oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: rsyslogd memory leaks

From: Josh Bressers <bressers () redhat com>
Date: Mon, 4 Apr 2011 14:23:10 -0400 (EDT)
It would seem this needs three IDs (due to version differences).



The $RepeatedMsgReduction option could cause a memory leak:
http://bugzilla.adiscon.com/show_bug.cgi?id=225
http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=8083bd1433449fd2b1b79bf759f782e0f64c0cd2


The above is fixed in versions 5.6.4 ad 5.7.6
CVE-2011-1488



Multiple rulesets that are used by multiple inputs could cause a
memory leak or crash:
http://bugzilla.adiscon.com/show_bug.cgi?id=226


The above bug claims it's fixed in versions 5.6.3 and 5.7.6
CVE-2011-1489


http://bugzilla.adiscon.com/show_bug.cgi?id=218
http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a


The above bug is fixed in versions 5.6.4, 5.7.6, and 6.1.5
CVE-2011-1490

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: