Changelog for 6.3.9 (v6-beta)
Version 6.3.9 [BETA] 2012-05-22
- bugfix: imtcp could cause hang during reception this also applied to other users of core file tcpsrv.c, but imtcp was by far the most prominent and widely-used, the rest rather exotic (like imdiag)
- added capability to specify substrings for field extraction mode
- added the “jsonf” property replacer option (and fieldname)
- bugfix: omudpspoof did not work correctly if no spoof hostname was configured
- bugfix: property replacer option “json” could lead to content loss message was truncated if escaping was necessary
- bugfix: assigned ruleset was lost when using disk queues
This looked quite hard to diagnose for disk-assisted queues, as the pure memory part worked well, but ruleset info was lost for messages stored inside the disk queue. - bugfix/imuxsock: solving abort if hostname was not set; configured hostname was not used (both merge regressions)
- bugfix/omfile: template action parameter was not accepted (and template name set to “??” if the parameter was used)
Thanks to Brian Knox for alerting us on this bug. - bugfix: ommysql did not properly init/exit the mysql runtime library this could lead to segfaults. Triggering condition: multiple action instances using ommysql. Thanks to Tomas Heinrich for reporting this problem and providing an initial patch (which my solution is based on, I need to add more code to clean the mess up).
- bugfix: rsyslog did not terminate when delayable inputs were blocked due to unvailable sources. Fixes:
http://bugzilla.adiscon.com/show_bug.cgi?id=299
Thanks to Marcin M for bringing up this problem and Andre Lorbach for helping to reproduce and fix it. - added capability to specify substrings for field extraction mode
- bugfix: disk queue was not persisted on shutdown, regression of fix to
http://bugzilla.adiscon.com/show_bug.cgi?id=299
The new code also handles the case of shutdown of blocking light and full delayable sources somewhat smarter and permits, assuming sufficient timouts, to persist message up to the max queue capacity. Also some nits in debug instrumentation have been fixed.
Changelog for 5.9.7 (v5-beta)
Version 5.9.7 [V5-BETA], 2012-05-10
- added capability to specify substrings for field extraction mode
- bugfix: ommysql did not properly init/exit the mysql runtime library
this could lead to segfaults. Triggering condition: multiple action
instances using ommysql. Thanks to Tomas Heinrich for reporting this
problem and providing an initial patch (which my solution is based on,
I need to add more code to clean the mess up). - bugfix: rsyslog did not terminate when delayable inputs were blocked
due to unvailable sources. Fixes:
http://bugzilla.adiscon.com/show_bug.cgi?id=299
Thanks to Marcin M for bringing up this problem and Andre Lorbach
for helping to reproduce and fix it.
rsyslog 5.9.7 (beta)
Download file name: rsyslog 5.9.7 (beta)
rsyslog 5.9.7 (beta)
md5sum: dac5c61836e8a98d01f962e849613047
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 5.9.7 File size: 2.286 MB
rsyslog 5.9.7 (v5-beta) released
This is primarily a bug-fixing release. It also introduces the ability to extract substrings from within property fields. This is a recommended update for all users of the v5-beta branch. It will probably turn into the next v5-stable soon, so everyone is encouraged to give this version a try in order to iron out any remaining bugs.
ChangeLog:
http://www.rsyslog.com/changelog-for-5-9-7-v5-beta/
Download:
http://www.rsyslog.com/rsyslog-5-9-7-beta/
As always, feedback is appreciated.
Best regards,
Tim Eifler
rsyslog 5.9.6 (v5-beta) released
This is the first beta version of the 5.9 rsyslog branch. It primarily contains bug fixes and some enhancements over 5.9.5. Most important ones are support for inotify in imfile as well as additional statistics counters. Note that 5.9.5 was made available in January 2012 and did not receive many bug reports. So we plan to put 5.9.6 on an expedited beta track, which hopefully will lead soon to a new v5-stable. As such, testing and feedback is most appreciated.
ChangeLog:
http://www.rsyslog.com/changelog-for-5-9-6-v5-beta/
Download:
http://www.rsyslog.com/rsyslog-5-9-6-beta/
As always, feedback is appreciated.
