Synopsis:	Moderate: net-snmp security update
Issue date:	2009-06-25
CVE Names:	CVE-2009-1887

A divide-by-zero flaw was discovered in the snmpd daemon. A remote 
attacker could issue a specially-crafted GETBULK request that could 
crash the snmpd daemon. (CVE-2009-1887)

Note: An attacker must have read access to the SNMP server in order to
exploit this flaw. In the default configuration, the community name
"public" grants read-only access. In production deployments, it is
recommended to change this default community name.

After installing the update, the snmpd and snmptrapd daemons will be 
restarted automatically.

SL 3.0.x

      SRPMS:
net-snmp-5.0.9-2.30E.28.src.rpm
      i386:
net-snmp-5.0.9-2.30E.28.i386.rpm
net-snmp-devel-5.0.9-2.30E.28.i386.rpm
net-snmp-libs-5.0.9-2.30E.28.i386.rpm
net-snmp-perl-5.0.9-2.30E.28.i386.rpm
net-snmp-utils-5.0.9-2.30E.28.i386.rpm
      x86_64:
net-snmp-5.0.9-2.30E.28.x86_64.rpm
net-snmp-devel-5.0.9-2.30E.28.x86_64.rpm
net-snmp-libs-5.0.9-2.30E.28.i386.rpm
net-snmp-libs-5.0.9-2.30E.28.x86_64.rpm
net-snmp-perl-5.0.9-2.30E.28.x86_64.rpm
net-snmp-utils-5.0.9-2.30E.28.x86_64.rpm

-Connie Sieh
-Troy Dawson