Community Packages

Please read this before reporting a bug:
http://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#42200 - [rsyslog] Release 8.4.1 fixes security issue CVE-2014-3634

Attached to Project: Community Packages
Opened by Remi Gacogne (rgacogne) - Wednesday, 01 October 2014, 07:03 GMT
Last edited by Doug Newgard (Scimmia) - Wednesday, 01 October 2014, 15:32 GMT
Task Type Bug Report
Category Upstream Bugs
Status Closed
Assigned To No-one
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details


Hello,

rsyslog < 8.4.1 is vulnerable to a remote denial of service [0][1][2].

A fix for this flaw has been released in version 8.4.1.

[0] http://www.rsyslog.com/remote-syslog-pri-vulnerability/
[1] http://www.openwall.com/lists/oss-security/2014/09/30/15
[2] http://lists.adiscon.net/pipermail/rsyslog/2014-September/038499.html
This task depends upon

Closed by  Doug Newgard (Scimmia)
Wednesday, 01 October 2014, 15:32 GMT
Reason for closing:  Fixed
Additional comments about closing:  rsyslog 8.4.1-1

Loading...