diff options
author | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-03-06 09:09:58 +0100 |
---|---|---|
committer | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-03-06 09:09:58 +0100 |
commit | c06a315ca11f4e9d97a7539ac2720dae0966279d (patch) | |
tree | a4f252cc1060a29b2227168dfa11f9f087a72501 | |
parent | 3ce9fc8ab5e002721519098f8d470499fe7c352a (diff) |
[SECURITY] [DSA 5369-1] syslog-ng security update
-rw-r--r-- | english/security/2023/dsa-5369.data | 13 | ||||
-rw-r--r-- | english/security/2023/dsa-5369.wml | 20 |
2 files changed, 33 insertions, 0 deletions
diff --git a/english/security/2023/dsa-5369.data b/english/security/2023/dsa-5369.data new file mode 100644 index 00000000000..b0bea3e44e9 --- /dev/null +++ b/english/security/2023/dsa-5369.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-5369-1 syslog-ng</define-tag> +<define-tag report_date>2023-3-05</define-tag> +<define-tag secrefs>CVE-2022-38725</define-tag> +<define-tag packages>syslog-ng</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2023/dsa-5369.wml b/english/security/2023/dsa-5369.wml new file mode 100644 index 00000000000..7944793e4ea --- /dev/null +++ b/english/security/2023/dsa-5369.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>It was discovered that an integer overflow in the RFC3164 parser of +syslog-ng, a system logging daemon, may result in denial of service +via malformed syslog messages.</p> + +<p>For the stable distribution (bullseye), this problem has been fixed in +version 3.28.1-2+deb11u1.</p> + +<p>We recommend that you upgrade your syslog-ng packages.</p> + +<p>For the detailed security status of syslog-ng please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/syslog-ng">\ +https://security-tracker.debian.org/tracker/syslog-ng</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2023/dsa-5369.data" +# $Id: $ |