syslog-ng has a security hole in 1.6.5-2 as noted on http://newraff.debian.org/~joeyh/testing-security.html
I've just backported the fix that appeared in 1.6.6 and was sent as a
patch to the debian bug by the upstream maintainer.
The version uploaded to unstable (1.6.5-2.1) contains the fix for the
security hole, two fixes for lintian errors (not warnings) and three
documentation updates:
* Non-maintainer upload to fix security hole for sarge
* Changed debian/control to use a versioned depends on util-linux
to fix lintian error
* Converted debian/changelog to be valid UTF-8 by to fix lintian
error
* Updated documentation: doc/syslog-ng.conf.5, doc/syslog-ng.8 to fix
outdated information and typos and language clarification on klogd
in doc/sgml/syslog-ng.sgml
Please consider allowing this version into sarge.
Thanks,
Micah
signature.asc
Description: Digital signature
