Copied from
ubuntu trusty in
Private PPA for Ubuntu Security Team
by Marc Deslauriers
Changelog
rsyslog (7.4.4-1ubuntu2.3) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution via
invalid PRI value
- debian/patches/CVE-2014-3634.patch: limit PRI values in
grammar/rainerscript.h, plugins/imfile/imfile.c,
plugins/imklog/imklog.c, plugins/imkmsg/imkmsg.c,
plugins/imsolaris/imsolaris.c, plugins/imuxsock/imuxsock.c,
runtime/msg.c, runtime/parser.c, runtime/rsyslog.h,
runtime/srutils.c, runtime/syslogd-types.h, runtime/typedefs.h,
tools/syslogd.c.
- CVE-2014-3634
- CVE-2014-3683
-- Marc Deslauriers <email address hidden> Thu, 02 Oct 2014 11:32:50 -0400