4.6.8

rsyslog multiple buxfixes released

Hi all, There has a security issue been identified that can potentially lead to DoS. It is triggered by malformed RFC3164 messages. An abort only happens under very specific environmental trigger factors. Full details can be found in our security advisory here: http://www.rsyslog.com/potential-dos-with-malformed-tag/ We would like to thank the Red Hat security team for finding […]

Changelog for 4.6.8 (v4-stable)

Version 4.6.8  [v4-stable] (rgerhards), 2011-09-01 bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200 bugfix: potential misadressing in property replacer bugfix: memcpy overflow can occur in allowed sender checking if a name is resolved to IPv4-mapped-on-IPv6 address Found by Ismail Dönmez at suse bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c)

Scroll to top