Univention Bugzilla – Bug 54809
rsyslog: Multiple issues (5.0)
Last modified: 2022-06-01 16:51:17 CEST
New Debian rsyslog 8.1901.0-1+deb10u2 fixes: This update addresses the following issue: * Heap-based overflow in TCP syslog server (CVE-2022-24903)
--- mirror/ftp/pool/main/r/rsyslog/rsyslog_8.1901.0-1+deb10u1.dsc +++ apt/ucs_5.0-0-errata5.0-1/source/rsyslog_8.1901.0-1+deb10u2.dsc @@ -1,3 +1,9 @@ +8.1901.0-1+deb10u2 [Wed, 25 May 2022 16:51:45 +0200] Michael Biebl <biebl@debian.org>: + + * Fix potential heap buffer overflow in TCP syslog server (receiver) + components when octet-counted framing is used + (CVE-2022-24903, Closes: #1010619) + 8.1901.0-1+deb10u1 [Sun, 23 Jan 2022 20:27:01 +0200] Adrian Bunk <bunk@debian.org>: * Non-maintainer upload. <http://piuparts.knut.univention.de/5.0-1/#1503096126657278758>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-1] b960364b40 Bug #54809: rsyslog 8.1901.0-1+deb10u2 doc/errata/staging/rsyslog.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x320>