Headline
RHSA-2022:4803: Red Hat Security Advisory: rsyslog security update
An update for rsyslog is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server
Synopsis
Important: rsyslog security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for rsyslog is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format.
Security Fix(es):
- rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Virtualization 4 for RHEL 7 x86_64
- Red Hat Virtualization for IBM Power LE 4 for RHEL 7 ppc64le
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
- Red Hat Virtualization Manager 4.3 x86_64
Fixes
- BZ - 2081353 - CVE-2022-24903 rsyslog: Heap-based overflow in TCP syslog server
Red Hat Enterprise Linux Server 7
SRPM
rsyslog-8.24.0-57.el7_9.3.src.rpm
SHA-256: 90c7cf0177b03a76e3cadc6447845d876df7c462145aa610289ff5f0976c27d7
x86_64
rsyslog-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 864b6697e5c725a80ea9bb5c30417b54bf7a968f52cbfe15f515d4d800577148
rsyslog-crypto-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 5af8029ee67b3036528a79aa0fc5612bc77ad3957f20c411d70090830b1c0717
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-doc-8.24.0-57.el7_9.3.noarch.rpm
SHA-256: ced011d8ff553d86d84142d22b88066480eb62abcc835ea46243af9b29966831
rsyslog-elasticsearch-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: d5cc6fd2d6d7dede8f93f34dd4dc43c62d478cbdc733b70102f8c8fc45e1334f
rsyslog-gnutls-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: afa4ec3687540f0d58001bf17aaa6cc9d1065c3af7c7460cbc59da4b28619793
rsyslog-gssapi-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 31e51acc4376952dc93f4a92019fb791fa9a2cdb19240cd69aeed7e1b6a1e133
rsyslog-kafka-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 7e77b5995fbd72e048f3ce54f21532a610368d042e94497ff8f7dee8dfba32ff
rsyslog-libdbi-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 690241f4e74ed4d21c408c969736df53bdadda1630040e38f443a80b79a1a9fe
rsyslog-mmaudit-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 81af03a1ff3a67cb9a3d488aca38a2da8146bef152dec8b1cdab47359db42206
rsyslog-mmjsonparse-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 0e46809b8e4ce7bb42b094a14bbaf150d8b50f7aa54680344457aa692ac2fe15
rsyslog-mmkubernetes-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: ccf6f64d21ae60550f9ffb5eefd1a72c1485bb817ea2632894681f4fd8702777
rsyslog-mmnormalize-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 00ee7313f2f6807c373280289b563748529fa8fd8277bd1b2fd3a3bbc317b655
rsyslog-mmsnmptrapd-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 1b45a7cbe69aff84e8745c8ecd6501871efabb4e383fb6c9276374ac7401ccba
rsyslog-mysql-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: a2356b90dd52004445d9a18850524e93115a17aff194847bd128aaab1cf3c693
rsyslog-pgsql-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: b40267c905cb48fe28d7a2a9cb57fe20d5ad9ce4361c2efd338def8ed439feee
rsyslog-relp-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 23a0e751cb4d7ede77101156282d560f2163df1367d8e5850e56621d441a92f7
rsyslog-snmp-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 80ce84a073015287029970bda53a2129639a01ded1a4f7f8834286c722621600
rsyslog-udpspoof-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: b50f7bd7b5caf2845dd66a7ef283f435cbb6c868e27bae32a7f2842a3a656308
Red Hat Enterprise Linux Workstation 7
SRPM
rsyslog-8.24.0-57.el7_9.3.src.rpm
SHA-256: 90c7cf0177b03a76e3cadc6447845d876df7c462145aa610289ff5f0976c27d7
x86_64
rsyslog-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 864b6697e5c725a80ea9bb5c30417b54bf7a968f52cbfe15f515d4d800577148
rsyslog-crypto-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 5af8029ee67b3036528a79aa0fc5612bc77ad3957f20c411d70090830b1c0717
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-doc-8.24.0-57.el7_9.3.noarch.rpm
SHA-256: ced011d8ff553d86d84142d22b88066480eb62abcc835ea46243af9b29966831
rsyslog-elasticsearch-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: d5cc6fd2d6d7dede8f93f34dd4dc43c62d478cbdc733b70102f8c8fc45e1334f
