#3257: Upgrade Syslog-ng to 2.0.7 to fix DoS vulnerability

RT for crt.cs.wisc.edu

Logged in as guest | Logout

Ticket metadata

The Basics

Id:	3257
Status:	resolved
Priority:	3/0
Queue:	vdt-internal

Custom Fields

Fixed in:	1.8.1h
Fix scheduled:	CUR

People

Owner:	Scot Kronenfeld
Requestors:	Scot Kronenfeld
Cc:
AdminCc:

Reminders

Dates

Created:	Wed Jan 23 14:44:22 2008
Starts:	Not set
Started:	Wed Jan 23 15:34:48 2008
Last Contact:	Not set
Due:	Not set
Closed:	Wed Jan 23 15:34:48 2008
Updated:	Wed Jan 23 16:09:39 2008 by kronenfe

Links

Depends on: (Create)
Depended on by: (Create)
Parents: (Create)
Children: (Create)
Refers to: (Create)
Referred to by: (Create)

History Brief headers — Full headers

Wed Jan 23 14:43:42 2008

kronenfe - Ticket 3256: Ticket created

[Reply]

Subject:

Upgrade Syslog-ng to fix DoS vulnerability

Download (untitled) / with headers
text/plain 412b

I'm writing this ticket after already building Syslog-ng 2.0.7...

VDT 1.8.1 currently has Syslog-ng 2.0.4. The fix we want is in 2.0.6,
but 2.0.7 is also available.

Tim already built Syslog-ng 2.0.6 for VDT 1.8.2. I took his code and
removed one patch that was incorporated into Syslog-ng 2.0.7 (since
2.0.6 apparently). We will need to preserve the configuration during
the upgrade (just 1 file, I think).

Wed Jan 23 14:44:22 2008

kronenfe - Ticket created

[Reply]

Subject:

Upgrade Syslog-ng to fix DoS vulnerability

Download (untitled) / with headers
text/plain 412b

#	Wed Jan 23 15:34:48 2008	kronenfe - Status changed from 'new' to 'resolved'

#	Wed Jan 23 15:35:07 2008	kronenfe - Subject changed from 'Upgrade Syslog-ng to fix DoS vulnerability' to 'Upgrade Syslog-ng to 2.0.7 to fix DoS vulnerability'

#	Wed Jan 23 15:35:07 2008	kronenfe - Fixed in 1.8.2 added

#	Wed Jan 23 15:35:20 2008	kronenfe - Fixed in 1.8.2 changed to 1.8.1h

#	Wed Jan 23 16:09:17 2008	kronenfe - Ticket 3256: Status changed from 'new' to 'open'

#	Wed Jan 23 16:09:39 2008	kronenfe - Ticket 3256: Merged into