oss-sec mailing list archives
Re: CVE Request: rsyslogd memory leaks
From: Josh Bressers <bressers () redhat com>
Date: Mon, 4 Apr 2011 14:23:10 -0400 (EDT)
It would seem this needs three IDs (due to version differences).
The $RepeatedMsgReduction option could cause a memory leak: http://bugzilla.adiscon.com/show_bug.cgi?id=225 http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=8083bd1433449fd2b1b79bf759f782e0f64c0cd2
The above is fixed in versions 5.6.4 ad 5.7.6 CVE-2011-1488
Multiple rulesets that are used by multiple inputs could cause a memory leak or crash: http://bugzilla.adiscon.com/show_bug.cgi?id=226
The above bug claims it's fixed in versions 5.6.3 and 5.7.6 CVE-2011-1489
http://bugzilla.adiscon.com/show_bug.cgi?id=218 http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a
The above bug is fixed in versions 5.6.4, 5.7.6, and 6.1.5 CVE-2011-1490 Thanks. -- JB
Current thread:
- Re: CVE Request: rsyslogd memory leaks Josh Bressers (Apr 04)