Ah! It looks like GitHub has dropped the actual fix from the advisory because it was merged to a different branch during the embargo period and later merged into the master branch.
https://github.com/rsyslog/rsyslog/commit/89955b0bcb1ff105e1374aad7e0e993faa6a038f I'll explicitly add it to the advisory tomorrow. Rainer Sent from phone, thus brief. Dmitry Antipov <danti...@cloudlinux.com> schrieb am Fr., 13. Mai 2022, 20:21: > On 5/13/22 20:54, Rainer Gerhards wrote: > > > Full info: > https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8 > > I've read this carefully. This document explicitly states: > > "While there is a check for the maximum number of octets, digits are > written to a heap buffer > even when the octet count is over the maximum, This can be used to overrun > the memory buffer". > > So the question is: if an upstream commit > f211042ecbb472f9d8beb4678a65d272b6f07705 really > fixes this issue, what particular buffer the sentence above is about? As > shown by > 'git show f211042ecbb472f9d8beb4678a65d272b6f07705 --diff-merges=on', this > is a merge > commit of two (excluding tests and docs) unrelated pieces - 'prctl()' > quirk to set the thread > name and adjustments to 'isValidHexNum()' and 'syntax_ipv6(). The both of > the latter doesn't > write any buffers. > > Am I missing something? > > Thanks, > Dmitry > _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
