Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#42200 - [rsyslog] Release 8.4.1 fixes security issue CVE-2014-3634
Attached to Project:
Community Packages
Opened by Remi Gacogne (rgacogne) - Wednesday, 01 October 2014, 07:03 GMT
Last edited by Doug Newgard (Scimmia) - Wednesday, 01 October 2014, 15:32 GMT
Opened by Remi Gacogne (rgacogne) - Wednesday, 01 October 2014, 07:03 GMT
Last edited by Doug Newgard (Scimmia) - Wednesday, 01 October 2014, 15:32 GMT
|
DetailsHello, rsyslog < 8.4.1 is vulnerable to a remote denial of service [0][1][2]. A fix for this flaw has been released in version 8.4.1. [0] http://www.rsyslog.com/remote-syslog-pri-vulnerability/ [1] http://www.openwall.com/lists/oss-security/2014/09/30/15 [2] http://lists.adiscon.net/pipermail/rsyslog/2014-September/038499.html |
This task depends upon
Closed by Doug Newgard (Scimmia)
Wednesday, 01 October 2014, 15:32 GMT
Reason for closing: Fixed
Additional comments about closing: rsyslog 8.4.1-1
Wednesday, 01 October 2014, 15:32 GMT
Reason for closing: Fixed
Additional comments about closing: rsyslog 8.4.1-1