openSUSE has issued an advisory on November 14: https://lists.opensuse.org/opensuse-updates/2019-11/msg00080.html Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Assigning to DavidG as the most recent active maintainer.
Assignee: bugsquad => geiger.david68210
Done for both Cauldron and mga7!
Advisory: ======================== Updated rsyslog packages fix security vulnerabilities: Heap overflow in the parser for AIX log messages (CVE-2019-17041). Heap overflow in the parser for Cisco log messages (CVE-2019-17042). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17041 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17042 https://lists.opensuse.org/opensuse-updates/2019-11/msg00080.html ======================== Updated packages in core/updates_testing: ======================== rsyslog-8.40.0-4.1.mga7 rsyslog-mysql-8.40.0-4.1.mga7 rsyslog-pgsql-8.40.0-4.1.mga7 rsyslog-gssapi-8.40.0-4.1.mga7 rsyslog-relp-8.40.0-4.1.mga7 rsyslog-dbi-8.40.0-4.1.mga7 rsyslog-snmp-8.40.0-4.1.mga7 rsyslog-gnutls-8.40.0-4.1.mga7 rsyslog-crypto-8.40.0-4.1.mga7 rsyslog-elasticsearch-8.40.0-4.1.mga7 rsyslog-journald-8.40.0-4.1.mga7 from rsyslog-8.40.0-4.1.mga7.src.rpm
Version: Cauldron => 7CC: (none) => geiger.david68210Assignee: geiger.david68210 => qa-bugsWhiteboard: MGA7TOO => (none)
MGA7-64 Plasma on Lenovo B50 No installation issues. Ref to bug 24342 Comment 6 # systemctl start rsyslog # systemctl -l status rsyslog ● rsyslog.service - System Logging Service Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2019-12-17 09:52:34 CET; 13s ago Docs: man:rsyslogd(8) https://www.rsyslog.com/doc/ Main PID: 9058 (rsyslogd) Memory: 144.1M CGroup: /system.slice/rsyslog.service └─9058 /sbin/rsyslogd -n dec 17 09:52:34 mach5.hviaene.thuis systemd[1]: Starting System Logging Service... dec 17 09:52:34 mach5.hviaene.thuis rsyslogd[9058]: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd. [v8.40.0] dec 17 09:52:34 mach5.hviaene.thuis rsyslogd[9058]: [origin software="rsyslogd" swVersion="8.40.0" x-pid="9058" x-info="https://www.rsyslog.com"] start dec 17 09:52:34 mach5.hviaene.thuis systemd[1]: Started System Logging Service. dec 17 09:52:37 mach5.hviaene.thuis rsyslogd[9058]: imjournal from <mach5:tester7>: begin to drop messages due to rate-limiting Made sure firewall was active, then from remote desktop: $ logger -n <rsyslog host> --prio-prefix '<201>' testlogmessage On this laptop then: # tail /var/log/syslog Dec 17 09:56:55 mach5 shorewall[27834]: Preparing iptables-restore input... Dec 17 09:56:55 mach5 shorewall[27834]: Running /sbin/iptables-restore --wait 60... Dec 17 09:56:55 mach5 shorewall[27834]: Processing /etc/shorewall/start ... Dec 17 09:56:55 mach5 kernel: [ 1388.803291] netfilter PSD loaded - (c) astaro AG Dec 17 09:56:55 mach5 kernel: [ 1388.819524] IFWLOG: register target Dec 17 09:56:55 mach5 shorewall[27834]: Processing /etc/shorewall/started ... Dec 17 09:56:55 mach5 root: Shorewall started Dec 17 09:56:55 mach5 shorewall[27834]: done. Dec 17 09:56:55 mach5 systemd[1]: Started Shorewall IPv4 firewall. Dec 17 09:57:22 mach5 kernel: [ 1415.175790] net-fw DROP IN=wlp9s0 OUT= MAC=b4:6d:83:0d:0c:14:c8:60:00:da:37:ff:08:00 SRC=192.168.2.1 DST=192.168.2.5 LEN=178 TOS=0x00 PREC=0x00 TTL=64 ID=56116 DF PROTO=UDP SPT=45707 DPT=514 LEN=158 shows dropping of test in firewall Then allowed 514/udp in firewall, did same command in remote desktop and get here now: # tail /var/log/syslog Dec 17 09:58:58 mach5 shorewall[6208]: Setting up Route Filtering... Dec 17 09:58:58 mach5 shorewall[6208]: Setting up Martian Logging... Dec 17 09:58:58 mach5 shorewall[6208]: Setting up Proxy ARP... Dec 17 09:58:58 mach5 shorewall[6208]: Preparing iptables-restore input... Dec 17 09:58:58 mach5 shorewall[6208]: Running /sbin/iptables-restore --wait 60... Dec 17 09:58:58 mach5 shorewall[6208]: Processing /etc/shorewall/start ... Dec 17 09:58:58 mach5 shorewall[6208]: Processing /etc/shorewall/started ... Dec 17 09:58:58 mach5 root: Shorewall started Dec 17 09:58:58 mach5 shorewall[6208]: done. Dec 17 09:58:58 mach5 systemd[1]: Started Shorewall IPv4 firewall. nothing intercepted in firewall, as could be expected. Feedback is not 100% the same as in bug 24342, but seems OK. Good to go for me.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA7-64-OK
Validating. Advisory in Comment 3.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0400.html
Status: NEW => RESOLVEDResolution: (none) => FIXED