Oval Definition:oval:com.redhat.rhsa:def:20224808
Revision Date:2022-05-31Version:635
Title:RHSA-2022:4808: rsyslog and rsyslog7 security update (Important)
Description:The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format.

The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon. It supports on-demand disk buffering, reliable syslog over TCP, SSL, TLS and RELP, writing to databases (MySQL, PostgreSQL, Oracle, and others), email alerting, fully configurable output formats (including high-precision time stamps), the ability to filter on any part of the syslog message, on-the-wire message compression, and the ability to convert text files to syslog.

Security Fix(es):

  • rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2022-24903
    RHSA-2022:4808
    Platform(s):Red Hat Enterprise Linux 6 Extended Lifecycle Support
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • rsyslog is earlier than 0:5.8.10-12.el6_10.1
  • AND rsyslog is signed with Red Hat redhatrelease2 key
  • rsyslog-gnutls is earlier than 0:5.8.10-12.el6_10.1
  • AND rsyslog-gnutls is signed with Red Hat redhatrelease2 key
  • rsyslog-gssapi is earlier than 0:5.8.10-12.el6_10.1
  • AND rsyslog-gssapi is signed with Red Hat redhatrelease2 key
  • rsyslog-mysql is earlier than 0:5.8.10-12.el6_10.1
  • AND rsyslog-mysql is signed with Red Hat redhatrelease2 key
  • rsyslog-pgsql is earlier than 0:5.8.10-12.el6_10.1
  • AND rsyslog-pgsql is signed with Red Hat redhatrelease2 key
  • rsyslog-relp is earlier than 0:5.8.10-12.el6_10.1
  • AND rsyslog-relp is signed with Red Hat redhatrelease2 key
  • rsyslog-snmp is earlier than 0:5.8.10-12.el6_10.1
  • AND rsyslog-snmp is signed with Red Hat redhatrelease2 key
  • rsyslog7 is earlier than 0:7.4.10-7.el6_10.1
  • AND rsyslog7 is signed with Red Hat redhatrelease2 key
  • rsyslog7-elasticsearch is earlier than 0:7.4.10-7.el6_10.1
  • AND rsyslog7-elasticsearch is signed with Red Hat redhatrelease2 key
  • rsyslog7-gnutls is earlier than 0:7.4.10-7.el6_10.1
  • AND rsyslog7-gnutls is signed with Red Hat redhatrelease2 key
  • rsyslog7-gssapi is earlier than 0:7.4.10-7.el6_10.1
  • AND rsyslog7-gssapi is signed with Red Hat redhatrelease2 key
  • rsyslog7-mysql is earlier than 0:7.4.10-7.el6_10.1
  • AND rsyslog7-mysql is signed with Red Hat redhatrelease2 key
  • rsyslog7-pgsql is earlier than 0:7.4.10-7.el6_10.1
  • AND rsyslog7-pgsql is signed with Red Hat redhatrelease2 key
  • rsyslog7-relp is earlier than 0:7.4.10-7.el6_10.1
  • AND rsyslog7-relp is signed with Red Hat redhatrelease2 key
  • rsyslog7-snmp is earlier than 0:7.4.10-7.el6_10.1
  • AND rsyslog7-snmp is signed with Red Hat redhatrelease2 key
    • BACK