|
Message-ID: <597164508.370300.1301941390217.JavaMail.root@zmail01.collab.prod.int.phx2.redhat.com> Date: Mon, 4 Apr 2011 14:23:10 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE Request: rsyslogd memory leaks It would seem this needs three IDs (due to version differences). > > The $RepeatedMsgReduction option could cause a memory leak: > http://bugzilla.adiscon.com/show_bug.cgi?id=225 > http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=8083bd1433449fd2b1b79bf759f782e0f64c0cd2 The above is fixed in versions 5.6.4 ad 5.7.6 CVE-2011-1488 > > Multiple rulesets that are used by multiple inputs could cause a > memory leak or crash: > http://bugzilla.adiscon.com/show_bug.cgi?id=226 The above bug claims it's fixed in versions 5.6.3 and 5.7.6 CVE-2011-1489 > http://bugzilla.adiscon.com/show_bug.cgi?id=218 > http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a The above bug is fixed in versions 5.6.4, 5.7.6, and 6.1.5 CVE-2011-1490 Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.