Summary: | app-admin/syslog-ng <2.0.6 Timestamps Denial of Service Vulnerability (CVE-2007-6437) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Lars Hartmann <lars> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | fmccor, kaazoo, mr_bones_, pacho, ssuominen |
Priority: | High | Keywords: | STABLEREQ |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/28118/ | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Lars Hartmann
2007-12-18 19:54:10 UTC
maintainers - please advice should be good to stablize. Adding arches. arches - please test and mark stable target ebuild: app-admin/syslog-ng-2.0.6 target keywords: x86,ppc,sparc,amd64,alpha,ppc64,hppa Sparc stable. Note also sparc stable for dev-libs/eventlog-0.2.5 as it is now required for syslog-ng. Stable for HPPA. ppc and ppc64 stable alpha/ia64 stable amd64 stable, still runs and logs All supported arches done here, entering [glsa?] state.. Wait, I'd say this is A3 as syslog-ng is a common package and the vulnerability doesn't affect specific configurations only. Also, the Gentoo handbook installs syslog-ng by default. Rerate, otherwise vote. Rerating A3, request filed. GLSA 200712-19, thanks everyone. *** Bug 204142 has been marked as a duplicate of this bug. *** Does not affect current (2008.0) release. Removing release. |