Every time I have to interact with sourceforge it reminds me how backward the site is. I have had so many 503 errors, comments disappearing from bug reports or some truly bizzare happenings in text boxes where the words repeat.
I'm so glad I moved my stuff off it, originally due to the previous owners dodgy behavior but now for all this.
An update! They looked at the net-snmp bug again and there was a fix already, just not in the current release.
Amazing how two simple lines can ruin your day.
WordPress version 5.2.3 is now out which is a security release. It fixes a bunch of XSS problems and some sanitization problems. Debian packages soon.
Let's see if stock snmpd has this bug too eh?
Done some work on #psmisc tonight, mainly some merge requests and bug fixes.
Matching NFS still can cause problems (they changed the way NFS "looks" in the proc filesystem) but I merged in some changes so it hangs less, I hope.
peekd will also work with ARM64 CPUs after someone gave me a patch for that.
I was looking at the net-snmp code trying to work out the differences between the PID file generating code for snmpd and snmptrapd.
🔹 snmpd uses open() with permissions of 0600
🔹 snmptrapd uses fopen() with permissions of 0644
Given there on my system there is only one other PID file with 0600 I patched snmpd to use 0644.
That should mean you're ok for most current WordPress security bugs except for CVE-2019-8943 which is a path traversal bug. I think it's fixed for WordPress proper but many modules are still vulnerable.
I've been triaging a bunch of net-snmp bugs on the #debian bug tracker tonight. There are a lot of old ones for versions of net-snmp long gone.
Strangely there are old bugs that are still there, like why are the permissions for snmp and snmptrapd pid files different?
Clearing out the old ones means I can concentrate on what is left.
The Debian specific patches are now applying cleanly so the next steps are
* to make sure it compiles
* Fix it when it surely won't
* Look at the Debian bugs and fix/close those
It's a pretty big codebase that takes forever to compile so it won't be a fast process.
I just realised my intro went when my instance crashed all those months ago.
My day job is a senior #networkengineer working on some very large and strange computer networks.
Free Software programmer, network engineer and Debian developer.
100% tomato verified. 🍅✔
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!