NS-SA-2020-0120
2020-12-08 09:15:39
简介
moderate: rsyslog security update
严重级别
moderate
主题
An update for rsyslog is now available for NewStart CGSL MAIN 5.05/CGSL CORE 5.05.
NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
rsyslog: Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up, with advanced features suitable for enterprise-class, encryption-protected syslog relay chains.
Security Fix(es):
rsyslog: An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.(CVE-2019-17042)
rsyslog: An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.(CVE-2019-17041)
rsyslog: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.05.F9B3.
影响组件
影响产品
- CGSL MAIN 5.05
- CGSL CORE 5.05
更新包
{"fix":[{"product":"CGSL MAIN 5.05","pkgs":[{"binary":["rsyslog-8.24.0-52.el7.x86_64.rpm","rsyslog-doc-8.24.0-52.el7.noarch.rpm","rsyslog-crypto-8.24.0-52.el7.x86_64.rpm","rsyslog-debuginfo-8.24.0-52.el7.x86_64.rpm","rsyslog-elasticsearch-8.24.0-52.el7.x86_64.rpm","rsyslog-gnutls-8.24.0-52.el7.x86_64.rpm","rsyslog-gssapi-8.24.0-52.el7.x86_64.rpm","rsyslog-kafka-8.24.0-52.el7.x86_64.rpm","rsyslog-libdbi-8.24.0-52.el7.x86_64.rpm","rsyslog-mmaudit-8.24.0-52.el7.x86_64.rpm","rsyslog-mmjsonparse-8.24.0-52.el7.x86_64.rpm","rsyslog-mmnormalize-8.24.0-52.el7.x86_64.rpm","rsyslog-mmkubernetes-8.24.0-52.el7.x86_64.rpm","rsyslog-mysql-8.24.0-52.el7.x86_64.rpm","rsyslog-mmsnmptrapd-8.24.0-52.el7.x86_64.rpm","rsyslog-pgsql-8.24.0-52.el7.x86_64.rpm","rsyslog-relp-8.24.0-52.el7.x86_64.rpm","rsyslog-snmp-8.24.0-52.el7.x86_64.rpm","rsyslog-udpspoof-8.24.0-52.el7.x86_64.rpm"],"source":"rsyslog-8.24.0-52.el7.src.rpm"}]},{"product":"CGSL CORE 5.05","pkgs":[{"binary":["rsyslog-elasticsearch-8.24.0-52.el7.x86_64.rpm","rsyslog-8.24.0-52.el7.x86_64.rpm","rsyslog-crypto-8.24.0-52.el7.x86_64.rpm","rsyslog-debuginfo-8.24.0-52.el7.x86_64.rpm","rsyslog-doc-8.24.0-52.el7.noarch.rpm","rsyslog-mmkubernetes-8.24.0-52.el7.x86_64.rpm","rsyslog-gnutls-8.24.0-52.el7.x86_64.rpm","rsyslog-gssapi-8.24.0-52.el7.x86_64.rpm","rsyslog-kafka-8.24.0-52.el7.x86_64.rpm","rsyslog-libdbi-8.24.0-52.el7.x86_64.rpm","rsyslog-mmaudit-8.24.0-52.el7.x86_64.rpm","rsyslog-mmjsonparse-8.24.0-52.el7.x86_64.rpm","rsyslog-mmnormalize-8.24.0-52.el7.x86_64.rpm","rsyslog-mmsnmptrapd-8.24.0-52.el7.x86_64.rpm","rsyslog-mysql-8.24.0-52.el7.x86_64.rpm","rsyslog-snmp-8.24.0-52.el7.x86_64.rpm","rsyslog-udpspoof-8.24.0-52.el7.x86_64.rpm","rsyslog-pgsql-8.24.0-52.el7.x86_64.rpm","rsyslog-relp-8.24.0-52.el7.x86_64.rpm"],"source":"rsyslog-8.24.0-52.el7.src.rpm"}]}]}
CGSL MAIN 5.05
- rsyslog-8.24.0-52.el7.src.rpm
- rsyslog-8.24.0-52.el7.x86_64.rpm
- rsyslog-doc-8.24.0-52.el7.noarch.rpm
- rsyslog-crypto-8.24.0-52.el7.x86_64.rpm
- rsyslog-debuginfo-8.24.0-52.el7.x86_64.rpm
- rsyslog-elasticsearch-8.24.0-52.el7.x86_64.rpm
- rsyslog-gnutls-8.24.0-52.el7.x86_64.rpm
- rsyslog-gssapi-8.24.0-52.el7.x86_64.rpm
- rsyslog-kafka-8.24.0-52.el7.x86_64.rpm
- rsyslog-libdbi-8.24.0-52.el7.x86_64.rpm
- rsyslog-mmaudit-8.24.0-52.el7.x86_64.rpm
- rsyslog-mmjsonparse-8.24.0-52.el7.x86_64.rpm
- rsyslog-mmnormalize-8.24.0-52.el7.x86_64.rpm
- rsyslog-mmkubernetes-8.24.0-52.el7.x86_64.rpm
- rsyslog-mysql-8.24.0-52.el7.x86_64.rpm
- rsyslog-mmsnmptrapd-8.24.0-52.el7.x86_64.rpm
- rsyslog-pgsql-8.24.0-52.el7.x86_64.rpm
- rsyslog-relp-8.24.0-52.el7.x86_64.rpm
- rsyslog-snmp-8.24.0-52.el7.x86_64.rpm
- rsyslog-udpspoof-8.24.0-52.el7.x86_64.rpm
CGSL CORE 5.05
- rsyslog-8.24.0-52.el7.src.rpm
- rsyslog-elasticsearch-8.24.0-52.el7.x86_64.rpm
- rsyslog-8.24.0-52.el7.x86_64.rpm
- rsyslog-crypto-8.24.0-52.el7.x86_64.rpm
- rsyslog-debuginfo-8.24.0-52.el7.x86_64.rpm
- rsyslog-doc-8.24.0-52.el7.noarch.rpm
- rsyslog-mmkubernetes-8.24.0-52.el7.x86_64.rpm
- rsyslog-gnutls-8.24.0-52.el7.x86_64.rpm
- rsyslog-gssapi-8.24.0-52.el7.x86_64.rpm
- rsyslog-kafka-8.24.0-52.el7.x86_64.rpm
- rsyslog-libdbi-8.24.0-52.el7.x86_64.rpm
- rsyslog-mmaudit-8.24.0-52.el7.x86_64.rpm
- rsyslog-mmjsonparse-8.24.0-52.el7.x86_64.rpm
- rsyslog-mmnormalize-8.24.0-52.el7.x86_64.rpm
- rsyslog-mmsnmptrapd-8.24.0-52.el7.x86_64.rpm
- rsyslog-mysql-8.24.0-52.el7.x86_64.rpm
- rsyslog-snmp-8.24.0-52.el7.x86_64.rpm
- rsyslog-udpspoof-8.24.0-52.el7.x86_64.rpm
- rsyslog-pgsql-8.24.0-52.el7.x86_64.rpm
- rsyslog-relp-8.24.0-52.el7.x86_64.rpm
CVE
参考