-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2835-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk November 30, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : rsyslog Version : 8.24.0-1+deb9u1 CVE ID : CVE-2019-17041 CVE-2019-17042 Debian Bug : 942065 942067 Two heap overflows were fixed in the rsyslog logging daemon. CVE-2019-17041 Heap overflow in the AIX message parser. CVE-2019-17042 Heap overflow in the Cisco log message parser. For Debian 9 stretch, these problems have been fixed in version 8.24.0-1+deb9u1. We recommend that you upgrade your rsyslog packages. For the detailed security status of rsyslog please refer to its security tracker page at: https://security-tracker.debian.org/tracker/rsyslog Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmGmtX4ACgkQiNJCh6LY mLGOPw/+PkypU3T30ABLp5VTzxH7BvYSDrHL5ASm7YFBLd013KEDcRQ/IeVglGgU 9u3qAqPIsupzg0KXRw5gg3HJlmBX6oPMamH/90iEbBGlumunMcxyqoO42H9HIIag UQ7wTRamcZUfDo2BgQdZG8tiEFcQDkfkCC/v4Sm8vF/+/ib53vgviDs1ANGWBIHZ lV7m835DkOcASYO42s/yDw7+rjJsMOg/PIGYaPHdHmSacDq8vGShRVij5p8f0tvO RDHebqD9DbzyVhAYXPMvD5KfUOZleloD9tnLgNJ5yTI1xdbQYP5Juzww4Npi3qx9 Ze3fSKGRZvmx9FrwAqlcBPG/ApSUZ1PINbpMkkg2bR+CWpgXbUXegswIgSH0Rw/M Q/7Q3k7LBK3GJfBKjxxoecBkXXvriLvdAiYGCf7bmfK/+55kK7hSDazrArsYO7bC jszlksT4NaD7cTUbW5mwE+TaTi+4e26ect7oiyT8bSrSGru8YeJNTaVhl2cV6TUD BKppnt6+Fxl+348Q6DlHhSEpho1pnKPtpxJEdE2tMG9TSToJXw8HNgMsNrzpM268 GGFeQYL7Tgd9rQveoXb/DtV+SjLqu3Z+Ko3RP/nOfAaU0sVt0Hs4qvGWwn81nK5/ rOCkbsDYLNk5XUletPsmXN//6gnOt58sFTA569ijwUzGRKKdAu4= =Lkge -----END PGP SIGNATURE-----