Marcus Rueckert
a93bdfd569
- bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200 bnc#714658 - bugfix: mark message processing did not work correctly - bugfix: potential hang condition during tag emulation - bugfix: too-early string termination during tag emulation - bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c) - bugfix: fixed incorrect state handling for Discard Action (transactions) Note: This caused all messages in a batch to be set to COMMITTED, even if they were discarded. OBS-URL: https://build.opensuse.org/package/show/Base:System/rsyslog?expand=0&rev=71
472 lines
21 KiB
Plaintext
472 lines
21 KiB
Plaintext
-------------------------------------------------------------------
|
|
Wed Sep 7 12:58:48 UTC 2011 - mrueckert@suse.de
|
|
|
|
- update to 5.8.5 [V5-stable]
|
|
- bugfix/security: off-by-two bug in legacy syslog parser,
|
|
CVE-2011-3200 bnc#714658
|
|
- bugfix: mark message processing did not work correctly
|
|
- bugfix: potential hang condition during tag emulation
|
|
- bugfix: too-early string termination during tag emulation
|
|
- bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup
|
|
(msg.c)
|
|
- bugfix: fixed incorrect state handling for Discard Action
|
|
(transactions) Note: This caused all messages in a batch to be
|
|
set to COMMITTED, even if they were discarded.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 24 11:05:18 UTC 2011 - mt@suse.de
|
|
|
|
- Adopted to require new syslog-service package on 12.x, that
|
|
provides the /etc/init.d/syslog LSB init script and systemd
|
|
syslog.service service file. Removed rsyslog.service file
|
|
installation from spec file. (fate#311316).
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 19 13:04:45 UTC 2011 - mrueckert@suse.de
|
|
|
|
- Update to 5.8.4 [V5-stable]
|
|
- bugfix: potential misadressing in property replacer
|
|
- bugfix: memcpy overflow can occur in allowed sender checkig if
|
|
a name is resolved to IPv4-mapped-on-IPv6 address Found by
|
|
Ismail Dönmez at suse
|
|
- bugfix: potential misadressing in property replacer
|
|
- bugfix: MSGID corruption in RFC5424 parser under some
|
|
circumstances closes:
|
|
http://bugzilla.adiscon.com/show_bug.cgi?id=275
|
|
- remove rsyslog-5.8.0-memcpy.patch:
|
|
applied upstream
|
|
- fix build for older distros:
|
|
only buildrequire systemd-devel for newer than 11.4, use systemd
|
|
for the others
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 19 04:54:03 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
- Fix build with new gnutls
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 2 07:35:13 UTC 2011 - aj@suse.de
|
|
|
|
- Require systemd-devel to follow package split.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 13 11:10:15 UTC 2011 - mrueckert@suse.de
|
|
|
|
- drop modules imtemplate and omtemplate, the 2 modules are base
|
|
templates for people who want to develop their own modules.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 12 13:35:54 UTC 2011 - mrueckert@suse.de
|
|
|
|
- enabled a few more modules which dont pull extra dependencies:
|
|
impstats, pmcisconames, pmaixforwardedfrom, pmsnare, pmrfc3164sd,
|
|
omruleset, mmsnmptrapd
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 12 13:11:04 UTC 2011 - mrueckert@suse.de
|
|
|
|
- guard the file list entry for rsyslog.service with
|
|
if {with systemd}. Please keep the package working on older
|
|
distros.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 12 12:59:13 UTC 2011 - mrueckert@suse.de
|
|
|
|
- upstream asked to change the syntax in the default config files
|
|
to the new syntax:
|
|
old: *.* * # (write to all)
|
|
new: *.* :omusrmsg:*
|
|
|
|
old: *.* $channel
|
|
new: *.* :omfile:$channel
|
|
|
|
from what i can see we are only affected with:
|
|
old: *.emerg *
|
|
new: *.emerg :omusrmsg:*
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 12 12:52:58 UTC 2011 - mrueckert@suse.de
|
|
|
|
- Updated to 5.8.3 [V5-stable]
|
|
- systemd support: set stdout/stderr to null - thx to Lennart for
|
|
the patch
|
|
- added support for the ":omusrmsg:" syntax in configuring user
|
|
messages
|
|
- added support for the ":omfile:" syntax in configuring user
|
|
messages Note: previous outchannel syntax will generate a
|
|
warning message. This may be surprising to some users, but it
|
|
is quite urgent to alert them of the new syntax as v6 can no
|
|
longer support the previous one.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 21 13:50:42 UTC 2011 - mt@suse.de
|
|
|
|
- Updated to 5.8.2 [V5-stable] (bnc#701282) a maintenance release,
|
|
containing only stability fixes:
|
|
- bugfix: problems in failover action handling
|
|
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=270
|
|
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=254
|
|
- bugfix: mutex was invalidly left unlocked during action processing
|
|
At least one case where this can occur is during thread shutdown,
|
|
which may be initiated by lower activity. In most cases, this is
|
|
quite unlikely to happen. However, if it does, data structures may be
|
|
corrupted which could lead to fatal failure and segfault. I detected
|
|
this via a testbench test, not a user report. But I assume that some
|
|
users may have had unreproducable aborts that were cause by this bug.
