-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5369-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 05, 2023                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : syslog-ng
CVE ID         : CVE-2022-38725

It was discovered that an integer overflow in the RFC3164 parser of
syslog-ng, a system logging daemon, may result in denial of service
via malformed syslog messages.

For the stable distribution (bullseye), this problem has been fixed in
version 3.28.1-2+deb11u1.

We recommend that you upgrade your syslog-ng packages.

For the detailed security status of syslog-ng please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/syslog-ng

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmQE698ACgkQEMKTtsN8
TjbwMA//fjYv/pxioC2xcpMfa4gXASqjjVEHcxm5SJDjfb31LhSn4U7YtcMu/Bl7
DdMGZXEEveoPdq5jIq1oI7/7stW/C92rzsfpEsTC27nufvlaXBZCZrVrggiK3jJe
aso+96H54iUf1L6fAPy+E1U3hQxKpQbK1UwelOD5SnSjTTBkh2HixIgZmcPojnb6
X8zUTrsPWqpiOKibvH1RsH1JSGQW5wFj1ooUJHitS6wi4hE+yrOAGX3mzINpfxN2
RMWA2190IDrNSM34dakvdNtkGCCviPMINW7Z9fJ9NIj83CRvzEXHZzKArqqmR0Kc
nQ9nclQP7HSaCbMu+84uMP/iebjr9b5P1P5lGVOF/yykN335XoEnPQkRBKjZEXjr
fC+cckhhfAH6/xLB/FQwvKCvrO5v5skQofoEO0t2dTWZS6Mhib+wqWKg+MMvxE11
cyPHquNe1B+SFdypWpKXfMYww223y3fidN1WLdCt5wOIj9PP7a0FyJWMwO9VQUCN
eC9W47FQqh9hul+tvfGHKSd+9gqXZH0gaKDyqbsym7BAWt+yxftDXqZuRTKMytJ5
3206W0jwF9lzGag3xa39PqxH6gjC1PrT5k+4lijDbHlQFjBXBegYQI4F/YUbnYqo
EcvCB9iq68tSMlpB2pafqPIB+pg465Z9Tqtdl5VZbgmzERQm46c=X2eM
-----END PGP SIGNATURE-----