Synopsis:          Important: rsyslog security update
Advisory ID:       SLSA-2014:1397-1
Issue Date:        2014-10-13
CVE Numbers:       CVE-2014-3634
--

A flaw was found in the way rsyslog handled invalid log message priority
values. In certain configurations, a local attacker, or a remote attacker
able to connect to the rsyslog port, could use this flaw to crash the
rsyslog daemon or, potentially, execute arbitrary code as the user running
the rsyslog daemon. (CVE-2014-3634)

After installing the update, the rsyslog service will be restarted
automatically.
--

SL7
  x86_64
    rsyslog-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-debuginfo-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-gnutls-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-gssapi-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-mmjsonparse-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-relp-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-crypto-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-doc-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-elasticsearch-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-libdbi-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-mmaudit-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-mmnormalize-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-mmsnmptrapd-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-mysql-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-pgsql-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-snmp-7.4.7-7.el7_0.x86_64.rpm
    rsyslog-udpspoof-7.4.7-7.el7_0.x86_64.rpm

- Scientific Linux Development Team