OracleVM 3.3 : rsyslog (OVMSA-2014-0030)
High Nessus Plugin ID 79545
SynopsisThe remote OracleVM host is missing a security update.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
- use setsid to get a controlling session and process group [Orabug: 17346261] (Todd Vierling)
- fix (CVE-2014-3634) resolves: #1149148
- drop patch 5 which introduced a regression resolves:
#927405 reverts: #847568
- add a patch to prevent 'RepeatedMsgReduction' causing missing hostnames resolves: #893197
- add a patch to enable specifying UID/GID as a number resolves: #886117
- add a patch to prevent a segfault in gssapi resolves:
SolutionUpdate the affected rsyslog package.