[ubuntu/precise-security] rsyslog 5.8.6-1ubuntu8.9 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Oct 9 16:35:25 UTC 2014
rsyslog (5.8.6-1ubuntu8.9) precise-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution via
invalid PRI value
- debian/patches/CVE-2014-3634.patch: limit PRI values in ChangeLog,
configure.ac, configure, plugins/imfile/imfile.c,
plugins/imklog/imklog.c, plugins/imklog/ksym.c,
plugins/imsolaris/imsolaris.c, plugins/imtemplate/imtemplate.c,
plugins/imuxsock/imuxsock.c, runtime/msg.c, runtime/nsd_gtls.c,
runtime/parser.c, runtime/rsyslog.h, runtime/rule.c,
runtime/srutils.c, runtime/syslogd-types.h, tools/syslogd.c.
- CVE-2014-3634
- CVE-2014-3683
Date: 2014-10-02 15:54:12.197151+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/precise/+source/rsyslog/5.8.6-1ubuntu8.9
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list