Candidate: CVE-2011-1951
PublicDate: 2011-07-11 20:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1951
Description:
 lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global flag is
 set and when using PCRE 8.12 and possibly other versions, allows remote
 attackers to cause a denial of service (memory consumption) via a message
 that does not match a regular expression.
Ubuntu-Description:
Notes:
 sbeattie> may not affect releases where libpcre3 is < 8.12
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_syslog-ng:
 upstream: http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git;a=commitdiff;h=09710c0b105e579d35c7b5f6c66d1ea5e3a3d3ff;hp=21a455ecdf808cbd0c57428d1bd3f9feec58419e
 upstream: http://git.balabit.hu/?p=bazsi/syslog-ng-3.1.git;a=commitdiff;h=35de55e53dd653c50c8da5daf41a99ab22e7e8aa
upstream_syslog-ng: needs-triage
hardy_syslog-ng: ignored (reached end-of-life)
lucid_syslog-ng: ignored (reached end-of-life)
maverick_syslog-ng: ignored (reached end-of-life)
natty_syslog-ng: ignored (reached end-of-life)
oneiric_syslog-ng: not-affected (3.2.4-1)
precise_syslog-ng: not-affected (3.2.4-1)
quantal_syslog-ng: not-affected (3.2.4-1)
raring_syslog-ng: not-affected (3.2.4-1)
saucy_syslog-ng: not-affected (3.2.4-1)
devel_syslog-ng: not-affected (3.2.4-1)