Support / Security / Advisories / Mandriva Linux 2011 / MDVSA-2011:134-1

Package name: rsyslog
Date: 2011-09-17
Advisory ID: MDVSA-2011:134-1
Affected versions: 2011 i586 , 2011 x86_64

Problem description

A vulnerability was discovered and corrected in rsyslog:

Stack-based buffer overflow in the parseLegacySyslogMsg function
in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and
5.2.0 through 5.8.4 might allow remote attackers to cause a denial of
service (application exit) via a long TAG in a legacy syslog message
(CVE-2011-3200).

The updated packages have been patched to correct this issue.

Update:

rsyslog was upgraded to the 5.8.5 version for Mandriva Linux 2011
that brings additional fixes as well.

Updated packages

2011 i586

 228f226916d824439e6a4fd285cb9a12  2011/i586/rsyslog-5.8.5-0.1-mdv2011.0.i586.rpm
 0d375b7702380b2e27812712c839951c  2011/i586/rsyslog-dbi-5.8.5-0.1-mdv2011.0.i586.rpm
 fae06eff4f62a72f42ff50e64fafa0a8  2011/i586/rsyslog-docs-5.8.5-0.1-mdv2011.0.i586.rpm
 d0ff2d7850ac1bf283f40be3706b1430  2011/i586/rsyslog-gssapi-5.8.5-0.1-mdv2011.0.i586.rpm
 ebf95b11f1f5885e1a38442947a2a88a  2011/i586/rsyslog-mysql-5.8.5-0.1-mdv2011.0.i586.rpm
 befc020182f60f369e985a73b4b9a23b  2011/i586/rsyslog-pgsql-5.8.5-0.1-mdv2011.0.i586.rpm
 7bff6a135737c1e1f7c0e1d812650021  2011/i586/rsyslog-relp-5.8.5-0.1-mdv2011.0.i586.rpm
 2939c7ac8d11cc495c694745117a3fe8  2011/i586/rsyslog-snmp-5.8.5-0.1-mdv2011.0.i586.rpm 
 3f9422da535c208fa3b9afdb8ac4f0a4  2011/SRPMS/rsyslog-5.8.5-0.1.src.rpm

2011 x86_64

 232bbe8e8ec465e046189513d0746a5d  2011/x86_64/rsyslog-5.8.5-0.1-mdv2011.0.x86_64.rpm
 9795fb8f12fd216207a2db8f5f7fe9ac  2011/x86_64/rsyslog-dbi-5.8.5-0.1-mdv2011.0.x86_64.rpm
 e658bdc14d24b0515d1882a20ddabad5  2011/x86_64/rsyslog-docs-5.8.5-0.1-mdv2011.0.x86_64.rpm
 18b658c432c314a979e1d62eeb169330  2011/x86_64/rsyslog-gssapi-5.8.5-0.1-mdv2011.0.x86_64.rpm
 60dd9e915c98fdb3f1844231aca00a37  2011/x86_64/rsyslog-mysql-5.8.5-0.1-mdv2011.0.x86_64.rpm
 2096cfa840daade37cc0e9734f6a2170  2011/x86_64/rsyslog-pgsql-5.8.5-0.1-mdv2011.0.x86_64.rpm
 94e23240f72b4ca537b2b03b798afe37  2011/x86_64/rsyslog-relp-5.8.5-0.1-mdv2011.0.x86_64.rpm
 57068af0cb2faba0ee3543e4bbfbc273  2011/x86_64/rsyslog-snmp-5.8.5-0.1-mdv2011.0.x86_64.rpm 
 3f9422da535c208fa3b9afdb8ac4f0a4  2011/SRPMS/rsyslog-5.8.5-0.1.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3200