SUSE Security Update: Security update for rsyslog ______________________________________________________________________________
Announcement ID: SUSE-SU-2014:1294-1 Rating: important References: #890228 #897262 #899756 Cross-References: CVE-2014-3634 CVE-2014-3683 Affected Products: SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 ______________________________________________________________________________
An update that solves two vulnerabilities and has one errata is now available.
Description:
rsyslog has been updated to fix a remote denial of service issue:
* Under certain configurations, a local or remote attacker able to send syslog messages to the server could have crashed the log server due to an array overread. (CVE-2014-3634, CVE-2014-3683)