Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 531
Alerts This Week
Warning Icon 1 531

SUSE: 2018:2453-1 Moderate: Rsyslog Log File Permissions Fix

suse
Calendar Grey August 20, 2018
Scroller Suse Esm H88
The recent patch from SUSE for rsyslog resolves a significant concern regarding log file access rights, bolstering overall system protection.
An update that fixes one vulnerability is now available

Summary

This update for rsyslog fixes the following issues: The following security vulnerability was addressed: CVE-2015-3243: Make sure that log files are not created world-readable (bsc#935393) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE CaaS Platform 3.0: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - SUSE CaaS Platform 3.0 (x86_64): rsyslog-8.24.0-3.11.1 rsyslog-debuginfo-8.24.0-3.11.1 rsyslog-debugsource-8.24.0-3.11.1

References

#935393

Cross- CVE-2015-3243

Affected Products:

SUSE CaaS Platform 3.0

https://www.suse.com/security/cve/CVE-2015-3243.html

https://bugzilla.suse.com/935393

Announcement ID: SUSE-SU-2018:2453-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.