Description: snmpd: Disable NET-SNMP-EXTEND-MIB support by default
 Since it is possible to abuse this MIB for privilege escalation attacks,
 disable it by default. Notes:
 - It is still possible to enable this MIB via the --with-mib-modules
   configure option.
 - Another MIB that provides similar functionality, namely
   ucd-snmp/extensible, is disabled by default.
 - The security risk of ucd-snmp/pass and ucd-snmp/pass_persist is lower
   since these modules only introduce a security risk if the invoked
   scripts are exploitable.
Author: Bart Van Assche <bvanassche@acm.org>
Origin: upstream, https://github.com/net-snmp/net-snmp/commit/c2b96ee744392243782094432f657ded4e985a07
Bug-Debian: https://bugs.debian.org/965166
Reviewed-by: Craig Small <csmall@debian.org>
Last-Update: 2020-07-20
--- net-snmp-5.7.3+dfsg.orig/agent/mibgroup/ucd_snmp.h
+++ net-snmp-5.7.3+dfsg/agent/mibgroup/ucd_snmp.h
@@ -5,7 +5,6 @@ config_require(ucd-snmp/pass)
 config_require(ucd-snmp/pass_persist)
 config_version_require((ucd-snmp/disk, 5.7, ucd-snmp/disk_hw))
 config_require(ucd-snmp/loadave)
-config_require(agent/extend)
 config_require(ucd-snmp/errormib)
 config_require(ucd-snmp/file)
 #if defined(HAVE_DLFCN_H) && defined(HAVE_DLOPEN)
