SUSE-SU-2022:2331-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2022:2331-1

UNKNOWN

Security update for rsyslog

Published Jul 7, 2022

Modified 3 years ago

Fix available

Details

This update for rsyslog fixes the following issues:

CVE-2022-24903: fix potential heap buffer overflow in modules for TCP syslog reception (bsc#1199061)

Affected Packages(11 packages)

rsyslog

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

rsyslog-diag-tools

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

rsyslog-doc

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

rsyslog-module-gssapi

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

rsyslog-module-gtls

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

rsyslog-module-mysql

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

rsyslog-module-pgsql

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

rsyslog-module-relp

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

rsyslog-module-snmp

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

rsyslog-module-udpspoof

SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP3-BCLSUSE Linux Enterprise Server 12 SP3-LTSSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 12 SP3

Fixed in:

8.24.0-3.58.2

References

https://bugzilla.suse.com/1199061

https://www.suse.com/security/cve/CVE-2022-24903

https://www.suse.com/support/update/announcement/2022/suse-su-20222331-1/

Upstream

Related

Ecosystems(10)

SUSE HPE Helion OpenStack 8 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3

Timeline

PublishedJul 7, 2022

ModifiedJul 7, 2022