Comment 8 for bug 164007

This bug was fixed in the package net-snmp - 5.3.1-6ubuntu2.1

---------------
net-snmp (5.3.1-6ubuntu2.1) gutsy-security; urgency=low

  * SECURITY UPDATE: CVE-2007-5846 (LP: #164007)
    The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to
    cause a denial of service (CPU and memory consumption) via a GETBULK request
    with a large max-repeaters value.
  * debian/patches/50_CVE-2007-5846.patch,
    debian/patches/50_CVE-2007-5846.README:
    Applied patch from upstream and explanation
    (Link: http://sourceforge.net/tracker/index.php?func=detail&aid=1712988&group_id=12694&atid=112694 )
  * References:
    CVE-2007-5846

 -- Stephan Hermann <email address hidden> Tue, 20 Nov 2007 22:06:58 +0100