-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4182-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA May 28, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : syslog-ng Version : 3.28.1-2+deb11u2 CVE ID : CVE-2024-47619 A security issue was found in syslog-ng, an enhanced log daemon. In prior version, `tls_wildcard_match()` matches on certificates such as `foo.*.bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.a*c.bar` which glib matches but should be avoided / invalidated. This issue could have an impact on TLS connections, such as in man-in-the-middle situations. For Debian 11 bullseye, this problem has been fixed in version 3.28.1-2+deb11u2. We recommend that you upgrade your syslog-ng packages. For the detailed security status of syslog-ng please refer to its security tracker page at: https://security-tracker.debian.org/tracker/syslog-ng Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmg2wjYACgkQhj1N8u2c KO9x2g//WybSqaWUOxYiBPR/P16kTipgFgNNWHKgQxRZo3esX40EeZpViuggW7Pf ZSTTipQq3nIzYswFvDzkdkJWUqoO1cPPEp9uiVOKTpmLtWE+1TfCwkP4aY46Xsha yrMjmlvxIkOMsGoYMlwwBEzvAWzIdzPoPm99Cy1+VMZnfabsYttL8XZoOXa3yW0o Cm12qMqEcx60+jsz8HhjghJHyYw3xFHkysBYYKCT7GSvad4PdjfThTJwV1wDSvuG u/1n9EQ8uoA7gR3Wx2tTKQ+l3bODZ+1+jT6agPQG2zcTOSllNfCwUxt3Kw12zAp1 1zV03jjYHck6+P/W4ZKTGnwXmw1G9sOY0QtcjjFw3S/ZeaEUFUUTeaMOElV/p6FR am6Km6tLx6QuZ1TVir3vMJ8u/6VC4Vq1ZX9fSw/y6lLW42kfOv8OgAFO1khl1Lmo 5rlx4CYQJYz7RIxgqOYZNICHCBLoSdNGDmWjm1bXgD+ZfktQ9EY8ackIFyJUblyR CFhVETN6CtXiPK1W/GpYgFtFSVIJgKEMmhw8W3SXjViBW3KDgHsH05+kF/fleAdG TWeNntmLywfgaPeIoalWjTEu5kDyUCq6JWjOzKZFXVH+lyEV8UtOvkn05xAPvcUr pPwZPFHv46mNAHdRrEi+kIMmz47X/r53ZT0F3cPhalbNF46VxaA= =myKL -----END PGP SIGNATURE-----
