Hi all, There has a security issue been identified that can potentially lead to DoS. It is triggered by malformed RFC3164 messages. An abort only happens under very specific environmental trigger factors. Full details can be found in our security advisory here: http://www.rsyslog.com/potential-dos-with-malformed-tag/ We would like to thank the Red Hat security team for finding […]
Download file name: rsyslog 4.6.8 (stable) rsyslog 4.6.8 (stable) md5sum: cfd2d0c3b536fed9c67603c7533449c3 Author: Rainer Gerhards (email@example.com) Version: 4.6.8 File size: 2.077 MB Download this file now!
Version 4.6.8 [v4-stable] (rgerhards), 2011-09-01 bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200 bugfix: potential misadressing in property replacer bugfix: memcpy overflow can occur in allowed sender checking if a name is resolved to IPv4-mapped-on-IPv6 address Found by Ismail Dönmez at suse bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c)