[syslog-ng]Security: syslog-ng 1.4.x and 1.5.x is vulnerable to buffer overflow

Katsuhiro Kondou kondou@isc.org
Thu, 10 Oct 2002 17:41:20 +0900 (JST)

In article <20021010083117.GC24001@balabit.hu>,
	Balazs Scheidler <bazsi@balabit.hu> wrote;

} This code path is only used _iff_ a HUP is sent to syslog-ng. Is the
} segfault triggered by sending a HUP to the process, or it is simply crashing
} without HUP?

Mine is dead soon after syslog-ng starts, so without SIGHUP.
Katsuhiro Kondou