[syslog-ng]Security: syslog-ng 1.4.x and 1.5.x is vulnerable to buffer overflow
Balazs Scheidler
bazsi@balabit.hu
Mon, 7 Oct 2002 15:44:11 +0200
On Sat, Oct 05, 2002 at 12:24:42AM +0900, Katsuhiro Kondou wrote:
> In article <3D9D9B57.nailFTQ1OU1@andromeda.rutgers.edu>,
> William Yodlowsky <wyodlows@andromeda.rutgers.edu> wrote;
>
> } Since I haven't tried running 1.5.14-1.5.20 I'm going to give them a try
> } to see if the problem is in one of those previous releases. That may
> } make it easier to track down.
>
> And I think I can also give it try if you give me the
> method(or patch) to track down.
thanks in advance. And please also change libol versions accordingly, as it
might also be the culprit.
--
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1