Date: Wed, 23 May 2001 16:40:13 +0400 From: solar@...nwall.com To: owl-users@...ts.openwall.com Subject: Re: sysklogd On Wed, May 23, 2001 at 03:24:40PM +0300, Jarno Huuskonen wrote: > On Wed, May 23, solar@...nwall.com wrote: > > We need to update to 1.4.1 for the newer klogd, but we also need to > > switch to an alternative syslogd. > > Have you decided which alternative ? If I remeber correctly this was discussed > on security-audit list. Most likely we'll pick Darren Reed's nsyslogd with heavy modifications. > > After about 20 minutes of searching, I actually found that there > > really is the bug matching your description. It's not fixed with 1.4 > > and I believe was never reported to the proper places despite being > > fixed in Debian three months ago (with 1.4.1, which I haven't seen > > announced). I'll bring this to vendor-sec now. Thanks. > > Yes, the fixed version is 1.4.1 (not 1.4 like I remembered) > I noticed the problem about 2 months ago with my laptop, because after every > suspend/resume (reloading the network driver) klogd ate 100% cpu. After > searching if others had noticed the same symptoms I found that 1.4.1 has the > bug fixed. Well, we don't officially support 2.4 kernels yet, but I'll handle this as a security bug anyway. There could be kernel bugs which cause NUL's to be passed to klogd and they don't need to result in a DoS. > The 1.4.1 version is available from: > http://www.ibiblio.org/pub/Linux/system/daemons/ > (I think the klogd cpu bug is mentioned in the changelog). I've back-ported the fix to 1.3-31 for prerelease-stable already, testing it now. -- /sd
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.