rsyslog-gnutls-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: afa4ec3687540f0d58001bf17aaa6cc9d1065c3af7c7460cbc59da4b28619793
rsyslog-gssapi-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 31e51acc4376952dc93f4a92019fb791fa9a2cdb19240cd69aeed7e1b6a1e133
rsyslog-kafka-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 7e77b5995fbd72e048f3ce54f21532a610368d042e94497ff8f7dee8dfba32ff
rsyslog-libdbi-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 690241f4e74ed4d21c408c969736df53bdadda1630040e38f443a80b79a1a9fe
rsyslog-mmaudit-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 81af03a1ff3a67cb9a3d488aca38a2da8146bef152dec8b1cdab47359db42206
rsyslog-mmjsonparse-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 0e46809b8e4ce7bb42b094a14bbaf150d8b50f7aa54680344457aa692ac2fe15
rsyslog-mmkubernetes-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: ccf6f64d21ae60550f9ffb5eefd1a72c1485bb817ea2632894681f4fd8702777
rsyslog-mmnormalize-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 00ee7313f2f6807c373280289b563748529fa8fd8277bd1b2fd3a3bbc317b655
rsyslog-mmsnmptrapd-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 1b45a7cbe69aff84e8745c8ecd6501871efabb4e383fb6c9276374ac7401ccba
rsyslog-mysql-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: a2356b90dd52004445d9a18850524e93115a17aff194847bd128aaab1cf3c693
rsyslog-pgsql-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: b40267c905cb48fe28d7a2a9cb57fe20d5ad9ce4361c2efd338def8ed439feee
rsyslog-relp-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 23a0e751cb4d7ede77101156282d560f2163df1367d8e5850e56621d441a92f7
rsyslog-snmp-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 80ce84a073015287029970bda53a2129639a01ded1a4f7f8834286c722621600
rsyslog-udpspoof-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: b50f7bd7b5caf2845dd66a7ef283f435cbb6c868e27bae32a7f2842a3a656308
Red Hat Enterprise Linux Desktop 7
SRPM
rsyslog-8.24.0-57.el7_9.3.src.rpm
SHA-256: 90c7cf0177b03a76e3cadc6447845d876df7c462145aa610289ff5f0976c27d7
x86_64
rsyslog-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 864b6697e5c725a80ea9bb5c30417b54bf7a968f52cbfe15f515d4d800577148
rsyslog-crypto-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 5af8029ee67b3036528a79aa0fc5612bc77ad3957f20c411d70090830b1c0717
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-doc-8.24.0-57.el7_9.3.noarch.rpm
SHA-256: ced011d8ff553d86d84142d22b88066480eb62abcc835ea46243af9b29966831
rsyslog-elasticsearch-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: d5cc6fd2d6d7dede8f93f34dd4dc43c62d478cbdc733b70102f8c8fc45e1334f
rsyslog-gnutls-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: afa4ec3687540f0d58001bf17aaa6cc9d1065c3af7c7460cbc59da4b28619793
rsyslog-gssapi-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 31e51acc4376952dc93f4a92019fb791fa9a2cdb19240cd69aeed7e1b6a1e133
rsyslog-kafka-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 7e77b5995fbd72e048f3ce54f21532a610368d042e94497ff8f7dee8dfba32ff
rsyslog-libdbi-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 690241f4e74ed4d21c408c969736df53bdadda1630040e38f443a80b79a1a9fe
rsyslog-mmaudit-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 81af03a1ff3a67cb9a3d488aca38a2da8146bef152dec8b1cdab47359db42206
rsyslog-mmjsonparse-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 0e46809b8e4ce7bb42b094a14bbaf150d8b50f7aa54680344457aa692ac2fe15
rsyslog-mmkubernetes-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: ccf6f64d21ae60550f9ffb5eefd1a72c1485bb817ea2632894681f4fd8702777
rsyslog-mmnormalize-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 00ee7313f2f6807c373280289b563748529fa8fd8277bd1b2fd3a3bbc317b655
rsyslog-mmsnmptrapd-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 1b45a7cbe69aff84e8745c8ecd6501871efabb4e383fb6c9276374ac7401ccba
rsyslog-mysql-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: a2356b90dd52004445d9a18850524e93115a17aff194847bd128aaab1cf3c693
rsyslog-pgsql-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: b40267c905cb48fe28d7a2a9cb57fe20d5ad9ce4361c2efd338def8ed439feee
