This bug was fixed in the package syslog-ng - 2.0.0-1ubuntu0.1
--------------- syslog-ng (2.0.0-1ubuntu0.1) feisty-security; urgency=low
* SECURITY UPDATE: Allows remote attackers to cause a denial of service (crash) via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference. * src/logmsg.c (log_msg_parse): fixed possible NULL pointer dereference in log message parsing, as done in upstream RCS * References: - http://git.balabit.hu/?p=bazsi/syslog-ng-2.0.git;a=commitdiff;h=3126ebad217e7fd6356f4733ca33f571aa87a170 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6437 - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457334 * Closes lp: #183389 * Updated maintainer fields
-- <email address hidden> (Cody A.W. Somerville) Tue, 15 Jan 2008 17:30:40 -0800
This bug was fixed in the package syslog-ng - 2.0.0-1ubuntu0.1
---------------
syslog-ng (2.0.0-1ubuntu0.1) feisty-security; urgency=low
* SECURITY UPDATE: Allows remote attackers to cause a denial of service git.balabit. hu/?p=bazsi/ syslog- ng-2.0. git;a=commitdif f;h=3126ebad217 e7fd6356f4733ca 33f571aa87a170 cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2007- 6437 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 457334
(crash) via a message with a timestamp that does not contain a trailing
space, which triggers a NULL pointer dereference.
* src/logmsg.c (log_msg_parse): fixed possible NULL pointer dereference
in log message parsing, as done in upstream RCS
* References:
- http://
- http://
- http://
* Closes lp: #183389
* Updated maintainer fields
-- <email address hidden> (Cody A.W. Somerville) Tue, 15 Jan 2008 17:30:40 -0800