A rsyslog security update has been released for Oracle Linux 7.

El-errata: ELSA-2022-4803 Important: Oracle Linux 7 rsyslog security update

Oracle Linux Security Advisory ELSA-2022-4803

  http://linux.oracle.com/errata/ELSA-2022-4803.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
rsyslog-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-crypto-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-doc-8.24.0-57.0.1.el7_9.3.noarch.rpm
rsyslog-elasticsearch-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-gnutls-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-gssapi-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-kafka-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-libdbi-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-mmaudit-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-mmjsonparse-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-mmkubernetes-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-mmnormalize-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-mmsnmptrapd-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-mysql-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-pgsql-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-relp-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-snmp-8.24.0-57.0.1.el7_9.3.x86_64.rpm
rsyslog-udpspoof-8.24.0-57.0.1.el7_9.3.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/rsyslog-8.24.0-57.0.1.el7_9.3.src.rpm

Related CVEs:

CVE-2022-24903



Description of changes:

[8.24.0-57.0.1.el7_9.3]
- added patch to flush the journal state file [Orabug: 32583987] (venu.busireddy@oracle.com)
- Reviewed-by: Laurence Rochfort

[8.24.0-57.3]
- Address CVE-2022-24903, Heap-based overflow in TCP syslog server
resolves: rhbz#2081395

_______________________________________________