Bug 981719 (CVE-2013-4758)
Summary: | CVE-2013-4758 rsyslog: double free flaw in ElasticSearch plugin | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Stefan Cornelius <scorneli> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | mah.darade, theinric |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-07-08 03:47:09 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 981722 |
Description
Stefan Cornelius
2013-07-05 15:10:34 UTC
Upstream patch: http://git.adiscon.com/?p=rsyslog.git;a=commitdiff;h=80f88242982c9c6ad6ce8628fc5b94ea74051cf4 The version of rsyslog shipped with Red Hat Enterprise Linux 5 and 6, does not contain the vulnerable omelasticsearch plugin and therefore is not vulnerable to this flaw. The version of rsyslog shipped with Fedora 18 and Fedora 19, does not contain the vulnerable omelasticsearch plugin and therefore is not vulnerable to this flaw. Statement: Not Vulnerable. This issue does not affect the version of rsyslog as shipped with Red Hat Enterprise Linux 5 and 6. |