[Syslog-ng-maintainers] Bug#1104890: Bug#1104890: syslog-ng: CVE-2024-47619
Salvatore Bonaccorso
carnil at debian.org
Thu May 8 05:51:18 BST 2025
Hi László,
On Wed, May 07, 2025 at 11:49:39PM +0200, László Böszörményi (GCS) wrote:
> Hi Salvatore,
>
> On Wed, May 7, 2025 at 11:15 PM Salvatore Bonaccorso <carnil at debian.org> wrote:
> > Note, while advisory say this is fixed in 4.8.2 it looks that
> > syslong-ng-4.8.2 tag does not contain the fix? I might have missed
> > something indeed, and asked upstream in [1] about it.
> It might be a GitHub issue. It seems the tag is wrong. If you
> download that and check VERSION.txt it will state 4.8.1 which is
> wrong. You need to download the tarball from the releases page. That's
> correct.
Thanks a lot for double-checking. So that is bit worriesome if the
tagged version and the released version do not match.
Regards,
Salvatore
More information about the Syslog-ng-maintainers
mailing list