openSUSE Security Update: rsyslog security update ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0326-1 Rating: moderate References: #676041 #679030 #681568 Cross-References: CVE-2011-1488 CVE-2011-1489 CVE-2011-1490 Affected Products: openSUSE 11.4 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. It includes one version update. Description: rsyslog was updated to version 5.6.5 to fix a number of memory leaks that could crash the syslog daemon (CVE-2011-1488, CVE-2011-1489, CVE-2011-1490). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch rsyslog-4322 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586 x86_64) [New Version: 5.6.5]: rsyslog-5.6.5-1.3.1 rsyslog-diag-tools-5.6.5-1.3.1 rsyslog-doc-5.6.5-1.3.1 rsyslog-module-dbi-5.6.5-1.3.1 rsyslog-module-gssapi-5.6.5-1.3.1 rsyslog-module-gtls-5.6.5-1.3.1 rsyslog-module-mysql-5.6.5-1.3.1 rsyslog-module-pgsql-5.6.5-1.3.1 rsyslog-module-relp-5.6.5-1.3.1 rsyslog-module-snmp-5.6.5-1.3.1 rsyslog-module-udpspoof-5.6.5-1.3.1 References: http://support.novell.com/security/cve/CVE-2011-1488.html http://support.novell.com/security/cve/CVE-2011-1489.html http://support.novell.com/security/cve/CVE-2011-1490.html https://bugzilla.novell.com/676041 https://bugzilla.novell.com/679030 https://bugzilla.novell.com/681568