Thursday, September 1st, 2011
Hi all,
There has a security issue been identified that can potentially lead to DoS. It is triggered by malformed RFC3164 messages. An abort only happens under very specific environmental trigger factors. Full details can be found in our security advisory here:
http://www.rsyslog.com/potential-dos-with-malformed-tag/
We would like to thank the Red Hat security team for finding this issue and working with us to resolve it.
As a consequence, we have updated all currently active versions. Please note that they do not only contain the fix for the security issue mentioned above but also other stability updates. For obvious reasons, updating to these versions is recommended. For details, please see the relevant ChangeLog.
- v4-stable: 4.6.8
- v4-beta: 4.7.5
- v5-stable: 5.8.5
- v5-devel: 5.9.3
- v6-beta: 6.1.12
- v6-devel: 6.3.5
All versions are available right now. If you do not want to update, you should consider applying an update to older versions. The fix is trivial, so it should apply to all vulnerable versions without problems (but we have not checked the myriad of versions out there). The security advisory contains the details.
The Changelogs and Download Links can be found below:
As always, feedback is appreciated.
Best regards,
Florian Riedl
Tags: 4.6.8, 4.7.5, 5.8.5, 5.9.3, 6.1.12, 6.3.5, beta, bugfix, devel, release, rsyslog, stable, v4, v5, v6
Posted in News, Release Announcement | No Comments »
Thursday, September 1st, 2011
Download file name: rsyslog 6.1.12 (beta)
rsyslog 6.1.12 (beta)
md5sum: 42edc753cf2b995b3866d50851d2af28
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 6.1.12 File size: 2.411 MB
Download this file now!
Tags: 6.1.12, beta, bugfix, rsyslog, security, v6
Posted in Download, beta | No Comments »
Thursday, September 1st, 2011
Version 6.1.12 [BETA], 2011-09-01
- bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200
- bugfix: mark message processing did not work correctly
- bugfix: potential misadressing in property replacer
- bugfix: memcpy overflow can occur in allowed sender checkig if a name is resolved to IPv4-mapped-on-IPv6 address
Found by Ismail Dönmez at suse
- bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c)
- bugfix: fixed incorrect state handling for Discard Action (transactions)
Note: This caused all messages in a batch to be set to COMMITTED even if they were discarded.
Tags: 6.1.12, beta, bugfix, Changelog, rsyslog, v6
Posted in Changelog | No Comments »
Thursday, September 1st, 2011
Version 4.7.5 [v4-beta], 2011-09-01
- bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200
- bugfix: potential misadressing in property replacer
- bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c)
Tags: 4.7.5, beta, bugfix, Changelog, rsyslog, v4
Posted in Changelog | No Comments »
Monday, July 11th, 2011
This release supports new enhancements in systemd and provides forward-compatibility patches.
ChangeLog:
http://www.rsyslog.com/changelog-for-6-1-11-v6-beta/
Download:
http://www.rsyslog.com/rsyslog-6-1-11-beta/
As always, feedback is appreciated.
Best regards,
Tom Bergfeld
Tags: 6.1.11, beta, release, v6
Posted in News, Release Announcement | No Comments »
Monday, July 11th, 2011
Download file name: rsyslog 6.1.11 (beta)
rsyslog 6.1.11 (beta)
md5sum: 14d879512290813e855b426761054611
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 6.1.11 File size: 2.3 MB
Download this file now!
Tags: 6.1.11, beta, Download, v6
Posted in Download, beta | No Comments »
Monday, July 11th, 2011
Version 6.1.11 [BETA] (rgerhards), 2011-07-11
- systemd support: set stdout/stderr to null – thx to Lennart for the patch
- added support for the “:omusrmsg:” syntax in configuring user messages
- added support for the “:omfile:” syntax in configuring user messages
Tags: 6.1.1, beta, Changelog, v6
Posted in Changelog | 1 Comment »
Monday, July 11th, 2011
Version 4.7.4 [v4-beta] (rgerhards), 2011-07-11
- added support for the “:omusrmsg:” syntax in configuring user messages
- added support for the “:omfile:” syntax in configuring user messages
- added $LocalHostName config directive
- bugfix: PRI was invalid on Solaris for message from local log socket
- bugfix: local hostname was pulled too-early, so that some config
directives (namely FQDN settings) did not have any effect
- bugfix: atomic increment for msg object may not work correct on all
platforms. Thanks to Chris Metcalf for the patch
- bugfix: a slightly more informative error message when a TCP
connections is aborted
Tags: 4.7.4, beta, Changelog, v4
Posted in Changelog | 1 Comment »
Wednesday, June 22nd, 2011
This is a stability update that imports the recent set of patches developed for version 5 and above. Note that users are strongly advised to upgrade to this version due to a potentially fatal failure caused by one bug.
ChangeLog:
http://www.rsyslog.com/changelog-for-6-1-10-beta/
Download:
http://www.rsyslog.com/rsyslog-6-1-10-beta/
As always, feedback is appreciated.
Best regards,
Tom Bergfeld
Tags: 6.1.10, beta, release, rsyslog, v6
Posted in News, Release Announcement | No Comments »
Wednesday, June 22nd, 2011
Download file name: rsyslog 6.1.10 (beta)
rsyslog 6.1.10 (beta)
md5sum: 919a7474ef9fd9621b6aac96d674610a
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 6.1.10 File size: 2.3 MB
Download this file now!
Tags: 6.1.10, beta, Download, rsyslog
Posted in Download, beta | No Comments »