rsyslog-relp-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 23a0e751cb4d7ede77101156282d560f2163df1367d8e5850e56621d441a92f7
rsyslog-snmp-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 80ce84a073015287029970bda53a2129639a01ded1a4f7f8834286c722621600
rsyslog-udpspoof-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: b50f7bd7b5caf2845dd66a7ef283f435cbb6c868e27bae32a7f2842a3a656308
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
rsyslog-8.24.0-57.el7_9.3.src.rpm
SHA-256: 90c7cf0177b03a76e3cadc6447845d876df7c462145aa610289ff5f0976c27d7
s390x
rsyslog-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: b8559127a2dc611648e0eba8a1e41adf1cba9af586fa9f2d3910a3a8d9a7052a
rsyslog-crypto-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 078dfa0f5ccd2b4461c090a415403a23bc928cd67a9887d90d00fae03f1bddcb
rsyslog-debuginfo-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 068435c396aed26afec5bd0eb88bf1fd1ad65b920532c7e6e3537f7d3f2df581
rsyslog-debuginfo-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 068435c396aed26afec5bd0eb88bf1fd1ad65b920532c7e6e3537f7d3f2df581
rsyslog-doc-8.24.0-57.el7_9.3.noarch.rpm
SHA-256: ced011d8ff553d86d84142d22b88066480eb62abcc835ea46243af9b29966831
rsyslog-elasticsearch-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: b9c67b8e4b3d728d57496b1f02513fe219ffca66195f7161f8069bb4c5f9f545
rsyslog-gnutls-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 04c81eaca8200e693624f83d90641229339ed6f8f798b421e562b313d9cb7739
rsyslog-gssapi-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: a36d5f3365ee8485174422697485cc7ee329ffcd50e62d49130dd02c57c69264
rsyslog-kafka-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 0bcc8cc8d6aa6cb878fc6697ff15aa820b8efed1a62276615f7dcda7cca1dbd3
rsyslog-libdbi-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 7cd3d3db6bbad76acb8d6b84526af95f6662adacec40904de79335bfae0c1c85
rsyslog-mmaudit-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 36e8d2c36b9c7e9942bd56f1039e279866de48feb85b352a1eaab09634ba7dd8
rsyslog-mmjsonparse-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: d1fd2de66a5215c9121b3e1745f130f5791bbe9b79c16626abfbaf4999bf1e99
rsyslog-mmkubernetes-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 39333320de03ae4e26df483bfd5a662f14a94af4146e0481710a0c9aae134806
rsyslog-mmnormalize-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 758ee08b4e7eab262a5ca62f34bea2fb30bb7ea48593711f39b06f5366cfdb46
rsyslog-mmsnmptrapd-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: c3d5db65a32d431de44726812eb731bbb271601e5b5b96037092a6a4887732ed
rsyslog-mysql-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 5f7559a47aa9ddfd3015cfd17d7398b88a7b06154154b1f9ce75472196b8fb52
rsyslog-pgsql-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: d81bef5a8fff9dd5a21eb0685239dd647f342b9704cb3181e9f5278e32b2d3e0
rsyslog-relp-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: dd129709768e4a7f63acb0d9ad104269389af3b7d4f08f9c75242999b98654eb
rsyslog-snmp-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 6ba508a5698554f08b3e827a65b88ff36b3a5cd178c38eb69b3fdd490f275980
rsyslog-udpspoof-8.24.0-57.el7_9.3.s390x.rpm
SHA-256: 8f858af7e6a59b1146566fc6d8645b07a5f89786583004c8a2ca01e4330732c5
Red Hat Enterprise Linux for Power, big endian 7
SRPM
rsyslog-8.24.0-57.el7_9.3.src.rpm
SHA-256: 90c7cf0177b03a76e3cadc6447845d876df7c462145aa610289ff5f0976c27d7
ppc64
rsyslog-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 141e83e09e631a0a32c1fe36de96ab33ab03282c5b2065d9d1638d451831f93c
rsyslog-crypto-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: e6d749cb906dc92474eb935f0878841340c99fa5fb5453f499d75111aaa0baa5
rsyslog-debuginfo-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: c1f16e8fd644237bdf481ebb3296e6f6e45685a2a1bc6986306f16671e7eedc5
rsyslog-debuginfo-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: c1f16e8fd644237bdf481ebb3296e6f6e45685a2a1bc6986306f16671e7eedc5
rsyslog-doc-8.24.0-57.el7_9.3.noarch.rpm
SHA-256: ced011d8ff553d86d84142d22b88066480eb62abcc835ea46243af9b29966831