|
|
- bugfix: memory leak in imtcp & subsystems under some circumstances
|
|
This leak is tied to error conditions which lead to incorrect cleanup
|
|
of some data structures. [backport from v6]
|
|
- bugfix/improvement:$WorkDirectory now gracefully handles trailing
|
|
slashes
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 31 12:14:59 UTC 2011 - aj@suse.de
|
|
|
|
- Add systemd service file back (bnc#696963).
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 27 07:53:38 UTC 2011 - mt@suse.de
|
|
|
|
- Removed touch of obsolete /var/log/boot.log from spec post.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 19 15:43:28 UTC 2011 - mrueckert@suse.de
|
|
|
|
- update to 5.8.1
|
|
- bugfix: invalid processing in QUEUE_FULL condition If the the
|
|
multi-submit interface was used and a QUEUE_FULL condition
|
|
occured, the failed message was properly destructed. However,
|
|
the rest of the input batch, if it existed, was not processed.
|
|
So this lead to potential loss of messages and a memory leak.
|
|
The potential loss of messages was IMHO minor, because they
|
|
would have been dropped in most cases due to the queue
|
|
remaining full, but very few lucky ones from the batch may have
|
|
made it. Anyhow, this has now been changed so that the rest of
|
|
the batch is properly tried to be enqueued and, if not
|
|
possible, destructed.
|
|
- new module mmsnmptrapd, a sample message modification module
|
|
This can be useful to reformat snmptrapd messages and also
|
|
serves as a sample for how to write message modification
|
|
modules using the output module interface. Note that we
|
|
introduced this new functionality directly into the stable
|
|
release, as it does not modify the core and as such cannot have
|
|
any side-effects if it is not used (and thus the risk is solely
|
|
on users requiring that functionality).
|
|
- bugfix: rate-limiting inside imuxsock did not work 100% correct
|
|
reason was that a global config variable was invalidly accessed
|
|
where a listener variable should have been used. Also
|
|
performance-improved the case when rate limiting is turned off
|
|
(this is a very unintrusive change, thus done directly to the
|
|
stable version).
|
|
- bugfix: $myhostname not available in RainerScript (and no error
|
|
message) closes:
|
|
http://bugzilla.adiscon.com/show_bug.cgi?id=233
|
|
- bugfix: memory and file descriptor leak in stream processing
|
|
Leaks could occur under some circumstances if the file stream
|
|
handler errored out during the open call. Among others, this
|
|
could cause very big memory leaks if there were a problem with
|
|
unreadable disk queue files. In regard to the memory leak, this
|
|
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=256
|
|
- bugfix: doc for impstats had wrong config statements also,
|
|
config statements were named a bit inconsistent, resolved that
|
|
problem by introducing an alias and only documenting the
|
|
consistent statements Thanks to Marcin for bringing up this
|
|
problem.
|
|
- bugfix: IPv6-address could not be specified in omrelp this was
|
|
due to improper parsing of ":" closes:
|
|
http://bugzilla.adiscon.com/show_bug.cgi?id=250
|
|
- bugfix: TCP connection invalidly aborted when messages needed
|
|
to be discarded (due to QUEUE_FULL or similar problem)
|
|
- bugfix: $LocalHostName was not honored under all circumstances
|
|
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=258
|
|
- bugfix(minor): improper template function call in syslogd.c
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 29 11:38:40 UTC 2011 - idoenmez@novell.com
|
|
|
|
- Add rsyslog-5.6.5-memcpy.patch: fix overflowing memcpy call in
|
|
runtime/net.c
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 27 16:19:31 UTC 2011 - mrueckert@suse.de
|
|
|
|
- move most of the additional requirements and subpackages into
|
|
conditionals so we can switch them on and off by more easily.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 26 12:30:17 UTC 2011 - mt@suse.de
|
|
|
|
- Dropped obsolete rsyslog-systemd-integration.bnc656104.diff
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 26 12:20:16 UTC 2011 - mrueckert@suse.de
|
|
|
|
- dont ship the systemd service file for now.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Apr 24 01:32:17 UTC 2011 - mrueckert@suse.de
|
|
|
|
- update to 5.8.0 (v5-tsable)
|
|
This is the new v5-stable branch, importing all feature from the
|
|
5.7.x versions. To see what has changed in regard to the previous
|
|
v5-stable, check the entries for 5.7.x in
|
|
/usr/share/doc/packages/rsyslog/ChangeLog.
