Hi, On Sun, 2017-01-29 at 14:37 +0100, Matthias Fischer wrote: > ...and now to something completely different... ;-) > > Changelog: > > - Bugfix against invalid PRI values (CVE-2014-3634) > > CVE-2014-3634: > "...sysklogd 1.5 and earlier allows remote attackers to cause a > denial of service (crash), possibly execute arbitrary code, > or have other unspecified impact via a crafted priority (PRI) > value that triggers an out-of-bounds array access." > > Nothing good for a firewall...and besides, 'sysklogd' wasn't updated > since 2010. Very very true. If we are behind on any other important package, please feel free to send updates, as always. Best, -Michael > > Best, > Matthias > > Signed-off-by: Matthias Fischer > --- >  config/rootfiles/common/sysklogd | 2 ++ >  lfs/sysklogd                     | 9 +++------ >  2 files changed, 5 insertions(+), 6 deletions(-) > > diff --git a/config/rootfiles/common/sysklogd > b/config/rootfiles/common/sysklogd > index 9792097ce..f5d55c220 100644 > --- a/config/rootfiles/common/sysklogd > +++ b/config/rootfiles/common/sysklogd > @@ -1,6 +1,8 @@ >  usr/sbin/klogd >  usr/sbin/syslogd > +#usr/share/man/man5/syslog.conf.5 >  #usr/share/man/man8/klogd.8 >  #usr/share/man/man8/sysklogd.8 > +#usr/share/man/man8/syslogd.8 >  var/log/dhcpcd.log >  var/log/messages > diff --git a/lfs/sysklogd b/lfs/sysklogd > index ca6110a6d..75bde5fee 100644 > --- a/lfs/sysklogd > +++ b/lfs/sysklogd > @@ -1,7 +1,7 @@ >  #################################################################### > ########### >  #                                                                    >           # >  # IPFire.org - A linux based > firewall                                         # > -# Copyright (C) 2007  Michael Tremer & Christian > Schmidt                      # > +# Copyright (C) 2007-2017  IPFire Team              >           # >  #                                                                    >           # >  # This program is free software: you can redistribute it and/or > modify        # >  # it under the terms of the GNU General Public License as published > by        # > @@ -24,7 +24,7 @@ >   >  include Config >   > -VER        = 1.5 > +VER        = 1.5.1 >   >  THISAPP    = sysklogd-$(VER) >  DL_FILE    = $(THISAPP).tar.gz > @@ -40,7 +40,7 @@ objects = $(DL_FILE) >   >  $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >   > -$(DL_FILE)_MD5 = e053094e8103165f98ddafe828f6ae4b > +$(DL_FILE)_MD5 = c70599ab0d037fde724f7210c2c8d7f8 >   >  install : $(TARGET) >   > @@ -70,9 +70,6 @@ $(subst %,%_MD5,$(objects)) : >  $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >   @$(PREBUILD) >   @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf > $(DIR_DL)/$(DL_FILE) > - #cd $(DIR_APP) && patch -Np1 < > $(DIR_SRC)/src/patches/$(THISAPP)-fixes-1.patch > - #cd $(DIR_APP) && patch -Np1 < > $(DIR_SRC)/src/patches/$(THISAPP)-8bit-1.patch > - #cd $(DIR_APP) && patch -Np1 < > $(DIR_SRC)/src/patches/$(THISAPP)_xen_empty_buffer_check.patch >   cd $(DIR_APP) && make $(MAKETUNING) >   cd $(DIR_APP) && make install >   touch /var/log/{dhcpcd.log,messages}