{"affected":[{"ecosystem_specific":{"binaries":[{"rsyslog":"8.24.0-3.33.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP4","name":"rsyslog","purl":"pkg:rpm/suse/rsyslog&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.24.0-3.33.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"rsyslog":"8.24.0-3.33.2","rsyslog-diag-tools":"8.24.0-3.33.2","rsyslog-doc":"8.24.0-3.33.2","rsyslog-module-gssapi":"8.24.0-3.33.2","rsyslog-module-gtls":"8.24.0-3.33.2","rsyslog-module-mmnormalize":"8.24.0-3.33.2","rsyslog-module-mysql":"8.24.0-3.33.2","rsyslog-module-pgsql":"8.24.0-3.33.2","rsyslog-module-relp":"8.24.0-3.33.2","rsyslog-module-snmp":"8.24.0-3.33.2","rsyslog-module-udpspoof":"8.24.0-3.33.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP4","name":"rsyslog","purl":"pkg:rpm/suse/rsyslog&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.24.0-3.33.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"rsyslog":"8.24.0-3.33.2","rsyslog-diag-tools":"8.24.0-3.33.2","rsyslog-doc":"8.24.0-3.33.2","rsyslog-module-gssapi":"8.24.0-3.33.2","rsyslog-module-gtls":"8.24.0-3.33.2","rsyslog-module-mmnormalize":"8.24.0-3.33.2","rsyslog-module-mysql":"8.24.0-3.33.2","rsyslog-module-pgsql":"8.24.0-3.33.2","rsyslog-module-relp":"8.24.0-3.33.2","rsyslog-module-snmp":"8.24.0-3.33.2","rsyslog-module-udpspoof":"8.24.0-3.33.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","name":"rsyslog","purl":"pkg:rpm/suse/rsyslog&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.24.0-3.33.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"rsyslog":"8.24.0-3.33.2","rsyslog-diag-tools":"8.24.0-3.33.2","rsyslog-doc":"8.24.0-3.33.2","rsyslog-module-gssapi":"8.24.0-3.33.2","rsyslog-module-gtls":"8.24.0-3.33.2","rsyslog-module-mmnormalize":"8.24.0-3.33.2","rsyslog-module-mysql":"8.24.0-3.33.2","rsyslog-module-pgsql":"8.24.0-3.33.2","rsyslog-module-relp":"8.24.0-3.33.2","rsyslog-module-snmp":"8.24.0-3.33.2","rsyslog-module-udpspoof":"8.24.0-3.33.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5","name":"rsyslog","purl":"pkg:rpm/suse/rsyslog&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.24.0-3.33.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"rsyslog":"8.24.0-3.33.2","rsyslog-diag-tools":"8.24.0-3.33.2","rsyslog-doc":"8.24.0-3.33.2","rsyslog-module-gssapi":"8.24.0-3.33.2","rsyslog-module-gtls":"8.24.0-3.33.2","rsyslog-module-mmnormalize":"8.24.0-3.33.2","rsyslog-module-mysql":"8.24.0-3.33.2","rsyslog-module-pgsql":"8.24.0-3.33.2","rsyslog-module-relp":"8.24.0-3.33.2","rsyslog-module-snmp":"8.24.0-3.33.2","rsyslog-module-udpspoof":"8.24.0-3.33.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","name":"rsyslog","purl":"pkg:rpm/suse/rsyslog&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.24.0-3.33.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for rsyslog fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-17041: Fixed a heap overflow in the parser for AIX log messages (bsc#1153451).\n- CVE-2019-17042: Fixed a heap overflow in the parser for Cisco log messages (bsc#1153459).\n\nNon-security issue fixed:\n\n- imudp: fix segfault in ratelimit code (bsc#1149094)\n  \n","id":"SUSE-RU-2019:2816-1","modified":"2019-10-29T14:14:43Z","published":"2019-10-29T14:14:43Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2019-2816/suse-ru-20192816-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1149094"},{"type":"REPORT","url":"https://bugzilla.suse.com/1153451"},{"type":"REPORT","url":"https://bugzilla.suse.com/1153459"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-17041"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-17042"}],"related":["CVE-2019-17041","CVE-2019-17042"],"summary":"Recommended update for rsyslog","upstream":["CVE-2019-17041","CVE-2019-17042"]}