|
|
|
|
- bugfix: race condition in deferred name resolution
|
|
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=238
|
|
Special thanks to Marcin for his persistence in helping to solve this
|
|
bug.
|
|
- bugfix: DA queue was never shutdown once it was started
|
|
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=241
|
|
- dropped patch rsyslog-deferred-dns-query-race.diff
|
|
included in the release
|
|
- refreshed rsyslog-systemd-integration.bnc656104.diff:
|
|
most of the patch went upstream just a small chunk left
|
|
- fixed the with_dbi conditional, it was using the build_with_relp.
|
|
- added a new conditional with_systemd and moved all the systemd
|
|
specific things from suse_version >= 1140 to the with_systemd
|
|
conditional. the patch line in the preamble should be
|
|
unconditional.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 8 13:24:34 UTC 2011 - mt@suse.de
|
|
|
|
- bugfix: race condition in deferred name resolution (id=238)
|
|
from v5.8.0 candidate.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 24 16:34:31 UTC 2011 - mt@suse.de
|
|
|
|
- Updated to 5.6.5 (v5-stable) with following bugfixes:
|
|
* bugfix: failover did not work correctly if repeated msg
|
|
reduction was on.
|
|
affected directive: $ActionExecOnlyWhenPreviousIsSuspended on
|
|
* bugfix: omlibdbi did not use password from rsyslog.conf
|
|
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=203
|
|
* bugfix(kind of): tell users that config graph can currently
|
|
not be generated
|
|
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=232
|
|
* bugfix: discard action did not work under some circumstances
|
|
fixes: http://bugzilla.adiscon.com/show_bug.cgi?id=217
|
|
(bnc#676041)
|
|
* bugfix: potential abort condition when $RepeatedMsgReduction
|
|
were set to on as well as potentially in a number of other places
|
|
where MsgDup() was used. This only happened when the imudp input
|
|
module was used and it depended on name resolution not yet had
|
|
taken place. (bnc#679030)
|
|
* bugfix: fixed a memory leak and potential abort condition
|
|
this could happen if multiple rulesets were used and some output
|
|
batches contained messages belonging to more than one ruleset.
|
|
fixes: http://bugzilla.adiscon.com/show_bug.cgi?id=226
|
|
fixes: http://bugzilla.adiscon.com/show_bug.cgi?id=218
|
|
* bugfix: memory leak when $RepeatedMsgReduction on was used
|
|
bug tracker: http://bugzilla.adiscon.com/show_bug.cgi?id=225
|
|
(bnc#681568)
|
|
- Merged systemd socket activation support
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 2 16:47:24 UTC 2011 - mt@suse.de
|
|
|
|
- update to 5.6.3 (v5-stable) with following bugfixes (digest):
|
|
* action processor released mememory too early, resulting in
|
|
potential issue in retry cases (very unlikely).
|
|
* batch processing flagged invalid message as "bad" under some
|
|
circumstances
|
|
* unitialized variable could cause issues under extreme
|
|
conditions plus some minor nits.
|
|
* batches which had actions in error were not properly retried
|
|
in all cases
|
|
* imfile did duplicate messages under some circumstances
|
|
- enabled plain tcp input, unix socket output, last message
|
|
parser and the libdbi module as separate package.
|
|
- disabled systemd patch for openSUSE <= 11.3
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 20 14:10:59 UTC 2011 - mt@suse.de
|
|
|
|
- Improved systemd socket activation support to allow multiple
|
|
unix sockets and activation in forking mode (bnc#656197).
