Univention Bugzilla – Bug 54178
rsyslog: Multiple issues (4.4)
Last modified: 2021-12-01 16:07:25 CET
New Debian rsyslog 8.24.0-1+deb9u1 fixes: This update addresses the following issues: * heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c (CVE-2019-17041) * heap-based overflow in contrib/pmcisconames/pmcisconames.c (CVE-2019-17042)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/rsyslog_8.24.0-1.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/rsyslog_8.24.0-1+deb9u1.dsc @@ -1,3 +1,9 @@ +8.24.0-1+deb9u1 [Tue, 30 Nov 2021 21:40:33 +0200] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2019-17041: Heap overflow in the AIX message parser. + * CVE-2019-17042: Heap overflow in the Cisco log message parser. + 8.24.0-1 [Wed, 18 Jan 2017 23:14:38 +0100] Michael Biebl <biebl@debian.org>: [ Michael Biebl ] <http://piuparts.knut.univention.de/4.4-8/#5478905043061632297>
OK: yaml OK: announce_errata OK: patch OK: piuparts
<https://errata.software-univention.de/#/?erratum=4.4x1116>