Public bug reported:

Binary package hint: syslog-ng

please sync 2.0.6-1 (universe) from Debian unstable (main).

This new upstream release fix security issue.

Changelog:
 syslog-ng (2.0.6-1) unstable; urgency=high
 .
   * New upstream version.
   * This release addresses the following security issue:
     - A remote attacker can cause a denial of service (crash)
       via a crafted log message that is missing a whitespace
       at the end of the timestamp (CVE-2007-6437; Closes: #457334)

** Affects: syslog-ng (Ubuntu)
     Importance: Medium
         Status: Confirmed

** Changed in: syslog-ng (Ubuntu)
   Importance: Undecided => Medium
       Status: New => Confirmed

-- 
please sync 2.0.6-1 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/178134
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to