diff -Nru rsyslog-5.8.6/debian/changelog rsyslog-5.8.6/debian/changelog --- rsyslog-5.8.6/debian/changelog 2014-08-19 20:01:22.000000000 +0000 +++ rsyslog-5.8.6/debian/changelog 2014-10-02 15:35:08.000000000 +0000 @@ -1,3 +1,19 @@ +rsyslog (5.8.6-1ubuntu8.9) precise-security; urgency=medium + + * SECURITY UPDATE: denial of service and possible code execution via + invalid PRI value + - debian/patches/CVE-2014-3634.patch: limit PRI values in ChangeLog, + configure.ac, configure, plugins/imfile/imfile.c, + plugins/imklog/imklog.c, plugins/imklog/ksym.c, + plugins/imsolaris/imsolaris.c, plugins/imtemplate/imtemplate.c, + plugins/imuxsock/imuxsock.c, runtime/msg.c, runtime/nsd_gtls.c, + runtime/parser.c, runtime/rsyslog.h, runtime/rule.c, + runtime/srutils.c, runtime/syslogd-types.h, tools/syslogd.c. + - CVE-2014-3634 + - CVE-2014-3683 + + -- Marc Deslauriers Thu, 02 Oct 2014 11:34:40 -0400 + rsyslog (5.8.6-1ubuntu8.7) precise; urgency=medium * Enable non-kernel facility klog messages. (LP: #1274444) diff -Nru rsyslog-5.8.6/debian/patches/CVE-2014-3634.patch rsyslog-5.8.6/debian/patches/CVE-2014-3634.patch --- rsyslog-5.8.6/debian/patches/CVE-2014-3634.patch 1970-01-01 00:00:00.000000000 +0000 +++ rsyslog-5.8.6/debian/patches/CVE-2014-3634.patch 2014-10-02 15:35:56.000000000 +0000 @@ -0,0 +1,430 @@ +Description: fix denial of service and possible code execution via + invalid PRI value +Origin: based on prifix.v5.8.6 patch by Rainer Gerhards, and updated for + the CVE-2014-3683 fix + +Index: rsyslog-5.8.6/ChangeLog +=================================================================== +--- rsyslog-5.8.6.orig/ChangeLog 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/ChangeLog 2014-10-01 09:17:14.800340423 -0400 +@@ -1634,11 +1634,16 @@ + Thanks to Ken for providing the patch + --------------------------------------------------------------------------- + Version 3.22.4 [v3-stable] (rgerhards), 2010-??-?? ++- bugfix: action resume interval incorrectly handled, thus took longer to ++ resume ++- bugfix: cosmetic: proper constant used instead of number in open call + - bugfix: timestamp was incorrectly calculated for timezones with minute + offset + closes: http://bugzilla.adiscon.com/show_bug.cgi?id=271 + - improved some code based on clang static analyzer results + - bugfix: potential misadressing in property replacer ++- bugfix: improper handling of invalid PRI values ++ references: CVE-2014-3634 + --------------------------------------------------------------------------- + Version 3.22.3 [v3-stable] (rgerhards), 2010-11-24 + - bugfix(important): problem in TLS handling could cause rsyslog to loop +Index: rsyslog-5.8.6/configure.ac +=================================================================== +--- rsyslog-5.8.6.orig/configure.ac 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/configure.ac 2014-10-01 09:17:14.800340423 -0400 +@@ -76,7 +76,7 @@ + AC_HEADER_RESOLV + AC_HEADER_STDC + AC_HEADER_SYS_WAIT +-AC_CHECK_HEADERS([arpa/inet.h libgen.h malloc.h fcntl.h locale.h netdb.h netinet/in.h paths.h stddef.h stdlib.h string.h sys/file.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h sys/stat.h syslog.h unistd.h utmp.h utmpx.h sys/epoll.h sys/prctl.h]) ++AC_CHECK_HEADERS([arpa/inet.h libgen.h malloc.h fcntl.h locale.h netdb.h netinet/in.h paths.h stddef.h stdlib.h string.h sys/file.