Public bug reported:
Binary package hint: syslog-ng
please sync 2.0.6-1 (universe) from Debian unstable (main).
This new upstream release fix security issue.
Changelog:
syslog-ng (2.0.6-1) unstable; urgency=high
.
* New upstream version.
* This release addresses the following security issue:
- A remote attacker can cause a denial of service (crash)
via a crafted log message that is missing a whitespace
at the end of the timestamp (CVE-2007-6437; Closes: #457334)
** Affects: syslog-ng (Ubuntu)
Importance: Medium
Status: Confirmed
** Changed in: syslog-ng (Ubuntu)
Importance: Undecided => Medium
Status: New => Confirmed
--
please sync 2.0.6-1 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/178134
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs