diff options
| author | Rainer Gerhards <rgerhards@adiscon.com> | 2011-08-30 15:52:00 +0200 |
|---|---|---|
| committer | Rainer Gerhards <rgerhards@adiscon.com> | 2011-08-30 15:52:00 +0200 |
| commit | 43dd1bc0e659f3ddce2f2c5138864d36a5647846 (patch) | |
| tree | 3c99854d11464d86f49870902e52e67c594ce196 /ChangeLog | |
| parent | c1108d7af1ca04b2c485bd87a8cbbf044ffde6fb (diff) | |
| parent | 645a8541d5bbd7cfc0dd9e9f434cce280acf7af8 (diff) | |
| download | rsyslog-43dd1bc0e659f3ddce2f2c5138864d36a5647846.tar.gz rsyslog-43dd1bc0e659f3ddce2f2c5138864d36a5647846.tar.xz rsyslog-43dd1bc0e659f3ddce2f2c5138864d36a5647846.zip | |
Merge branch 'v5-stable' into beta
Conflicts:
ChangeLog
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 12 |
1 files changed, 8 insertions, 4 deletions
@@ -1,5 +1,6 @@ --------------------------------------------------------------------------- -Version 6.1.12 [BETA] (al), 2011-??-?? +Version 6.1.12 [BETA], 2011-09-01 +- bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200 - bugfix: potential misadressing in property replacer - bugfix: memcpy overflow can occur in allowed sender checkig if a name is resolved to IPv4-mapped-on-IPv6 address @@ -221,7 +222,8 @@ Version 5.9.0 [V5-DEVEL] (rgerhards), 2011-03-?? affected directive was: $ActionExecOnlyWhenPreviousIsSuspended on closes: http://bugzilla.adiscon.com/show_bug.cgi?id=236 --------------------------------------------------------------------------- -Version 5.8.5 [V5-stable] (rgerhards/al), 2011-??-?? +Version 5.8.5 [V5-stable] (rgerhards/al), 2011-09-01 +- bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200 - bugfix: potential hang condition during tag emulation - bugfix: too-early string termination during tag emulation - bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c) @@ -1092,11 +1094,13 @@ Version 4.7.0 [v4-devel] (rgerhards), 2010-04-14 Thanks for varmojfekoj for pointing me at this bug. - imported changes from 4.5.6 and below --------------------------------------------------------------------------- -Version 4.6.8 [v4-stable] (rgerhards), 2011-??-?? +Version 4.6.8 [v4-stable] (rgerhards), 2011-09-01 +- bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200 - bugfix: potential misadressing in property replacer -- bugfix: memcpy overflow can occur in allowed sender checkig +- bugfix: memcpy overflow can occur in allowed sender checking if a name is resolved to IPv4-mapped-on-IPv6 address Found by Ismail Dönmez at suse +- bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c) --------------------------------------------------------------------------- Version 4.6.7 [v4-stable] (rgerhards), 2011-07-11 - added support for the ":omusrmsg:" syntax in configuring user messages |