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h sys/stat.h unistd.h utmp.h utmpx.h sys/epoll.h sys/prctl.h]) + + # Checks for typedefs, structures, and compiler characteristics. + AC_C_CONST +Index: rsyslog-5.8.6/plugins/imfile/imfile.c +=================================================================== +--- rsyslog-5.8.6.orig/plugins/imfile/imfile.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/plugins/imfile/imfile.c 2014-10-01 09:17:14.800340423 -0400 +@@ -119,8 +119,8 @@ + MsgSetMSGoffs(pMsg, 0); /* we do not have a header... */ + MsgSetHOSTNAME(pMsg, glbl.GetLocalHostName(), ustrlen(glbl.GetLocalHostName())); + MsgSetTAG(pMsg, pInfo->pszTag, pInfo->lenTag); +- pMsg->iFacility = LOG_FAC(pInfo->iFacility); +- pMsg->iSeverity = LOG_PRI(pInfo->iSeverity); ++ pMsg->iFacility = pri2fac(pInfo->iFacility); ++ pMsg->iSeverity = pri2sev(pInfo->iSeverity); + MsgSetRuleset(pMsg, pInfo->pRuleset); + CHKiRet(submitMsg(pMsg)); + finalize_it: +Index: rsyslog-5.8.6/plugins/imklog/imklog.c +=================================================================== +--- rsyslog-5.8.6.orig/plugins/imklog/imklog.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/plugins/imklog/imklog.c 2014-10-01 09:17:14.800340423 -0400 +@@ -18,7 +18,7 @@ + * Please note that this file replaces the klogd daemon that was + * also present in pre-v3 versions of rsyslog. + * +- * Copyright (C) 2008, 2009 by Rainer Gerhards and Adiscon GmbH ++ * Copyright (C) 2008, 2014 by Rainer Gerhards and Adiscon GmbH + * + * This file is part of rsyslog. + * +@@ -110,8 +110,8 @@ + MsgSetRcvFromIP(pMsg, pLocalHostIP); + MsgSetHOSTNAME(pMsg, glbl.GetLocalHostName(), ustrlen(glbl.GetLocalHostName())); + MsgSetTAG(pMsg, pszTag, ustrlen(pszTag)); +- pMsg->iFacility = LOG_FAC(iFacility); +- pMsg->iSeverity = LOG_PRI(iSeverity); ++ pMsg->iFacility = pri2fac(iFacility); ++ pMsg->iSeverity = pri2sev(iSeverity); + CHKiRet(submitMsg(pMsg)); + + finalize_it: +@@ -174,7 +174,7 @@ + va_end(ap); + + iRet = enqMsg((uchar*)pLogMsg, (uchar*) ((iFacilIntMsg == LOG_KERN) ? "kernel:" : "imklog:"), +- iFacilIntMsg, LOG_PRI(priority)); ++ iFacilIntMsg, pri2sev(priority)); + + RETiRet; + } +@@ -195,10 +195,10 @@ + /* if we don't get the pri, we use whatever we were supplied */ + + /* ignore non-kernel messages if not permitted */ +- if(bPermitNonKernel == 0 && LOG_FAC(priority) != LOG_KERN) ++ if(bPermitNonKernel == 0 && pri2fac(priority) != LOG_KERN) + FINALIZE; /* silently ignore */ + +- iRet = enqMsg((uchar*)pMsg, (uchar*) "kernel:", LOG_FAC(priority), LOG_PRI(priority)); ++ iRet = enqMsg((uchar*)pMsg, (uchar*) "kernel:", pri2fac(priority), pri2sev(priority)); + + finalize_it: + RETiRet; +Index: rsyslog-5.8.6/plugins/imklog/ksym.c +=================================================================== +--- rsyslog-5.8.6.orig/plugins/imklog/ksym.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/plugins/imklog/ksym.c 2014-10-01 09:17:14.800340423 -0400 +@@ -118,7 +118,6 @@ + #include + #include + #include +-#include + #include "imklog.h" + #include "ksyms.h" + #include "module.h" +Index: rsyslog-5.8.6/plugins/imsolaris/imsolaris.c +=================================================================== +--- rsyslog-5.8.6.orig/plugins/imsolaris/imsolaris.