rsyslog-elasticsearch-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 3fbc6d167778ebe83deff9ad59e4f676beb2283c1b617aff737fe491105dbde9
rsyslog-gnutls-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: ed76ba907488c588188073fb382bd134b6ff36c1152225592806e068624db6d2
rsyslog-gssapi-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 0bac599d13e918aa3c0174871d35b172f270cd3c8c347d140da4dd29223325f8
rsyslog-kafka-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: fdbf20b0861090c782f2dde6f25160950e8b438da2427c746a4c691046136af0
rsyslog-libdbi-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 5a64830bc0ba08b9301e4f6f49522a0aa3f5104146cc69f4bd7d7a6cca9540a5
rsyslog-mmaudit-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 09061daacc1643f268bf601752490f2265b0b5e14cedacf4ae8a22e59fcdde53
rsyslog-mmjsonparse-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 40523cddf04f8b4a57c9fdeb802a4575b11bbc8d4c58c9897eb171d8884253ec
rsyslog-mmkubernetes-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 87e00f100826b8066aa43c66a4f93637cc24eb92b6192d18255fc8180e2bc134
rsyslog-mmnormalize-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 9a3845faf3a30db3ae60eac739b046a6d2e84eb526d202e24a3dd6ba50ffd0c1
rsyslog-mmsnmptrapd-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 14a9462d6325956ff3e60de18a459582ab63234e3ff8af6c854fc10595419864
rsyslog-mysql-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: d080ffd9f994f57b3504cbcf4a2c0b62dc0429c8214c7ab2dee8c1eb38ba96f5
rsyslog-pgsql-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: ee6ea8f8828c092c9692dff4d4f4451e65894d0f92cf898a2ac460e16113739d
rsyslog-relp-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 3f616bbfeb8c0b4878838ec99f264d6b83f6005b0f5c839fc1eea533c69c36ad
rsyslog-snmp-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 156a04632b1bd22a7140b50100a8237b083b1b5ed64ccb3809f793c842f2b1c5
rsyslog-udpspoof-8.24.0-57.el7_9.3.ppc64.rpm
SHA-256: 66c3c48dfeae7f78e7e5408262be69dc905ce9f0fbf901b1bd436ab6b22fe784
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
rsyslog-8.24.0-57.el7_9.3.src.rpm
SHA-256: 90c7cf0177b03a76e3cadc6447845d876df7c462145aa610289ff5f0976c27d7
x86_64
rsyslog-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 864b6697e5c725a80ea9bb5c30417b54bf7a968f52cbfe15f515d4d800577148
rsyslog-crypto-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 5af8029ee67b3036528a79aa0fc5612bc77ad3957f20c411d70090830b1c0717
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-doc-8.24.0-57.el7_9.3.noarch.rpm
SHA-256: ced011d8ff553d86d84142d22b88066480eb62abcc835ea46243af9b29966831
rsyslog-elasticsearch-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: d5cc6fd2d6d7dede8f93f34dd4dc43c62d478cbdc733b70102f8c8fc45e1334f
rsyslog-gnutls-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: afa4ec3687540f0d58001bf17aaa6cc9d1065c3af7c7460cbc59da4b28619793
rsyslog-gssapi-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 31e51acc4376952dc93f4a92019fb791fa9a2cdb19240cd69aeed7e1b6a1e133
rsyslog-kafka-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 7e77b5995fbd72e048f3ce54f21532a610368d042e94497ff8f7dee8dfba32ff
rsyslog-libdbi-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 690241f4e74ed4d21c408c969736df53bdadda1630040e38f443a80b79a1a9fe
rsyslog-mmaudit-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 81af03a1ff3a67cb9a3d488aca38a2da8146bef152dec8b1cdab47359db42206
rsyslog-mmjsonparse-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 0e46809b8e4ce7bb42b094a14bbaf150d8b50f7aa54680344457aa692ac2fe15
rsyslog-mmkubernetes-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: ccf6f64d21ae60550f9ffb5eefd1a72c1485bb817ea2632894681f4fd8702777
rsyslog-mmnormalize-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 00ee7313f2f6807c373280289b563748529fa8fd8277bd1b2fd3a3bbc317b655
rsyslog-mmsnmptrapd-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 1b45a7cbe69aff84e8745c8ecd6501871efabb4e383fb6c9276374ac7401ccba
rsyslog-mysql-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: a2356b90dd52004445d9a18850524e93115a17aff194847bd128aaab1cf3c693
