Release Info

Advisory: CLSA-2022:1653917271

OS: Ubuntu 16.04 ELS

Public date: 2022-05-30 00:00:00

Project: rsyslog

Version: 8.16.0-1ubuntu3.1+tuxcare.els2

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2022-1653917271.html

Changelog

* SECURITY UPDATE: heap buffer overflow - debian/patches/CVE-2022-24903.patch: introduces a bounds check to address a potential heap buffer overflow in plugins/imptcp/imptcp.c. - CVE-2022-24903

Update

Update command: apt-get update apt-get --only-upgrade install rsyslog*

Packages list

rsyslog_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb rsyslog-elasticsearch_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb rsyslog-gnutls_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb rsyslog-gssapi_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb rsyslog-mysql_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb rsyslog-pgsql_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb rsyslog-relp_8.16.0-1ubuntu3.1+tuxcare.els2_amd64.deb

CVEs

CVE-2022-24903