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/plugins/imsolaris/imsolaris.c 2014-10-01 09:17:14.800340423 -0400 +@@ -204,8 +204,8 @@ + MsgSetInputName(pMsg, pInputName); + MsgSetRawMsg(pMsg, (char*)pRcv, strlen((char*)pRcv)); + MsgSetHOSTNAME(pMsg, glbl.GetLocalHostName(), ustrlen(glbl.GetLocalHostName())); +- pMsg->iFacility = LOG_FAC(hdr.pri); +- pMsg->iSeverity = LOG_PRI(hdr.pri); ++ pMsg->iFacility = pri2fac(hdr.pri); ++ pMsg->iSeverity = pri2sev(hdr.pri); + pMsg->msgFlags = NEEDS_PARSING | NO_PRI_IN_RAW; + CHKiRet(submitMsg(pMsg)); + } +Index: rsyslog-5.8.6/plugins/imtemplate/imtemplate.c +=================================================================== +--- rsyslog-5.8.6.orig/plugins/imtemplate/imtemplate.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/plugins/imtemplate/imtemplate.c 2014-10-01 09:17:14.800340423 -0400 +@@ -245,8 +245,8 @@ + MsgSetRawMsg(pMsg, msg); + MsgSetHOSTNAME(pMsg, LocalHostName); + MsgSetTAG(pMsg, "rsyslogd:"); +- pMsg->iFacility = LOG_FAC(pri); +- pMsg->iSeverity = LOG_PRI(pri); ++ pMsg->iFacility = pri2fac(pri); ++ pMsg->iSeverity = pri2sev(pri); + flags |= INTERNAL_MSG; + logmsg(pMsg, flags); / * some time, CHKiRet() will work here, too [today NOT!] * / + * +Index: rsyslog-5.8.6/plugins/imuxsock/imuxsock.c +=================================================================== +--- rsyslog-5.8.6.orig/plugins/imuxsock/imuxsock.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/plugins/imuxsock/imuxsock.c 2014-10-01 09:17:14.800340423 -0400 +@@ -6,7 +6,7 @@ + * + * File begun on 2007-12-20 by RGerhards (extracted from syslogd.c) + * +- * Copyright 2007-2011 Rainer Gerhards and Adiscon GmbH. ++ * Copyright 2007-2014 Rainer Gerhards and Adiscon GmbH. + * + * This file is part of rsyslog. + * +@@ -536,8 +536,8 @@ + ++parse; + ++offs; + } +- facil = LOG_FAC(pri); +- sever = LOG_PRI(pri); ++ facil = pri2fac(pri); ++ sever = pri2sev(pri); + + if(sever >= pLstn->ratelimitSev) { + /* note: if cred == NULL, then ratelimiter == NULL as well! */ +Index: rsyslog-5.8.6/runtime/msg.c +=================================================================== +--- rsyslog-5.8.6.orig/runtime/msg.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/runtime/msg.c 2014-10-01 09:17:14.800340423 -0400 +@@ -67,7 +67,7 @@ + static struct { + uchar *pszName; + short lenName; +-} syslog_pri_names[192] = { ++} syslog_pri_names[200] = { + { UCHAR_CONSTANT("0"), 3}, + { UCHAR_CONSTANT("1"), 3}, + { UCHAR_CONSTANT("2"), 3}, +@@ -259,14 +259,22 @@ + { UCHAR_CONSTANT("188"), 5}, + { UCHAR_CONSTANT("189"), 5}, + { UCHAR_CONSTANT("190"), 5}, +- { UCHAR_CONSTANT("191"), 5} ++ { UCHAR_CONSTANT("191"), 5}, ++ { UCHAR_CONSTANT("192"), 5}, ++ { UCHAR_CONSTANT("193"), 5}, ++ { UCHAR_CONSTANT("194"), 5}, ++ { UCHAR_CONSTANT("195"), 5}, ++ { UCHAR_CONSTANT("196"), 5}, ++ { UCHAR_CONSTANT("197"), 5}, ++ { UCHAR_CONSTANT("198"), 5}, ++ { UCHAR_CONSTANT("199"), 5} + }; + + /*syslog facility names (as of RFC5424) */ +-static char *syslog_fac_names[24] = { "kern", "user", "mail", "daemon", "auth", "syslog", "lpr", ++static char *syslog_fac_names[LOG_NFACILITIES] = { "kern", "user", "mail", "daemon", "auth", "syslog", "lpr", + "news", "uucp", "cron", "authpriv", "ftp", "ntp", "audit", + "alert", "clock", "local0", "local1", "local2", "local3", +- "local4", "local5", "local6", "local7" }; ++ "local4", "local5", "local6", "local7", "invld" }; + + /* table of severity names (in numerical order)*/ + static char *syslog_severity_names[8] = { "emerg", "alert", "crit", "err", "warning", "notice", "info", "debug" }; +@@ -275,8 +283,8 @@ + * and facility values to a numerical string... -- rgerhars, 2009-06-17 + */ + +-static char *syslog_number_names[24] = { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", +- "15", "16", "17", "18", "19", "20", "21", "22", "23" }; ++static char *syslog_number_names[LOG_NFACILITIES] = { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", ++ "15", "16", "17", "18", "19", "20", "21", "22", "23", "24" }; + + /* global variables */ + #if defined(HAVE_MALLOC_TRIM) && !defined(HAVE_ATOMIC_BUILTINS) +@@ -685,8 +693,8 @@ + pM->bDoLock = 0; + pM->bAlreadyFreed = 0; + pM->iRefCount = 1; +- pM->iSeverity = -1; +- pM->iFacility = -1; ++ pM->iSeverity = LOG_DEBUG; ++ pM->iFacility = LOG_INVLD; + pM->offAfterPRI = 0; + pM->offMSG = -1; + pM->iProtocolVersion = 0; +@@ -2230,8 +2238,8 @@ + assert(pRes != NULL); + assert(pResLen > 0); + +- snprintf(pRes, pResLen, "%s.%s<%d>", syslog_fac_names[LOG_FAC(pri)], +- syslog_severity_names[LOG_PRI(pri)], pri); ++ snprintf(pRes, pResLen, "%s.%s<%d>", syslog_fac_names[pri2fac(pri)], ++ syslog_severity_names[pri2sev(pri)], pri); + + return pRes; + } +Index: rsyslog-5.8.6/runtime/nsd_gtls.c +=================================================================== +--- rsyslog-5.8.6.orig/runtime/nsd_gtls.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/runtime/nsd_gtls.c 2014-10-01 09:17:14.800340423 -0400 +@@ -115,7 +115,7 @@ + + pBuf->data = NULL; + +- if((fd = open((char*)pszFile, 0)) == -1) { ++ if((fd = open((char*)pszFile, O_RDONLY)) == -1) { + errmsg.LogError(0, RS_RET_FILE_NOT_FOUND, "can not read file '%s'", pszFile); + ABORT_FINALIZE(RS_RET_FILE_NOT_FOUND); + +Index: rsyslog-5.8.6/runtime/parser.c +=================================================================== +--- rsyslog-5.8.6.orig/runtime/parser.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/runtime/parser.c 2014-10-01 09:17:14.800340423 -0400 +@@ -450,11 +450,11 @@ + } + if(*msg == '>') + ++msg; +- if(pri & ~(LOG_FACMASK|LOG_PRIMASK)) +- pri = DEFUPRI; ++ if(pri > LOG_MAXPRI) ++ pri = LOG_PRI_INVLD; + } +- pMsg->iFacility = LOG_FAC(pri); +- pMsg->iSeverity = LOG_PRI(pri); ++ pMsg->iFacility = pri2fac(pri); ++ pMsg->iSeverity = pri2sev(pri); + MsgSetAfterPRIOffs(pMsg, msg - pMsg->pszRawMsg); + } + RETiRet; +Index: rsyslog-5.8.6/runtime/rsyslog.h +=================================================================== +--- rsyslog-5.8.6.orig/runtime/rsyslog.h 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/runtime/rsyslog.h 2014-10-01 09:17:14.800340423 -0400 +@@ -3,7 +3,7 @@ + * + * Begun 2005-09-15 RGerhards + * +- * Copyright (C) 2005-2008 by Rainer Gerhards and Adiscon GmbH ++ * Copyright (C) 2005-2014 by Rainer Gerhards and Adiscon GmbH + * + * This file is part of the rsyslog runtime library. + * +@@ -74,19 +74,58 @@ + * # End Config Settings # * + * ############################################################# */ + +-/* portability: not all platforms have these defines, so we +- * define them here if they are missing. -- rgerhards, 2008-03-04 ++/* make sure we uses consistent macros, no matter what the ++ * platform gives us. + */ +-#ifndef LOG_MAKEPRI +-# define LOG_MAKEPRI(fac, pri) (((fac) << 3) | (pri)) +-#endif +-#ifndef LOG_PRI +-# define LOG_PRI(p) ((p) & LOG_PRIMASK) +-#endif +-#ifndef LOG_FAC +-# define LOG_FAC(p) (((p) & LOG_FACMASK) >> 3) +-#endif ++#define LOG_NFACILITIES 24+1 /* plus one for our special "invld" facility! */ ++#define LOG_MAXPRI 191 /* highest supported valid PRI value --> RFC3164, RFC5424 */ ++#undef LOG_MAKEPRI ++#define LOG_PRI_INVLD LOG_INVLD|LOG_DEBUG /* PRI is invalid --> special "invld.=debug" PRI code (rsyslog-specific) */ ++ ++#define LOG_EMERG 0 /* system is unusable */ ++#define LOG_ALERT 1 /* action must be taken immediately */ ++#define LOG_CRIT 2 /* critical conditions */ ++#define LOG_ERR 3 /* error conditions */ ++#define LOG_WARNING 4 /* warning conditions */ ++#define LOG_NOTICE 5 /* normal but significant condition */ ++#define LOG_INFO 6 /* informational */ ++#define LOG_DEBUG 7 /* debug-level messages */ ++ ++#define LOG_KERN (0<<3) /* kernel messages */ ++#define LOG_USER (1<<3) /* random user-level messages */ ++#define LOG_MAIL (2<<3) /* mail system */ ++#define LOG_DAEMON (3<<3) /* system daemons */ ++#define LOG_AUTH (4<<3) /* security/authorization messages */ ++#define LOG_SYSLOG (5<<3) /* messages generated internally by syslogd */ ++#define LOG_LPR (6<<3) /* line printer subsystem */ ++#define LOG_NEWS (7<<3) /* network news subsystem */ ++#define LOG_UUCP (8<<3) /* UUCP subsystem */ ++#define LOG_CRON (9<<3) /* clock daemon */ ++#define LOG_AUTHPRIV (10<<3) /* security/authorization messages (private) */ ++#define LOG_FTP (11<<3) /* ftp daemon */ ++#define LOG_LOCAL0 (16<<3) /* reserved for local use */ ++#define LOG_LOCAL1 (17<<3) /* reserved for local use */ ++#define LOG_LOCAL2 (18<<3) /* reserved for local use */ ++#define LOG_LOCAL3 (19<<3) /* reserved for local use */ ++#define LOG_LOCAL4 (20<<3) /* reserved for local use */ ++#define LOG_LOCAL5 (21<<3) /* reserved for local use */ ++#define LOG_LOCAL6 (22<<3) /* reserved for local use */ ++#define LOG_LOCAL7 (23<<3) /* reserved for local use */ ++#define LOG_FAC_INVLD 24 ++#define LOG_INVLD (LOG_FAC_INVLD<<3) /* invalid facility/PRI code */ + ++/* we need to use a function to avoid side-effects. This MUST guard ++ * against invalid facility values. rgerhards, 2014-09-16 ++ */ ++static inline int pri2fac(const int pri) ++{ ++ unsigned fac = pri >> 3; ++ return (fac > 23) ? LOG_FAC_INVLD : fac; ++} ++static inline int pri2sev(const int pri) ++{ ++ return pri & 0x07; ++} + + /* the rsyslog core provides information about present feature to plugins + * asking it. Below are feature-test macros which must be used to query +Index: rsyslog-5.8.6/runtime/rule.c +=================================================================== +--- rsyslog-5.8.6.orig/runtime/rule.