rpms
/
rsyslog
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import rsyslog-8.2102.0-7.el8_6.1

This commit is contained in:
CentOS Sources 2022-05-30 03:24:43 -04:00 committed by Stepan Oksanichenko
parent e45ffa6b96
commit 8c94b882ce
2 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
SOURCES/rsyslog-8.37.0-rhbz2081396-CVE-2022-24903.patch Normal file
View File

@ -0,0 +1,30 @@
diff -up rsyslog-8.37.0/plugins/imptcp/imptcp.c.orig rsyslog-8.37.0/plugins/imptcp/imptcp.c
--- rsyslog-8.37.0/plugins/imptcp/imptcp.c.orig 2022-05-09 12:22:59.050623119 +0200
+++ rsyslog-8.37.0/plugins/imptcp/imptcp.c 2022-05-09 12:34:39.979854853 +0200
@@ -1032,7 +1032,10 @@ processDataRcvd(ptcpsess_t *const __rest
if(pThis->iOctetsRemain <= 200000000) {
pThis->iOctetsRemain = pThis->iOctetsRemain * 10 + c - '0';
}
- *(pThis->pMsg + pThis->iMsg++) = c;
+ // *(pThis->pMsg + pThis->iMsg++) = c;
+ if(pThis->iMsg < iMaxLine) {
+ *(pThis->pMsg + pThis->iMsg++) = c;
+ }
} else { /* done with the octet count, so this must be the SP terminator */
DBGPRINTF("TCP Message with octet-counter, size %d.\n", pThis->iOctetsRemain);
prop.GetString(pThis->peerName, &propPeerName, &lenPeerName);
diff -up rsyslog-8.37.0/runtime/tcps_sess.c.orig rsyslog-8.37.0/runtime/tcps_sess.c
--- rsyslog-8.37.0/runtime/tcps_sess.c.orig 2022-05-09 12:23:12.789627661 +0200
+++ rsyslog-8.37.0/runtime/tcps_sess.c 2022-05-09 12:36:51.426898549 +0200
@@ -389,7 +389,10 @@ processDataRcvd(tcps_sess_t *pThis,
if(pThis->iOctetsRemain <= 200000000) {
pThis->iOctetsRemain = pThis->iOctetsRemain * 10 + c - '0';
}
- *(pThis->pMsg + pThis->iMsg++) = c;
+ // *(pThis->pMsg + pThis->iMsg++) = c;
+ if(pThis->iMsg < iMaxLine) {
+ *(pThis->pMsg + pThis->iMsg++) = c;
+ }
} else { /* done with the octet count, so this must be the SP terminator */
DBGPRINTF("TCP Message with octet-counter, size %d.\n", pThis->iOctetsRemain);
prop.GetString(pThis->fromHost, &propPeerName, &lenPeerName);

8
SPECS/rsyslog.spec
View File

@ -6,7 +6,7 @@
Summary: Enhanced system logging and kernel message trapping daemon
Name: rsyslog
Version: 8.2102.0
Release: 7%{?dist}
Release: 7%{?dist}.1
License: (GPLv3+ and ASL 2.0)
Group: System Environment/Daemons
ExcludeArch: i686
@ -55,6 +55,7 @@ Patch3: rsyslog-8.2102.0-rhbz1866877-unexpected-length.patch
Patch4: rsyslog-8.2102.0-rhbz1984616-imuxsock-ratelimit.patch
Patch5: rsyslog-8.2102.0-rhbz1984489-remove-abort-on-id-resolution-fail.patch
Patch6: rsyslog-8.2102.0-rhbz1832368-prioritize-SAN.patch
Patch7: rsyslog-8.37.0-rhbz2081396-CVE-2022-24903.patch
%package crypto
Summary: Encryption support
@ -286,6 +287,7 @@ mv build doc
%patch4 -p1 -b .imuxsock-rate-limit
%patch5 -p1 -b .abort-on-id-resolution-fail
%patch6 -p1 -b .prioritizeSAN
%patch7 -p1 -b .CVE-24903
%build
%ifarch sparc64
@ -530,6 +532,10 @@ done
%{_libdir}/rsyslog/omudpspoof.so
%changelog
* Mon May 09 2022 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-7.1
- Address CVE-2022-24903, Heap-based overflow in TCP syslog server
resolves: rhbz#2081400
* Mon Nov 22 2021 Attila Lakatos <alakatos@redhat.com> - 8.2102.0-7
- Propagate prioritizeSAN when accepting new connection
resolves: rhbz#1832368