Oval Definition:oval:com.redhat.rhsa:def:20111247
Revision Date:2011-09-01Version:636
Title:RHSA-2011:1247: rsyslog security update (Moderate)
Description:The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control.

  • A two byte buffer overflow flaw was found in the rsyslog daemon's parseLegacySyslogMsg function. An attacker able to submit log messages to rsyslogd could use this flaw to crash the daemon. (CVE-2011-3200)

    All rsyslog users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the rsyslog daemon will be restarted automatically.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2011-3200
    CVE-2011-3200
    RHSA-2011:1247
    RHSA-2011:1247-01
    RHSA-2011:1247-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • rsyslog is earlier than 0:4.6.2-3.el6_1.2
  • AND rsyslog is signed with Red Hat redhatrelease2 key
  • rsyslog-gnutls is earlier than 0:4.6.2-3.el6_1.2
  • AND rsyslog-gnutls is signed with Red Hat redhatrelease2 key
  • rsyslog-gssapi is earlier than 0:4.6.2-3.el6_1.2
  • AND rsyslog-gssapi is signed with Red Hat redhatrelease2 key
  • rsyslog-mysql is earlier than 0:4.6.2-3.el6_1.2
  • AND rsyslog-mysql is signed with Red Hat redhatrelease2 key
  • rsyslog-pgsql is earlier than 0:4.6.2-3.el6_1.2
  • AND rsyslog-pgsql is signed with Red Hat redhatrelease2 key
  • rsyslog-relp is earlier than 0:4.6.2-3.el6_1.2
  • AND rsyslog-relp is signed with Red Hat redhatrelease2 key
    • BACK