ELA-175-1 rsyslog security update

heap overflow

2019-10-11
Packagersyslog
Version5.8.11-3+deb7u3
Related CVE CVE-2019-17041 CVE-2019-17042

Two heap overflow vulnerabilities were discovered in rsyslog, a system and kernel logging daemon, in the AIX and Cisco log messages parsers (not loaded in the default configuration).

For Debian 7 Wheezy, these problems have been fixed in version 5.8.11-3+deb7u3.

We recommend that you upgrade your rsyslog packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/