You are here
Home > Preporuke > Sigurnosni propusti programskog paketa rsyslog

Sigurnosni propusti programskog paketa rsyslog

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2014-10-10 14:43:11

Name : rsyslog
Product : Fedora 20
Version : 7.4.8
Release : 2.fc20
Summary : Enhanced system logging and kernel message trapping daemon
Description :
Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL,
syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part,
and fine grain output format control. It is compatible with stock sysklogd
and can be used as a drop-in replacement. Rsyslog is simple to set up, with
advanced features suitable for enterprise-class, encryption-protected syslog
relay chains.

Update Information:

Security fix for CVE-2014-3634

* Tue Oct 7 2014 Tomas Heinrich <> 7.4.8-2
– fix CVE-2014-3634
* Tue Apr 15 2014 Jakub Čajka <> 7.4.8-1.1
– backport support for platforms without atomic instructions
* Thu Feb 20 2014 Tomas Heinrich <> 7.4.8-1
– rebase to 7.4.8
– add an explicit requirement on the version of libestr
– install the tool
– fix a typo in a package description
– add missing defattr directives
– add rsyslog-7.4.8-omjournal-warning.patch to fix
a condition for issuing a warning in omjournal
– add a patch to allow numeric specification of UIDs/GUIDs
– drop the “v5” string from the conf file as it’s misleading
– add rsyslog-7.4.8-dont-link-libee.patch to prevent
linking the main binary with libee
– replace rsyslog-7.3.15-imuxsock-warning.patch
with rsyslog-7.4.8-imuxsock-wrn.patch
– link to libhiredis explicitly
– add a patch to prevent message loss in imjournal
resolves: #1026804
– move the rscryutil man page to the crypto subpackage
– add a patch to fix connection initialization in ompgsql
for more details see:
– add a patch for not enforcing teplate specification in ommongodb
for more details see:

[ 1 ] Bug #1142373 – CVE-2014-3634 rsyslog: remote syslog PRI vulnerability

This update can be installed with the “yum” update program. Use
su -c ‘yum update rsyslog’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorTomislav Protega
Cert idNCERT-REF-2014-10-0007-ADV
ID izvornikaFEDORA-2014-12503
More in Preporuke
Nadogradnja za Adobe Flash Player

Adobe je izdao nadogradnju za otklanjanje tri kritične ranjivosti programskog paketa Adobe Flash Player. Primjenom nadogradnje otklanjanju se ranjivosti narušavanja...