Hello community, here is the log from the commit of package rsyslog for openSUSE:11.3 checked in at Mon Sep 5 17:36:31 CEST 2011. -------- --- old-versions/11.3/all/rsyslog/rsyslog.changes 2010-04-28 19:26:59.000000000 +0200 +++ 11.3/rsyslog/rsyslog.changes 2011-08-29 19:21:32.000000000 +0200 @@ -1,0 +2,8 @@ +Mon Aug 29 16:48:30 UTC 2011 - mt@suse.com + +- Applied patch for 1/2 byte buffer overflow while parsing legacy + syslog messages that may cause a crash (CVE-2011-3200,bnc#714658). +- Applied a fix for a memcpy overflow while processing allowed sender + rules in the config that resolve to IPv4-mapped-on-IPv6 addresses. + +------------------------------------------------------------------- Package does not exist at destination yet. Using Fallback old-versions/11.3/all/rsyslog Destination is old-versions/11.3/UPDATES/all/rsyslog calling whatdependson for 11.3-i586 New: ---- rsyslog-5.x-memcpy-overflow.patch rsyslog-CVE-2011-3200.bnc714658.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rsyslog.spec ++++++ --- /var/tmp/diff_new_pack.YMM6Ia/_old 2011-09-05 17:36:18.000000000 +0200 +++ /var/tmp/diff_new_pack.YMM6Ia/_new 2011-09-05 17:36:18.000000000 +0200 @@ -1,7 +1,7 @@ # -# spec file for package rsyslog (Version 5.4.0) +# spec file for package rsyslog # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -30,7 +30,7 @@ %define rsyslog_module_dir_nodeps %{_libdir}/rsyslog/ %define rsyslog_module_dir_withdeps %{_prefix}/%{_lib}/rsyslog/ Version: 5.4.0 -Release: 2 +Release: 3.<RELEASE2> License: GPLv3+ Group: System/Daemons Summary: Rsyslog, the enhanced syslogd for Linux and Unix @@ -56,6 +56,8 @@ Source3: rsyslog.early.conf.in Source4: rsyslog.d.remote.conf.in Patch1: rsyslog.xconsole-pipe-loop.patch +Patch2: rsyslog-5.x-memcpy-overflow.patch +Patch3: rsyslog-CVE-2011-3200.bnc714658.patch %description Rsyslog is an enhanced multi-threaded syslogd supporting, among others, @@ -246,6 +248,8 @@ %setup -q -n %{name}-%{upstream_version} dos2unix doc/*.html %patch1 -p1 +%patch2 -p1 +%patch3 -p1 %build export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -W -Wall" ++++++ rsyslog-5.x-memcpy-overflow.patch ++++++ --- rsyslog-5.x/runtime/net.c +++ rsyslog-5.x/runtime/net.c 2011/08/29 16:38:49 @@ -721,7 +721,7 @@ static rsRetVal AddAllowedSender(struct SIN(allowIP.addr.NetAddr)->sin_port = 0; memcpy(&(SIN(allowIP.addr.NetAddr)->sin_addr.s_addr), &(SIN6(res->ai_addr)->sin6_addr.s6_addr32[3]), - sizeof (struct sockaddr_in)); + sizeof (in_addr_t)); if((iRet = AddAllowedSenderEntry(ppRoot, ppLast, &allowIP, iSignificantBits)) ++++++ rsyslog-CVE-2011-3200.bnc714658.patch ++++++ diff --git a/tools/pmrfc3164.c b/tools/pmrfc3164.c index 635ca98..6d2d22b 100644 --- a/tools/pmrfc3164.c +++ b/tools/pmrfc3164.c @@ -177,7 +177,7 @@ CODESTARTparse * outputs so that only 32 characters max are used by default. */ i = 0; - while(lenMsg > 0 && *p2parse != ':' && *p2parse != ' ' && i < CONF_TAG_MAXSIZE) { + while(lenMsg > 0 && *p2parse != ':' && *p2parse != ' ' && i < CONF_TAG_MAXSIZE - 2) { bufParseTAG[i++] = *p2parse++; --lenMsg; } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org