Package: rsyslog Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for rsyslog.
CVE-2008-5618[0]: | imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 | before 3.20.2 generates a message even when it is sent by an | unauthorized sender, which allows remote attackers to cause a denial | of service (disk consumption) via a large number of spurious messages. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. There was an article about the issue[1] and the changelog[2] mentions two security entries related to the topic. Cheers Steffen For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5618 http://security-tracker.debian.net/tracker/CVE-2008-5618 [1] http://www.rsyslog.com/Article322.phtml [2] http://www.rsyslog.com/Topic4.phtml -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
