v4 rsyslog

rsyslog 4.8.0 (v4-stable) released

Wednesday, September 7th, 2011

There are no changes compared to 4.7.5, just a re-release with the new version number as new v4-stable. The most important new feature (for the v4-stable branch!) is Solaris support.

Note: major new development to v4 is concluded and will only be done for custom projects.

ChangeLog:

http://www.rsyslog.com/changelog-for-4-8-0-v4-stable/

Download:

http://www.rsyslog.com/rsyslog-4-8-0-v4-stable/

As always, feedback is appreciated.

Best regards,
Tim Eifler

Tags: 4.8.0, Download, rsyslog, stable, v4
Posted in News, Release Announcement | No Comments »

rsyslog 4.8.0 (v4-stable)

Wednesday, September 7th, 2011

Download file name: rsyslog 4.8.0 (stable)

rsyslog 4.8.0 (stable)
md5sum: 4c7f1ffec2157f106c5c12e5ffd6c594

Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 4.8.0 File size: 2.14 MB

Download this file now!

Tags: 4.8.0, Download, rsyslog, stable, v4
Posted in Download, stable | 1 Comment »

Changelog for 4.8.0 (v4-stable)

Wednesday, September 7th, 2011

Version 4.8.0 [v4-stable] (rgerhards), 2011-09-07

This is a new stable v4 version. It contains all fixes and enhancements made during the 4.7.x phase.

Tags: 4.8.0, release, rsyslog, stable, v4
Posted in Changelog | No Comments »

rsyslog multiple buxfixes released

Thursday, September 1st, 2011

Hi all,

There has a security issue been identified that can potentially lead to DoS. It is triggered by malformed RFC3164 messages. An abort only happens under very specific environmental trigger factors. Full details can be found in our security advisory here:

http://www.rsyslog.com/potential-dos-with-malformed-tag/

We would like to thank the Red Hat security team for finding this issue and working with us to resolve it.

As a consequence, we have updated all currently active versions. Please note that they do not only contain the fix for the security issue mentioned above but also other stability updates. For obvious reasons, updating to these versions is recommended. For details, please see the relevant ChangeLog.

v4-stable: 4.6.8
v4-beta: 4.7.5
v5-stable: 5.8.5
v5-devel: 5.9.3
v6-beta: 6.1.12
v6-devel: 6.3.5

All versions are available right now. If you do not want to update, you should consider applying an update to older versions. The fix is trivial, so it should apply to all vulnerable versions without problems (but we have not checked the myriad of versions out there). The security advisory contains the details.

The Changelogs and Download Links can be found below:

v4-stable: 4.6.8
ChangeLog: http://www.rsyslog.com/changelog-for-4-6-8-v4-stable/
Download: http://www.rsyslog.com/rsyslog-4-6-8-v4-stable/
v4-beta: 4.7.5
ChangeLog: http://www.rsyslog.com/changelog-for-4-7-5-v4-beta/
Download: http://www.rsyslog.com/rsyslog-4-7-5-v4-beta/
v5-stable: 5.8.5
ChangeLog: http://www.rsyslog.com/changelog-for-5-8-5-v5-stable/
Download: http://www.rsyslog.com/rsyslog-5-8-5-v5-stable/
v5-devel: 5.9.3
ChangeLog: http://www.rsyslog.com/changelog-for-5-9-3-v5-devel/
Download: http://www.rsyslog.com/rsyslog-5-9-3-v5-devel/
v6-beta: 6.1.12
ChangeLog: http://www.rsyslog.com/changelog-for-6-1-12-v6-beta/
Download: http://www.rsyslog.com/rsyslog-6-1-12-v6-beta/
v6-devel: 6.3.5
ChangeLog: http://www.rsyslog.com/changelog-for-6-3-5-v6-devel/
Download: http://www.rsyslog.com/rsyslog-6-3-5-v6-devel/

As always, feedback is appreciated.

Best regards,
Florian Riedl

Tags: 4.6.8, 4.7.5, 5.8.5, 5.9.3, 6.1.12, 6.3.5, beta, bugfix, devel, release, rsyslog, stable, v4, v5, v6
Posted in News, Release Announcement | No Comments »

Changelog for 4.7.5 (v4-beta)

Thursday, September 1st, 2011

Version 4.7.5 [v4-beta], 2011-09-01

bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200
bugfix: potential misadressing in property replacer
bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c)

Tags: 4.7.5, beta, bugfix, Changelog, rsyslog, v4
Posted in Changelog | No Comments »

rsyslog 4.7.5 (v4-beta)

Thursday, September 1st, 2011

Download file name: rsyslog 4.7.5 (beta)

rsyslog 4.7.5 (beta)
md5sum: 03426b24a438cedc31d7050698624716

Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 4.7.5 File size: 2.128 MB

Download this file now!

Tags: 4.7.5, bugfix, devel, Download, rsyslog, security, v4
Posted in Download, devel | No Comments »

rsyslog 4.6.8 (v4-stable)

Thursday, September 1st, 2011

Download file name: rsyslog 4.6.8 (stable)

rsyslog 4.6.8 (stable)
md5sum: cfd2d0c3b536fed9c67603c7533449c3

Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 4.6.8 File size: 2.077 MB

Download this file now!

Tags: 4.6.8, bugfix, Download, security, stable, v4
Posted in Download, stable | 1 Comment »

Changelog for 4.6.8 (v4-stable)

Thursday, September 1st, 2011

Version 4.6.8 [v4-stable] (rgerhards), 2011-09-01

bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200
bugfix: potential misadressing in property replacer
bugfix: memcpy overflow can occur in allowed sender checking if a name is resolved to IPv4-mapped-on-IPv6 address
Found by Ismail Dönmez at suse
bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c)

Tags: 4.6.8, Changelog, overflow, parser, rsyslog, stable, syslog, v4
Posted in Changelog | No Comments »