Hello community, here is the log from the commit of package rsyslog for openSUSE:11.4 checked in at Mon Sep 5 17:54:17 CEST 2011.
-------- --- old-versions/11.4/UPDATES/all/rsyslog/rsyslog.changes 2011-03-24 17:36:11.000000000 +0100 +++ 11.4/rsyslog/rsyslog.changes 2011-08-29 19:19:36.000000000 +0200 @@ -1,0 +2,8 @@ +Mon Aug 29 16:19:40 UTC 2011 - [email protected] + +- Applied patch for 1/2 byte buffer overflow while parsing legacy + syslog messages that may cause a crash (CVE-2011-3200,bnc#714658). +- Applied a fix for a memcpy overflow while processing allowed sender + rules in the config that resolve to IPv4-mapped-on-IPv6 addresses. + +------------------------------------------------------------------- calling whatdependson for 11.4-i586 New: ---- rsyslog-5.x-memcpy-overflow.patch rsyslog-CVE-2011-3200.bnc714658.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rsyslog.spec ++++++ --- /var/tmp/diff_new_pack.Q8PEiu/_old 2011-09-05 17:54:10.000000000 +0200 +++ /var/tmp/diff_new_pack.Q8PEiu/_new 2011-09-05 17:54:10.000000000 +0200 @@ -21,7 +21,7 @@ Name: rsyslog Summary: The enhanced syslogd for Linux and Unix Version: 5.6.5 -Release: 1.<RELEASE2> +Release: 1.<RELEASE5> %define upstream_version 5.6.5 %define with_dbi 0%{?suse_version} >= 1140 || 0%{?build_with_relp:1} %define with_relp 0%{?suse_version} >= 1130 || 0%{?build_with_relp:1} @@ -68,6 +68,8 @@ %if 0%{?suse_version} >= 1140 Patch1: rsyslog-systemd-integration.bnc656104.diff %endif +Patch2: rsyslog-5.x-memcpy-overflow.patch +Patch3: rsyslog-CVE-2011-3200.bnc714658.patch %description Rsyslog is an enhanced multi-threaded syslogd supporting, among others, @@ -218,6 +220,8 @@ # install the files systemd provides rather than what we provide. cp -a /usr/share/doc/packages/systemd/sd-daemon.[ch] runtime/ %endif +%patch2 -p1 +%patch3 -p1 dos2unix doc/*.html %build ++++++ rsyslog-5.x-memcpy-overflow.patch ++++++ --- rsyslog-5.x/runtime/net.c +++ rsyslog-5.x/runtime/net.c 2011/08/29 16:38:49 @@ -721,7 +721,7 @@ static rsRetVal AddAllowedSender(struct SIN(allowIP.addr.NetAddr)->sin_port = 0; memcpy(&(SIN(allowIP.addr.NetAddr)->sin_addr.s_addr), &(SIN6(res->ai_addr)->sin6_addr.s6_addr32[3]), - sizeof (struct sockaddr_in)); + sizeof (in_addr_t)); if((iRet = AddAllowedSenderEntry(ppRoot, ppLast, &allowIP, iSignificantBits)) ++++++ rsyslog-CVE-2011-3200.bnc714658.patch ++++++ diff --git a/tools/pmrfc3164.c b/tools/pmrfc3164.c index 635ca98..6d2d22b 100644 --- a/tools/pmrfc3164.c +++ b/tools/pmrfc3164.c @@ -177,7 +177,7 @@ CODESTARTparse * outputs so that only 32 characters max are used by default. */ i = 0; - while(lenMsg > 0 && *p2parse != ':' && *p2parse != ' ' && i < CONF_TAG_MAXSIZE) { + while(lenMsg > 0 && *p2parse != ':' && *p2parse != ' ' && i < CONF_TAG_MAXSIZE - 2) { bufParseTAG[i++] = *p2parse++; --lenMsg; } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
