rsyslog 3.21.9 (v3-beta) released - IMPORTANT SECURITY RELEASE

Hi all,

We have just released rsyslog 3.21.9, a member of the v3-beta branch. Most importantly, this release addresses a security vulnerability the renders the $AllowedSender directive useless. This issue has already been discussed here on the list. In addition to this, the release also contains all the bug fixes and enhancements from the stable release 3.20.2.

Security Advisory:
http://www.rsyslog.com/Article322.phtml

Download:
http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-142.phtml

Change Log:
http://www.rsyslog.com/Article326.phtml
http://www.rsyslog.com/Article330.phtml"

All users are advised to update to this release. It is urgently recommended not only for those that would be vulnerable to the security issue but also to anyone using TLS-based communications.

Releases for the devel branch will hopefully be posted later today. The git archive has all relevant patches if someone has an urgent need.

As always, feedback is appreciated. We hope this release will be useful.

Florian Riedl

(2332 Reads)

rsyslog Sponsors

Functionality looking for Sponsors

Click here for more information

Last Forum Posts

· Re: AIX syslog tolinux rsyslog?
does*.* @server.example.net not work on aix?
· AIX syslog tolinux rsyslog?
Is it possible to get the AIX 6.1 servers syslog to remote log to ...
· Re: templates and database
here are the sources http://git.adiscon.com/?p=rsyslog.git;a ... ...
· Re: Kernel logging
Summing up of private exchangesI made a test, and have sent the d ...
· Re: templates and database
well, I think my previous post was not so clear, anyway I'd like ...
· Re: Kernel logging
oh, and one question to the original poster: you say that kernel ...
· Re: Kernel logging
just for the others following this thread: I analyzed the debug l ...
· Re: no MARK in logs
forgot to include the version: rsyslog 4.2.0-2ubuntu5.1 Ubuntu 9 ...

:: Syndication: :: Page created in 0.0821058750153 seconds.