Advisories ยป MGASA-2014-0411

Updated rsyslog packages fix CVE-2014-3634

Publication date: 09 Oct 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-3634

Description

Updated rsyslog packages fix security vulnerability:

Rainer Gerhards, the rsyslog project leader, reported a vulnerability in
Rsyslog. As a consequence of this vulnerability an attacker can send
malformed messages to a server, if this one accepts data from untrusted
sources, and trigger a denial of service attack (CVE-2014-3634).
                

References

SRPMS

4/core

3/core