CVE

Changelog for 7.6.7 (v7-stable)

Version 7.6.7 [v7.6-stable] 2014-10-02 bugfix: the fix for CVE-2014-3634 did not handle all cases This is corrected now. See also: CVE-2014-3683 fixed a build problem on some platforms Thanks to Olaf for the patch behaviour change: “msg” of messages with invalid PRI set to “rawmsg” When the PRI is invalid, the rest of the header […]

remote syslog PRI vulnerability – CVE: CVE-2014-3683

remote syslog PRI vulnerability =============================== CVE: CVE-2014-3683 Status of this report ——————— FINAL Updated 2014-10-06: effect on sysklogd milder than in initial assesment Reporter ——- mancha , intial detection and analysis Rainer Gerhards , rsyslog project lead Affected ——– – rsyslog, most probably all versions (checked v3-stable and above) – sysklogd (checked most recent versions) […]

remote syslog PRI vulnerability – CVE: CVE-2014-3634

=============================== CVE: CVE-2014-3634 Status of this report ——————— FINAL Reporter ——- Rainer Gerhards, rsyslog project lead Affected ——– – rsyslog, most probably all versions (checked 5.8.6+) – sysklogd (checked most recent versions) – potentially others (see root cause) Root Cause ———- Note: rsyslogd was forked from sysklogd, and the root cause applies to both. For […]

Scroll to top