USN-3612-1: librelp vulnerability
28 March 2018
librelp could be made to crash or run programs if it received specially crafted network traffic.
- librelp - Reliable Event Logging Protocol (RELP) library
Bas van Schaik and Kevin Backhouse discovered that librelp incorrectly
handled checking certain x509 certificates. A remote attacker able to
connect to rsyslog could possibly use this issue to execute arbitrary code.