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/runtime/rule.c 2014-10-01 09:17:14.800340423 -0400 +@@ -173,7 +173,7 @@ + + if(pRule->f_filter_type == FILTER_PRI) { + /* skip messages that are incorrect priority */ +- dbgprintf("testing filter, f_pmask %d\n", pRule->f_filterData.f_pmask[pMsg->iFacility]); ++ dbgprintf("testing filter, f_pmask %d, facility %d\n", pRule->f_filterData.f_pmask[pMsg->iFacility], pMsg->iFacility); + if ( (pRule->f_filterData.f_pmask[pMsg->iFacility] == TABLE_NOPRI) || \ + ((pRule->f_filterData.f_pmask[pMsg->iFacility] & (1<iSeverity)) == 0) ) + bRet = 0; +Index: rsyslog-5.8.6/runtime/srutils.c +=================================================================== +--- rsyslog-5.8.6.orig/runtime/srutils.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/runtime/srutils.c 2014-10-01 09:17:14.800340423 -0400 +@@ -100,6 +100,7 @@ + {"local5", LOG_LOCAL5}, + {"local6", LOG_LOCAL6}, + {"local7", LOG_LOCAL7}, ++ {"invld", LOG_INVLD}, + {NULL, -1}, + }; + +Index: rsyslog-5.8.6/runtime/syslogd-types.h +=================================================================== +--- rsyslog-5.8.6.orig/runtime/syslogd-types.h 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/runtime/syslogd-types.h 2014-10-01 09:17:14.800340423 -0400 +@@ -29,9 +29,6 @@ + + #include "stringbuf.h" + #include +-#if HAVE_SYSLOG_H +-#include +-#endif + + #define FALSE 0 + #define TRUE 1 +Index: rsyslog-5.8.6/tools/syslogd.c +=================================================================== +--- rsyslog-5.8.6.orig/tools/syslogd.c 2014-10-01 09:17:14.804340423 -0400 ++++ rsyslog-5.8.6/tools/syslogd.c 2014-10-01 09:17:14.800340423 -0400 +@@ -555,8 +555,8 @@ + pszTag[32] = '\0'; /* just to make sure... */ + MsgSetTAG(pMsg, pszTag, len); + } +- pMsg->iFacility = LOG_FAC(pri); +- pMsg->iSeverity = LOG_PRI(pri); ++ pMsg->iFacility = pri2fac(pri); ++ pMsg->iSeverity = pri2sev(pri); + flags |= INTERNAL_MSG; + pMsg->msgFlags = flags; + +@@ -569,7 +569,7 @@ + * supressor statement. + */ + if(((Debug == DEBUG_FULL || NoFork) && bErrMsgToStderr) || iConfigVerify) { +- if(LOG_PRI(pri) == LOG_ERR) ++ if(pri2fac(pri) == LOG_ERR) + fprintf(stderr, "rsyslogd: %s\n", msg); + } + +Index: rsyslog-5.8.6/configure +=================================================================== +--- rsyslog-5.8.6.orig/configure 2011-10-21 08:06:54.000000000 -0400 ++++ rsyslog-5.8.6/configure 2014-10-01 10:05:11.932295847 -0400 +@@ -12449,7 +12449,7 @@ + + fi + +-for ac_header in arpa/inet.h libgen.h malloc.h fcntl.h locale.h netdb.h netinet/in.h paths.h stddef.h stdlib.h string.h sys/file.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h sys/stat.h syslog.h unistd.h utmp.h utmpx.h sys/epoll.h sys/prctl.h ++for ac_header in arpa/inet.h libgen.h malloc.h fcntl.h locale.h netdb.h netinet/in.h paths.h stddef.h stdlib.h string.h sys/file.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h sys/stat.h unistd.h utmp.h utmpx.h sys/epoll.h sys/prctl.h + do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` + ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" diff -Nru rsyslog-5.8.6/debian/patches/series rsyslog-5.8.6/debian/patches/series --- rsyslog-5.8.6/debian/patches/series 2013-11-22 17:45:17.000000000 +0000 +++ rsyslog-5.8.6/debian/patches/series 2014-10-01 13:13:21.000000000 +0000 @@ -7,3 +7,4 @@ 201-PreserveFQDN-not-working 202-off-by-one-regression-1187808.patch 203-bugfix-segfault-on-startup-if-actionqueuefilename-wa.patch +CVE-2014-3634.patch