snmp/net-snmp.spec b/SPECS/net-snmp/net-snmp.spec index 273438eaa45..00f7dcb0cc4 100644 --- a/SPECS/net-snmp/net-snmp.spec +++ b/SPECS/net-snmp/net-snmp.spec @@ -45,10 +45,10 @@ binaries and applications. %prep %autosetup +sed -i 's/5\.9\.4/5\.9\.5/g' configure %build MIBS="ucd-snmp/diskio" -export NETSNMP_DONT_CHECK_VERSION=1 %configure \ --host=ia64-linux \