rsyslog-pgsql-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: b40267c905cb48fe28d7a2a9cb57fe20d5ad9ce4361c2efd338def8ed439feee
rsyslog-relp-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 23a0e751cb4d7ede77101156282d560f2163df1367d8e5850e56621d441a92f7
rsyslog-snmp-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 80ce84a073015287029970bda53a2129639a01ded1a4f7f8834286c722621600
rsyslog-udpspoof-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: b50f7bd7b5caf2845dd66a7ef283f435cbb6c868e27bae32a7f2842a3a656308
Red Hat Virtualization 4 for RHEL 7
SRPM
x86_64
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-elasticsearch-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: d5cc6fd2d6d7dede8f93f34dd4dc43c62d478cbdc733b70102f8c8fc45e1334f
rsyslog-mmnormalize-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 00ee7313f2f6807c373280289b563748529fa8fd8277bd1b2fd3a3bbc317b655
Red Hat Virtualization for IBM Power LE 4 for RHEL 7
SRPM
rsyslog-8.24.0-57.el7_9.3.src.rpm
SHA-256: 90c7cf0177b03a76e3cadc6447845d876df7c462145aa610289ff5f0976c27d7
ppc64le
rsyslog-elasticsearch-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 59ee154646df9f92c6a8f07fe184f2d42ed04e35c7a913ae9dcbdd4fcc298f0c
rsyslog-mmjsonparse-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 588e108bcac821e6119091fdf011d40ba46d8372e6732f6480254791ca1aefa7
rsyslog-mmnormalize-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 165baac8c66d792c9fe9d542e20d15df25a6ce46db4f257a1bd3cfc816008415
Red Hat Enterprise Linux for Power, little endian 7
SRPM
rsyslog-8.24.0-57.el7_9.3.src.rpm
SHA-256: 90c7cf0177b03a76e3cadc6447845d876df7c462145aa610289ff5f0976c27d7
ppc64le
rsyslog-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 2de2f0d3d8c6f6e984df05abcb2ac3e5dcc6333cead1e773cf27ca1d265153dd
rsyslog-crypto-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: cc8d5d3b5a7d0a78c035436e115458d7b4f79aeb15cdebc650c64cd63796fabf
rsyslog-debuginfo-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: a1f08442f1514958d41a1a754f854942ee8cd456a6f52f863ccc9c24230915f8
rsyslog-debuginfo-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: a1f08442f1514958d41a1a754f854942ee8cd456a6f52f863ccc9c24230915f8
rsyslog-doc-8.24.0-57.el7_9.3.noarch.rpm
SHA-256: ced011d8ff553d86d84142d22b88066480eb62abcc835ea46243af9b29966831
rsyslog-elasticsearch-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 59ee154646df9f92c6a8f07fe184f2d42ed04e35c7a913ae9dcbdd4fcc298f0c
rsyslog-gnutls-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 1d93d763344759aca8bc7652add02820da56748472d4ce2be7cf947dfe1678e1
rsyslog-gssapi-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: bb201d012e6ae57d1d9dbce8e164f30bb37eda33ed06d35c4d94f22402e67acf
rsyslog-kafka-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: f85caceead8d7f20d0b442de9067ab405922d3cd6a18b56918c306675fd67125
rsyslog-libdbi-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 492c47dd8509e5b1a622fe8831751dd030abe7559d1807afbd0ccc0ac0cfba13
rsyslog-mmaudit-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: ca151c3de58b79d39afe26266ec172c3eb98d95fccd2e1aded3a397d67312c83
rsyslog-mmjsonparse-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 588e108bcac821e6119091fdf011d40ba46d8372e6732f6480254791ca1aefa7
rsyslog-mmkubernetes-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 44ed292f1599ff51071046aa1f4fe718bbce2d7f1556ebe29d9e36d07a454450
rsyslog-mmnormalize-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 165baac8c66d792c9fe9d542e20d15df25a6ce46db4f257a1bd3cfc816008415
rsyslog-mmsnmptrapd-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: ee88e26e242f4eb0d9343d071255a1e93121ccfb10114a7914d4b61ce2877855
rsyslog-mysql-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: e359396ac79c77b8c906f0c78630204dda695f1f2be94a88eee6ee900ac164a3
rsyslog-pgsql-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: c435552015f099d72ce8f5a2ee3549afff38bc90642ee42ad937d1033fe78cc1
rsyslog-relp-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: d8bf1ed51e511c851920868406f33f3bb6ad61302e8bedbb21e34c19e8c96826
