Univention Bugzilla – Bug 54600
rsyslog: Multiple issues (5.0)
Last modified: 2022-03-30 12:41:36 CEST
New Debian rsyslog 8.1901.0-1+deb10u1 fixes: This update addresses the following issues: * heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c (CVE-2019-17041) * heap-based overflow in contrib/pmcisconames/pmcisconames.c (CVE-2019-17042)
--- mirror/ftp/pool/main/r/rsyslog/rsyslog_8.1901.0-1.dsc +++ apt/ucs_5.0-0-errata5.0-1/source/rsyslog_8.1901.0-1+deb10u1.dsc @@ -1,3 +1,11 @@ +8.1901.0-1+deb10u1 [Sun, 23 Jan 2022 20:27:01 +0200] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload. + * CVE-2019-17041: Heap overflow in the AIX message parser. + (Closes: #942067) + * CVE-2019-17042: Heap overflow in the Cisco log message parser. + (Closes: #942065) + 8.1901.0-1 [Tue, 26 Feb 2019 18:43:39 +0100] Michael Biebl <biebl@debian.org>: * New upstream version 8.1901.0 <http://piuparts.knut.univention.de/5.0-1/#1503096126654031183>
OK: yaml OK: announce_errata OK: patch OK: piuparts
<https://errata.software-univention.de/#/?erratum=5.0x273>