Best regards,
Florian Riedl
rsyslog 5.9.6 (beta)
Download file name: rsyslog 5.9.6 (beta)
rsyslog 5.9.6 (beta)
md5sum: 9a42c5ecb0338564011713cbc42c0faf
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 5.9.6 File size: 2.395 MB
Changelog for 5.9.6 (v5-beta)
Version 5.9.6 [V5-BETA], 2012-04-12
- added configuration directives to customize queue light delay marks
- permit size modifiers (k,m,g,…) in integer config parameters
Thanks to Jo Rhett for the suggestion. - bugfix: hostname was not requeried on HUP
Thanks to Per Jessen for reporting this bug and Marius Tomaschewski for his help in testing the fix. - bugfix: imklog invalidly computed facility and severity
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=313 - added configuration directive to disable octet-counted framing for imtcp, directive is $InputTCPServerSupportOctetCountedFraming for imptcp, directive is $InputPTCPServerSupportOctetCountedFraming
- added capability to use a local interface IP address as fromhost-ip for locally originating messages. New directive $LocalHostIPIF
rsyslog multiple buxfixes released
Hi all,
There has a security issue been identified that can potentially lead to DoS. It is triggered by malformed RFC3164 messages. An abort only happens under very specific environmental trigger factors. Full details can be found in our security advisory here:
http://www.rsyslog.com/potential-dos-with-malformed-tag/
We would like to thank the Red Hat security team for finding this issue and working with us to resolve it.
As a consequence, we have updated all currently active versions. Please note that they do not only contain the fix for the security issue mentioned above but also other stability updates. For obvious reasons, updating to these versions is recommended. For details, please see the relevant ChangeLog.
- v4-stable: 4.6.8
- v4-beta: 4.7.5
- v5-stable: 5.8.5
- v5-devel: 5.9.3
- v6-beta: 6.1.12
- v6-devel: 6.3.5
All versions are available right now. If you do not want to update, you should consider applying an update to older versions. The fix is trivial, so it should apply to all vulnerable versions without problems (but we have not checked the myriad of versions out there). The security advisory contains the details.
The Changelogs and Download Links can be found below:
- v4-stable: 4.6.8
ChangeLog: http://www.rsyslog.com/changelog-for-4-6-8-v4-stable/
Download: http://www.rsyslog.com/rsyslog-4-6-8-v4-stable/
- v4-beta: 4.7.5
ChangeLog: http://www.rsyslog.com/changelog-for-4-7-5-v4-beta/
Download: http://www.rsyslog.com/rsyslog-4-7-5-v4-beta/ - v5-stable: 5.8.5
ChangeLog: http://www.rsyslog.com/changelog-for-5-8-5-v5-stable/
Download: http://www.rsyslog.com/rsyslog-5-8-5-v5-stable/ - v5-devel: 5.9.3
ChangeLog: http://www.rsyslog.com/changelog-for-5-9-3-v5-devel/
Download: http://www.rsyslog.com/rsyslog-5-9-3-v5-devel/ - v6-beta: 6.1.12
ChangeLog: http://www.rsyslog.com/changelog-for-6-1-12-v6-beta/
Download: http://www.rsyslog.com/rsyslog-6-1-12-v6-beta/ - v6-devel: 6.3.5
ChangeLog: http://www.rsyslog.com/changelog-for-6-3-5-v6-devel/
Download: http://www.rsyslog.com/rsyslog-6-3-5-v6-devel/
As always, feedback is appreciated.
Best regards,
Florian Riedl
rsyslog 6.1.12 (v6-beta)
Download file name: rsyslog 6.1.12 (beta)
rsyslog 6.1.12 (beta)
md5sum: 42edc753cf2b995b3866d50851d2af28
Author: Rainer Gerhards (rgerhards@adiscon.com)
Version: 6.1.12 File size: 2.411 MB
Changelog for 6.1.12 (v6-beta)
Version 6.1.12 [BETA], 2011-09-01
- bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200
- bugfix: mark message processing did not work correctly
- bugfix: potential misadressing in property replacer
- bugfix: memcpy overflow can occur in allowed sender checkig if a name is resolved to IPv4-mapped-on-IPv6 address
Found by Ismail Dönmez at suse - bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c)
- bugfix: fixed incorrect state handling for Discard Action (transactions)
Note: This caused all messages in a batch to be set to COMMITTED even if they were discarded.