From ${URL} : The gssapi module in Rsyslog is found to be vulnerable to a DoS crash when telneting to a remote port. rsyslog-gssapi configuration on foo.example.com is: $ModLoad imgssapi $InputGSSServerRun 1514 Now the output result for the crash from the reporter seems to be like: # telnet foo.example.com 1514 # Connected to foo.example.com # Escape character is '^]'. # Connection closed by foreign host. # # /var/log/syslog on foo.example.com has: # # Nov 15 12:28:47 foo rsyslogd: TCP session 0x2550730 will be closed, error ignored # # and rsyslogd crashes like: # # 5487.317324670:7ff49169d700: poll returned with i 1, pUsr 0xf106f0 # 5487.317388061:7ff49169d700: New connect on NSD 0xf269d0. # 5487.319769985:7ff49169d700: GSS-API Trying to accept TCP session 0xf06760 # 5488.321087177:7ff49169d700: Called LogError, msg: TCP session 0xf06760 will be closed, error ignored # 5488.321207329:7ff49169d700: main Q: entry added, size now log 1, phys 1 entries # 5488.321250988:7ff49169d700: main Q: EnqueueMsg advised worker start # 5488.321378952:7ff492ea0700: wti 0xf54e10: worker awoke from idle processing # Segmentation fault (core dumped) Program terminated with signal 11, Segmentation fault, which confirms the issue. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729658 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
This issue was resolved and addressed in GLSA 201412-35 at http://security.gentoo.org/glsa/glsa-201412-35.xml by GLSA coordinator Yury German (BlueKnight).