Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 6 Oct 2014 08:31:06 +0200
From: Sven Kieske <s.kieske@...twald.de>
To: <oss-security@...ts.openwall.com>
CC: <rgerhards@...adiscon.com>
Subject: Re: vulnerability in rsyslog



On 30/09/14 18:41, Rainer Gerhards wrote:
> 2014-09-30 18:28 GMT+02:00 Solar Designer <solar@...nwall.com>:
> 
>> On Tue, Sep 30, 2014 at 01:55:12PM +0200, Sven Kieske wrote:
>>> I don't understand the following statement in the
>>> pri-vuln.txt in section "Patches":
>>>
>>> "Version 7.4.6, while no longer being project
>>> supported received a patch and is also not vulnerable."
>>>
>>> What was patched when this version is not vulnerable?
>>> Or do you mean it is not vulnerable after the patch got applied?
>>
>>
> My apologies, this is a type that skipped past all proof-reading. It should
> say "7.6.6", which is the v7 version released today. v7.4.x is not only
> non-project supported, it's also heavily outdated and missing many other
> patches as well (just to point this out).

This still does not answer the above questions, it just changes the
version number in your statement which led to my question.

-- 
Mit freundlichen Grüßen / Regards

Sven Kieske

Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +49-5772-293-100
F: +49-5772-293-333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