tags 510906 + patch thanks Hi, * Steffen Joeris <steffen.joe...@skolelinux.de> [2009-01-05 21:49]: > the following CVE (Common Vulnerabilities & Exposures) id was > published for rsyslog. > > CVE-2008-5618[0]: > | imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 > | before 3.20.2 generates a message even when it is sent by an > | unauthorized sender, which allows remote attackers to cause a denial > | of service (disk consumption) via a large number of spurious messages.
Upstream patch: http://git.adiscon.com/?p=rsyslog.git;a=commitdiff_plain;h=afdccceefa30306cf720a27efd5a29bcc5a916c9 Cheers Nico -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpMfYpPRoIy5.pgp
Description: PGP signature
