The rsyslog binary packages hosted on SuSe OBS are now updated. Rainer
El jue, 5 may 2022 a las 14:11, Rainer Gerhards (<[email protected]>) escribió: > > Dear List, > > there is heap buffer overflow vulnerability in rsyslog tcp reception > components, most notably imtcp and imptcp. This can only happen in > octet-counted mode, which is enabled by default. > > If the receiver ports are exposed to the public Internet AND are used > without authentication, this can lead to remote DoS and potentially to > remote code execution. It is unclear if remote code execution is > actually possible. If so, it needs a very sophisticated attack. > > When syslog best practices with proper firewalling and authentication > is used, thean attack can only be carried out from within the Intranet > and authorized systems. This limits the severity of the vulnerability > considerably (it would obviously require an attacker already to be > present inside the internal network). > > Advisory: > https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8#advisory-comment-72243 > > A patch is available, updated packages are already available or will > be within the next few hours. The daily stable will contain the patch > later today. > > Credits to Peter Agten for initially reporting the issue and working > with us on the resolution. > > Rainer _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
