beta

Changelog for 6.3.9 (v6-beta)

Version 6.3.9  [BETA] 2012-05-22

  • bugfix: imtcp could cause hang during reception this also applied to other users of core file tcpsrv.c, but imtcp was by far the most prominent and widely-used, the rest rather exotic (like imdiag)
  • added capability to specify substrings for field extraction mode
  • added the “jsonf” property replacer option (and fieldname)
  • bugfix: omudpspoof did not work correctly if no spoof hostname was configured
  • bugfix: property replacer option “json” could lead to content loss message was truncated if escaping was necessary
  • bugfix: assigned ruleset was lost when using disk queues
    This looked quite hard to diagnose for disk-assisted queues, as the pure memory part worked well, but ruleset info was lost for messages stored inside the disk queue.
  • bugfix/imuxsock: solving abort if hostname was not set; configured hostname was not used (both merge regressions)
  • bugfix/omfile: template action parameter was not accepted (and template name set to “??” if the parameter was used)
    Thanks to Brian Knox for alerting us on this bug.
  • bugfix: ommysql did not properly init/exit the mysql runtime library this could lead to segfaults. Triggering condition: multiple action instances using ommysql.  Thanks to Tomas Heinrich for reporting this problem and providing an initial patch (which my solution is based on, I need to add more code to clean the mess up).
  • bugfix: rsyslog did not terminate when delayable inputs were blocked due to unvailable sources. Fixes:
    http://bugzilla.adiscon.com/show_bug.cgi?id=299
    Thanks to Marcin M for bringing up this problem and Andre Lorbach for helping to reproduce and fix it.
  • added capability to specify substrings for field extraction mode
  • bugfix: disk queue was not persisted on shutdown, regression of fix to
    http://bugzilla.adiscon.com/show_bug.cgi?id=299
    The new code also handles the case of shutdown of blocking light and full delayable sources somewhat smarter and permits, assuming sufficient timouts, to persist message up to the max queue capacity. Also some nits in debug instrumentation have been fixed.

Changelog for 5.9.7 (v5-beta)

Version 5.9.7 [V5-BETA], 2012-05-10

  • added capability to specify substrings for field extraction mode
  • bugfix: ommysql did not properly init/exit the mysql runtime library
    this could lead to segfaults. Triggering condition: multiple action
    instances using ommysql. Thanks to Tomas Heinrich for reporting this
    problem and providing an initial patch (which my solution is based on,
    I need to add more code to clean the mess up).
  • bugfix: rsyslog did not terminate when delayable inputs were blocked
    due to unvailable sources. Fixes:
    http://bugzilla.adiscon.com/show_bug.cgi?id=299
    Thanks to Marcin M for bringing up this problem and Andre Lorbach
    for helping to reproduce and fix it.

rsyslog 5.9.7 (v5-beta) released

This is primarily a bug-fixing release. It also introduces the ability to extract substrings from within property fields. This is a recommended update for all users of the v5-beta branch. It will probably turn into the next v5-stable soon, so everyone is encouraged to give this version a try in order to iron out any remaining bugs.

ChangeLog:

http://www.rsyslog.com/changelog-for-5-9-7-v5-beta/

Download:

http://www.rsyslog.com/rsyslog-5-9-7-beta/

As always, feedback is appreciated.

Best regards,
Tim Eifler

rsyslog 5.9.6 (v5-beta) released

This is the first beta version of the 5.9 rsyslog branch. It primarily contains bug fixes and some enhancements over 5.9.5. Most important ones are support for inotify in imfile as well as additional  statistics counters. Note that 5.9.5 was made available in January 2012 and did not receive many bug reports. So we plan to put 5.9.6 on an expedited beta track, which hopefully will lead soon to a new v5-stable. As such, testing and feedback is most appreciated.

ChangeLog:

http://www.rsyslog.com/changelog-for-5-9-6-v5-beta/

Download:

http://www.rsyslog.com/rsyslog-5-9-6-beta/

As always, feedback is appreciated.

Best regards,
Florian Riedl

Changelog for 5.9.6 (v5-beta)

Version 5.9.6  [V5-BETA], 2012-04-12

  • added configuration directives to customize queue light delay marks
  • permit size modifiers (k,m,g,…) in integer config parameters
    Thanks to Jo Rhett for the suggestion.
  • bugfix: hostname was not requeried on HUP
    Thanks to Per Jessen for reporting this bug and Marius Tomaschewski for his help in testing the fix.
  • bugfix: imklog invalidly computed facility and severity
    closes: http://bugzilla.adiscon.com/show_bug.cgi?id=313
  • added configuration directive to disable octet-counted framing for imtcp, directive is $InputTCPServerSupportOctetCountedFraming for imptcp, directive is $InputPTCPServerSupportOctetCountedFraming
  • added capability to use a local interface IP address as fromhost-ip for locally originating messages. New directive $LocalHostIPIF

rsyslog multiple buxfixes released

Hi all,

There has a security issue been identified that can potentially lead to DoS. It is triggered by malformed RFC3164 messages. An abort only happens under very specific environmental trigger factors. Full details can be found in our security advisory here:

http://www.rsyslog.com/potential-dos-with-malformed-tag/

We would like to thank the Red Hat security team for finding this issue and working with us to resolve it.

As a consequence, we have updated all currently active versions. Please note that they do not only contain the fix for the security issue mentioned above but also other stability updates. For obvious reasons, updating to these versions is recommended. For details, please see the relevant ChangeLog.

  • v4-stable: 4.6.8
  • v4-beta: 4.7.5
  • v5-stable: 5.8.5
  • v5-devel: 5.9.3
  • v6-beta: 6.1.12
  • v6-devel: 6.3.5

All versions are available right now. If you do not want to update, you should consider applying an update to older versions. The fix is trivial, so it should apply to all vulnerable versions without problems (but we have not checked the myriad of versions out there). The security advisory contains the details.

The Changelogs and Download Links can be found below:

As always, feedback is appreciated.

Best regards,
Florian Riedl

Changelog for 6.1.12 (v6-beta)

Version 6.1.12  [BETA], 2011-09-01

  • bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200
  • bugfix: mark message processing did not work correctly
  • bugfix: potential misadressing in property replacer
  • bugfix: memcpy overflow can occur in allowed sender checkig if a name is resolved to IPv4-mapped-on-IPv6 address
    Found by Ismail Dönmez at suse
  • bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c)
  • bugfix: fixed incorrect state handling for Discard Action (transactions)
    Note: This caused all messages in a batch to be set to COMMITTED even if they were discarded.
Scroll to top