Changes:
syslog-ng (2.0.0-1ubuntu1.1) gutsy-security; urgency=low
.
* SECURITY UPDATE: Allows remote attackers to cause a denial of service
(crash) via a message with a timestamp that does not contain a trailing
space, which triggers a NULL pointer dereference.
* src/logmsg.c (log_msg_parse): fixed possible NULL pointer dereference
in log message parsing, as done in upstream RCS
* References:
- http://git.balabit.hu/?p=bazsi/syslog-ng-2.0.git;a=commitdiff;h=3126ebad217e7fd6356f4733ca33f571aa87a170
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6437
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457334
Files:
1506917867abfe4f565f1c3a758bfd48 713 admin extra syslog-ng_2.0.0-1ubuntu1.1.dsc
6ea55c647dcbd3d58a58b8d90f7ea300 346056 admin extra syslog-ng_2.0.0.orig.tar.gz
aa1cd8d197f63ce1f9ce5fe432615bde 11211 admin extra syslog-ng_2.0.0-1ubuntu1.1.diff.gz
debdiff syslog- ng_2.0. 0-1ubuntu1. dsc syslog- ng_2.0. 0-1ubuntu1. 1.dsc > syslog- ng_2.0. 0-1ubuntu1. 1.gutsy- security. debdiff
Changes: git.balabit. hu/?p=bazsi/ syslog- ng-2.0. git;a=commitdif f;h=3126ebad217 e7fd6356f4733ca 33f571aa87a170 cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2007- 6437 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 457334 4f565f1c3a758bf d48 713 admin extra syslog- ng_2.0. 0-1ubuntu1. 1.dsc d58a58b8d90f7ea 300 346056 admin extra syslog- ng_2.0. 0.orig. tar.gz e1f9ce5fe432615 bde 11211 admin extra syslog- ng_2.0. 0-1ubuntu1. 1.diff. gz
syslog-ng (2.0.0-1ubuntu1.1) gutsy-security; urgency=low
.
* SECURITY UPDATE: Allows remote attackers to cause a denial of service
(crash) via a message with a timestamp that does not contain a trailing
space, which triggers a NULL pointer dereference.
* src/logmsg.c (log_msg_parse): fixed possible NULL pointer dereference
in log message parsing, as done in upstream RCS
* References:
- http://
- http://
- http://
Files:
1506917867abfe
6ea55c647dcbd3
aa1cd8d197f63c