[rsyslog] security issue in rsyslog
Rainer Gerhards
rgerhards at hq.adiscon.com
Mon Dec 1 16:37:23 CET 2008
... and the patch will not work on all of these version, due to the
introduction of the netstream driver functionality. Please note that
anything older than current v3-stable is outdated, so the proper way to
replace the faulty code is to upgrade to the current v3-stable and apply
the patch. I will also release a new v3-stable soon, hopefully today
(but I'd like to conduct some more tests).
Rainer
> -----Original Message-----
> From: rsyslog-bounces at lists.adiscon.com [mailto:rsyslog-
> bounces at lists.adiscon.com] On Behalf Of Rainer Gerhards
> Sent: Monday, December 01, 2008 4:31 PM
> To: rsyslog-users
> Subject: Re: [rsyslog] security issue in rsyslog
>
> I now clarified the affected versions. Affected are 3.12.2 and above.
>
> Rainer
>
> > -----Original Message-----
> > From: rsyslog-bounces at lists.adiscon.com [mailto:rsyslog-
> > bounces at lists.adiscon.com] On Behalf Of Rainer Gerhards
> > Sent: Monday, December 01, 2008 3:32 PM
> > To: rsyslog-users
> > Subject: Re: [rsyslog] security issue in rsyslog
> >
> > Hi all,
> >
> > this is patch for v3-stable:
> >
> >
>
http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=f0ddbed44c332391ae
> > 6
> > d9bbf6b07e2f06c4dd676
> >
> > I have not tried yet, but I think it will work on almost all other
> > versions, too. I keep you posted on the progress.
> >
> > Rainer
> >
> > > -----Original Message-----
> > > From: rsyslog-bounces at lists.adiscon.com [mailto:rsyslog-
> > > bounces at lists.adiscon.com] On Behalf Of Rainer Gerhards
> > > Sent: Monday, December 01, 2008 11:27 AM
> > > To: rsyslog-users
> > > Subject: Re: [rsyslog] security issue in rsyslog
> > >
> > > Version v2-stable is NOT vulnerable.
> > >
> > > Rainer
> > >
> > > > -----Original Message-----
> > > > From: rsyslog-bounces at lists.adiscon.com [mailto:rsyslog-
> > > > bounces at lists.adiscon.com] On Behalf Of Rainer Gerhards
> > > > Sent: Monday, December 01, 2008 10:55 AM
> > > > To: rsyslog-users
> > > > Subject: [rsyslog] security issue in rsyslog
> > > >
> > > > Hi folks,
> > > >
> > > > thanks to a bug report, I found out that the $AllowedSender
> > directive
> > > > does not work in all releases. The bug in question is:
> > > >
> > > > http://bugzilla.adiscon.com/show_bug.cgi?id=111
> > > >
> > > > Im am currently working on the bug. Obviously, this can lead to
> > > > messages
> > > > being received from systems that are not permitted so. As a
work-
> > > > around,
> > > > proper firewalling should be set up on the vulnerable hosts.
> Until
> > > > further note, I would assume that all versions of rsyslog are
> > > affected
> > > > (I will provide more detail during my analysis).
> > > >
> > > > Thanks,
> > > > Rainer
> > > > _______________________________________________
> > > > rsyslog mailing list
> > > > http://lists.adiscon.net/mailman/listinfo/rsyslog
> > > > http://www.rsyslog.com
> > > _______________________________________________
> > > rsyslog mailing list
> > > http://lists.adiscon.net/mailman/listinfo/rsyslog
> > > http://www.rsyslog.com
> > _______________________________________________
> > rsyslog mailing list
> > http://lists.adiscon.net/mailman/listinfo/rsyslog
> > http://www.rsyslog.com
> _______________________________________________
> rsyslog mailing list
> http://lists.adiscon.net/mailman/listinfo/rsyslog
> http://www.rsyslog.com
More information about the rsyslog
mailing list