syslog-ng (3.28.1-2+deb11u1) bullseye-security; urgency=high * CVE-2022-38725: Integer overflow and buffer out-of-bounds issues in the RFC3164 parser, which could allows remote attackers to cause a Denial of Service via crafted syslog input. * Fix crash (segflaut) with small invalid formatted logs. -- Guilhem Moulin <email address hidden> Wed, 01 Mar 2023 00:51:40 +0100