File _patchinfo of Package patchinfo.5379

<patchinfo incident="5379">
  <issue tracker="cve" id="2019-17041"/>
  <issue tracker="cve" id="2019-17042"/>
  <issue tracker="bnc" id="1153451">VUL-0: CVE-2019-17041: rsyslog: heap overflow in the parser for AIX log messages which tries to locate a log message delimiter  but fails</issue>
  <issue tracker="bnc" id="1022804">syslog fails to stop during SLES12SP2 shutdown</issue>
  <issue tracker="bnc" id="1153459">VUL-1: CVE-2019-17042: rsyslog: heap overflow in the parser for Cisco log messages which tries to locate a log message delimiter but fails to account for strings that do not satisfy this constraint</issue>
  <issue tracker="bnc" id="1015203">rsyslog exits with exit status 1 when imfile module readMode parameter set to non-zero value</issue>
  <issue tracker="bnc" id="1087920">rsyslogd SIGABORT crash</issue>
  <issue tracker="bnc" id="1084682">Backport upstream rsyslog to ensure output files are regularly flushed</issue>
  <packager>tsaupe</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for rsyslog</summary>
  <description>This update for rsyslog fixes the following issues:

Security issues fixed:

- CVE-2019-17041: Fixed a heap overflow in the parser for AIX log messages (bsc#1153451).
- CVE-2019-17042: Fixed a heap overflow in the parser for Cisco log messages (bsc#1153459).

Non-security issues fixed:

- Handle multiline messages correctly when using the imfile module. (bsc#1015203)
- Fix a race condition in the shutdown sequence in wtp that was causing rsyslog not to
  shutdown properly. (bsc#1022804)
- Fixed a rsyslogd SIGABORT crash if a path does not exists (bsc#1087920).
- Fixed an issue where configuration templates where not consistently flushed (bsc#1084682).
</description>
</patchinfo>