Описание
ELSA-2014-1397: rsyslog security update (IMPORTANT)
[7.4.7-7.0.1]
- use setsid() to get a controlling session and process group [Orabug: 17346261] (Todd Vierling)
[7.4.7-7]
- fix CVE-2014-3634 resolves: #1149152
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
rsyslog
7.4.7-7.0.1.el7_0
rsyslog-crypto
7.4.7-7.0.1.el7_0
rsyslog-doc
7.4.7-7.0.1.el7_0
rsyslog-elasticsearch
7.4.7-7.0.1.el7_0
rsyslog-gnutls
7.4.7-7.0.1.el7_0
rsyslog-gssapi
7.4.7-7.0.1.el7_0
rsyslog-libdbi
7.4.7-7.0.1.el7_0
rsyslog-mmaudit
7.4.7-7.0.1.el7_0
rsyslog-mmjsonparse
7.4.7-7.0.1.el7_0
rsyslog-mmnormalize
7.4.7-7.0.1.el7_0
rsyslog-mmsnmptrapd
7.4.7-7.0.1.el7_0
rsyslog-mysql
7.4.7-7.0.1.el7_0
rsyslog-pgsql
7.4.7-7.0.1.el7_0
rsyslog-relp
7.4.7-7.0.1.el7_0
rsyslog-snmp
7.4.7-7.0.1.el7_0
rsyslog-udpspoof
7.4.7-7.0.1.el7_0
Связанные CVE
Связанные уязвимости
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier ...
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.