Hello, On Tue Feb 24, 2026 at 3:50 PM CET, FA via lists.openembedded.org wrote: > I would like to know if there is a plan to upgrade net-snmp to 5.9.5.
FYI, net-snmp is in meta-openembedded/meta-networking, the correct mailing list to use is [email protected]. > I see that we backporting all the vulnerabilities and important fixes to > 5.9.4 in LTS branch (scarthgap). > > As per NVD, it recommends upgrading to 5.9.5/5.10.pre2 to address > CVE-2025-68615. > > https://nvd.nist.gov/vuln/detail/CVE-2025-68615 > > Since vulnerable tools report, net-snmp 5.9.4 is vulnerable to > CVE-2025-68615, despite the fix is backported to 5.9.4, raises a false > alarm among users. > > I think it's better we upgrade LTS branch NetSNMP to version 5.9.5. > > Regards, > Feroz Ahmed Regards, -- Yoann Congal Smile ECS
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#232066): https://lists.openembedded.org/g/openembedded-core/message/232066 Mute This Topic: https://lists.openembedded.org/mt/117990392/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
