Ah-ha, I see the problem now. This vulnerability was introduced after
all the versions of net-snmp that were in the archive at the time the
CVE was published. At some point Debian packaged the 5.4.x series from
a point that did not include the fix, which is why only Lucid and later
have the problem.
** Changed in: net-snmp (Ubuntu Maverick)
Status: Triaged => Fix Released
** Changed in: net-snmp (Ubuntu Lucid)
Status: Triaged => Fix Committed
--
CVE-2008-6123: not fixed in latest security releases
https://bugs.launchpad.net/bugs/331410
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-snmp in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
