 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Tue, 14 Oct 2014 13:38:51 +0000 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Important: rsyslog security update
Advisory ID: SLSA-2014:1397-1
Issue Date: 2014-10-13
CVE Numbers: CVE-2014-3634
--
A flaw was found in the way rsyslog handled invalid log message priority
values. In certain configurations, a local attacker, or a remote attacker
able to connect to the rsyslog port, could use this flaw to crash the
rsyslog daemon or, potentially, execute arbitrary code as the user running
the rsyslog daemon. (CVE-2014-3634)
After installing the update, the rsyslog service will be restarted
automatically.
--
SL7
x86_64
rsyslog-7.4.7-7.el7_0.x86_64.rpm
rsyslog-debuginfo-7.4.7-7.el7_0.x86_64.rpm
rsyslog-gnutls-7.4.7-7.el7_0.x86_64.rpm
rsyslog-gssapi-7.4.7-7.el7_0.x86_64.rpm
rsyslog-mmjsonparse-7.4.7-7.el7_0.x86_64.rpm
rsyslog-relp-7.4.7-7.el7_0.x86_64.rpm
rsyslog-crypto-7.4.7-7.el7_0.x86_64.rpm
rsyslog-doc-7.4.7-7.el7_0.x86_64.rpm
rsyslog-elasticsearch-7.4.7-7.el7_0.x86_64.rpm
rsyslog-libdbi-7.4.7-7.el7_0.x86_64.rpm
rsyslog-mmaudit-7.4.7-7.el7_0.x86_64.rpm
rsyslog-mmnormalize-7.4.7-7.el7_0.x86_64.rpm
rsyslog-mmsnmptrapd-7.4.7-7.el7_0.x86_64.rpm
rsyslog-mysql-7.4.7-7.el7_0.x86_64.rpm
rsyslog-pgsql-7.4.7-7.el7_0.x86_64.rpm
rsyslog-snmp-7.4.7-7.el7_0.x86_64.rpm
rsyslog-udpspoof-7.4.7-7.el7_0.x86_64.rpm
- Scientific Linux Development Team
|
|
|
