Re: sysklogd

From: solar@private
Date: Wed May 23 2001 - 04:39:57 PDT


On Wed, May 23, 2001 at 11:39:14AM +0300, Jarno Huuskonen wrote:

Hi,

Let's get discussions started here. :-)

> I downloaded the prerelease Owl-Linux a while back and noticed that you
> are using sysklogd-1.3-31.

Yes, this is what our patches are currently based on, and some actually
went into 1.4.

We need to update to 1.4.1 for the newer klogd, but we also need to
switch to an alternative syslogd.

> This version (klogd) has a bug: NULL-byte? can
> cause klogd to consume all available cpu. I think this happens at least with 
> 2.4.x 3c59x-driver.

After about 20 minutes of searching, I actually found that there
really is the bug matching your description.  It's not fixed with 1.4
and I believe was never reported to the proper places despite being
fixed in Debian three months ago (with 1.4.1, which I haven't seen
announced).  I'll bring this to vendor-sec now.  Thanks.

The Debian bug is http://bugs.debian.org/85478

Expect a fix for Owl in a few days (will announce here).  I will also
document our security@ address to be used for reports of this nature.

-- 
/sd



This archive was generated by hypermail 2.1.3 : Sun Jan 15 2006 - 13:43:14 PST