Changelog for 7.6.7 (v7-stable)

Version 7.6.7 [v7.6-stable] 2014-10-02

  • bugfix: the fix for CVE-2014-3634 did not handle all cases
    This is corrected now. See also: CVE-2014-3683
  • fixed a build problem on some platforms
    Thanks to Olaf for the patch
  • behaviour change: “msg” of messages with invalid PRI set to “rawmsg”
    When the PRI is invalid, the rest of the header cannot be valid. So
    we move all of it to MSG and do not try to parse it out. Note that
    this is not directly related to the security issue but rather done
    because it makes most sense.

rsyslog 7.6.7 (v7-stable) released

This is primarily a re-release of 7.6.6 because the patch for the PRI vulnerability was incomplete. Special thanks to “mancha” for notifying us and helping to get it right.

For more info, please see: http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/

Packages are also already available in the package archives.

Scroll to top