[Bug 178134] please sync 2.0.6-1 (universe) from Debian unstable (main)
Lionel Porcheron
lionel at alveonet.org
Sat Dec 22 17:58:33 GMT 2007
Public bug reported:
Binary package hint: syslog-ng
please sync 2.0.6-1 (universe) from Debian unstable (main).
This new upstream release fix security issue.
Changelog:
syslog-ng (2.0.6-1) unstable; urgency=high
.
* New upstream version.
* This release addresses the following security issue:
- A remote attacker can cause a denial of service (crash)
via a crafted log message that is missing a whitespace
at the end of the timestamp (CVE-2007-6437; Closes: #457334)
** Affects: syslog-ng (Ubuntu)
Importance: Medium
Status: Confirmed
** Changed in: syslog-ng (Ubuntu)
Importance: Undecided => Medium
Status: New => Confirmed
--
please sync 2.0.6-1 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/178134
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is a direct subscriber.
More information about the ubuntu-archive
mailing list