|
Message-ID: <20010523153957.A26734@openwall.com> Date: Wed, 23 May 2001 15:39:57 +0400 From: solar@...nwall.com To: owl-users@...ts.openwall.com Subject: Re: sysklogd On Wed, May 23, 2001 at 11:39:14AM +0300, Jarno Huuskonen wrote: Hi, Let's get discussions started here. :-) > I downloaded the prerelease Owl-Linux a while back and noticed that you > are using sysklogd-1.3-31. Yes, this is what our patches are currently based on, and some actually went into 1.4. We need to update to 1.4.1 for the newer klogd, but we also need to switch to an alternative syslogd. > This version (klogd) has a bug: NULL-byte? can > cause klogd to consume all available cpu. I think this happens at least with > 2.4.x 3c59x-driver. After about 20 minutes of searching, I actually found that there really is the bug matching your description. It's not fixed with 1.4 and I believe was never reported to the proper places despite being fixed in Debian three months ago (with 1.4.1, which I haven't seen announced). I'll bring this to vendor-sec now. Thanks. The Debian bug is http://bugs.debian.org/85478 Expect a fix for Owl in a few days (will announce here). I will also document our security@ address to be used for reports of this nature. -- /sd
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.