rsyslog-snmp-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 9a362f1a8fe3415d7211d9dc0f4bc49ce8114b72558d608f8949be8e619599c0
rsyslog-udpspoof-8.24.0-57.el7_9.3.ppc64le.rpm
SHA-256: 892fefef76ab87c1b54ee3ed3f2422ea7b27c3aeff0d3e22f89435fe6d8cc64c
Red Hat Virtualization Manager 4.3
SRPM
x86_64
rsyslog-debuginfo-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 3e8dc962969fbce2c0bdf468eb1b5ac4d481256b4b9b0357482717c12c774757
rsyslog-elasticsearch-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: d5cc6fd2d6d7dede8f93f34dd4dc43c62d478cbdc733b70102f8c8fc45e1334f
rsyslog-mmnormalize-8.24.0-57.el7_9.3.x86_64.rpm
SHA-256: 00ee7313f2f6807c373280289b563748529fa8fd8277bd1b2fd3a3bbc317b655
Related news
Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.
Red Hat Security Advisory 2022-5069-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include code execution, cross site scripting, denial of service, information leakage, and traversal vulnerabilities.
Red Hat OpenShift Container Platform release 4.11.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23566: nanoid: Information disclosure via valueOf() function * CVE-2021-23648: sanitize-url: XSS * CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion * CVE-2021-44906:...
Red Hat Security Advisory 2022-5439-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow, privilege escalation, and use-after-free vulnerabilities.
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs * CVE-2022-1271: gzip: arbitrary-file-write vulnerability * CVE-2022-1966: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root * CVE-2...
Red Hat Security Advisory 2022-4896-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow, out of bounds write, and use-after-free vulnerabilities.
An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0778: openssl:...
Red Hat Security Advisory 2022-4808-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon. It supports on-demand disk buffering, reliable syslog over TCP, SSL, TLS and RELP, writing to databases, email alerting, fully configurable output formats, the ability to filter on any part of the syslog message, on-the-wire message compression, and the ability to convert text files to syslog. Issues addressed include a heap overflow vulnerability.
Red Hat Security Advisory 2022-4795-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.
Red Hat Security Advisory 2022-4803-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.
Red Hat Security Advisory 2022-4801-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a heap overflow vulnerability.
An update for rsyslog is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server
An update for rsyslog is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server
An update for rsyslog is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server
An update for rsyslog is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server
An update for rsyslog is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24903: rsyslog: Heap-based overflow in TCP syslog server
Ubuntu Security Notice 5404-2 - USN-5404-1 addressed a vulnerability in Rsyslog. This update provides the corresponding update for Ubuntu 16.04 ESM. Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash.
Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts to do that. The bug occurs when the octet count is read. While there is a check for the maximum number of octets, digits are written to a heap buffer even when the octet count is over the maximum, This can be used to overrun the memory buffer. However, once the sequence of digits stop, no additional characters can be added to the buffer. In our opinion, this makes remote exploits impossible or at least highly complex. Octet-counted framing is one of two potential framing modes. It is relatively uncommon, but enabled by default on receivers. Modules `imtcp`, `imptcp`, `imgssapi`, and `imhttp` are used for regular syslog message reception. ...
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.