[Syslog-ng-maintainers] Bug#1104890: Bug#1104890: syslog-ng: CVE-2024-47619
László Böszörményi (GCS)
gcs at debian.org
Wed May 7 22:49:39 BST 2025
Hi Salvatore,
On Wed, May 7, 2025 at 11:15 PM Salvatore Bonaccorso <carnil at debian.org> wrote:
> Note, while advisory say this is fixed in 4.8.2 it looks that
> syslong-ng-4.8.2 tag does not contain the fix? I might have missed
> something indeed, and asked upstream in [1] about it.
It might be a GitHub issue. It seems the tag is wrong. If you
download that and check VERSION.txt it will state 4.8.1 which is
wrong. You need to download the tarball from the releases page. That's
correct.
Regards,
Laszlo/GCS
More information about the Syslog-ng-maintainers
mailing list