Debian 9817 Published by

A syslog-ng security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address an integer overflow in the RFC3164 parser.



ELA-832-1 syslog-ng security update

Package : syslog-ng
Version : 3.5.6-2+deb8u1 (jessie), 3.8.1-10+deb9u1 (stretch)

Related CVEs :
CVE-2022-38725

It was discovered that an integer overflow in the RFC3164 parser of
syslog-ng, a system logging daemon, may result in denial of service
via malformed syslog messages.

  ELA-832-1 syslog-ng security update