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 3 16:49:41 UTC 2010 - mt@suse.de
|
|
|
|
- update to 5.6.2 (v5-stable) with following bugfixes:
|
|
* compile failed on systems without epoll_create1()
|
|
Thanks to David Hill for providing a fix.
|
|
* atomic increment for msg object may not work correct on
|
|
all platforms. Thanks to Chris Metcalf for the patch
|
|
* replacements for atomic operations for non-int sized types
|
|
had problems. At least one instance of that problem could
|
|
potentially lead to abort (inside omfile).
|
|
- Increased mark frequency in rsyslog.conf to 1 hour
|
|
- Enabled duplicate message reduction in rsyslog.conf to catch
|
|
at least buggy programs running amok and writting same message
|
|
zillion times until the disk gets out of space (bnc#656197).
|
|
- Merged rsyslog-systemd-integration.bnc656104.diff (fuzz=0).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 29 10:32:58 CET 2010 - mt@suse.de
|
|
|
|
- update to 5.6.1
|
|
This release addresses a TLS bug, that has been bothering a lot
|
|
of users lately. It stops rsyslog from looping, thus disabling
|
|
functionality and bearing the risk of unresponsiveness of the
|
|
whole system. Other issues have been fixed for imptcp, failing
|
|
testbench, segfault on empty templates and failed compile.
|
|
For more detailed information, please review the ChangeLog and
|
|
http://bugzilla.adiscon.com/show_bug.cgi?id=194,
|
|
http://bugzilla.adiscon.com/show_bug.cgi?id=204,
|
|
http://bugzilla.adiscon.com/show_bug.cgi?id=206.
|
|
- applied systemd integration base patch (without the service and
|
|
socket unit files, because we'll use same for all syslog damons)
|
|
extracted from git master (bnc#656104).
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Nov 20 16:15:46 UTC 2010 - coolo@novell.com
|
|
|
|
- build with libnet-devel on 11.4
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 15 14:59:21 UTC 2010 - chris@computersalat.de
|
|
|
|
- update to 5.6.0
|
|
This release brings all changes and enhancements of the 5.5.x
|
|
series to the v5-stable branch.
|
|
- bugfix: a couple of problems that imfile had on some platforms,
|
|
namely Ubuntu (not their fault, but occured there)
|
|
- bugfix: imfile utilizes 32 bit to track offset. Most importantly,
|
|
this problem can not experienced on Fedora 64 bit OS (which has
|
|
64 bit long's!)
|
|
- removed obsolete patch
|
|
- xconsole-pipe-loop
|
|
- rpmlint
|
|
- name-repeated-in-summary C Rsyslog
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 28 17:21:03 UTC 2010 - mt@suse.de
|
|
|
|
- Added $klogConsoleLogLevel 1 to the config, to use same default
|
|
[KERNEL_LOGLEVEL in /etc/sysconfig/syslog] as klogd (bnc#593699).
|
|
- Improved filter to discard iptables msgs higher err on console,
|
|
changed to set default file template instead per file, removed
|
|
duplicate filters (bnc#593699).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 27 12:01:44 UTC 2010 - mt@suse.de
|
|
|
|
- Applied fix to avoid a tight send-retry loop in case there is
|
|
nobody receiving the messages sent to the xconsole pipe
|
|
(bnc#597293, http://bugzilla.adiscon.com/show_bug.cgi?id=186).
|
|
- Disabled relp support for < 11.3 (librelp is new)
|
|
- Fixed to create /var/run/rsyslog in post-install (rpmlint)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 14 12:16:29 UTC 2010 - mrueckert@suse.de
|
|
|
|
- dropped install_all_modules_in_lib conditional and all related
|
|
code
|
|
- new subpackages
|
|
- enable RELP support. new depdendency librelp
|
|
- enable diagnotic tools.
|
|
- enable UDP spoof support. new dependency libnet
|
|
- moved module paths to 2 variables defined on top of the spec
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 13 08:56:15 UTC 2010 - mt@suse.de
|
|
|
|
- Updated to rsyslog version 5.4.0 (v5-stable). This version begins
|
|
a new stable series based on the 5.3.x series, which has been
|
|
proven rather well in practice. The new 5.4.0 contains fixes for
|
|
all known problems. See ChangeLog file for a detailed history.
|
|
The main new feature is speed: several optimizations were done,
|
|
including support for epoll in tcp listeners.
|
|
- Added new lmzlibw.so and omruleset.so to the file list.
|
|
- Recompressed original tar.gz source archive using bzip2.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 9 21:36:16 CEST 2009 - mt@suse.de
|
|
|
|
- Added read-only RSYSLOGD_NATIVE_VERSION sysconfig/syslog variable,
|
|
that is set to the native mode version number for the -c parameter
|
|
while every installation and used in the /etc/init.d/syslog script,
|
|
except the user overrides this default in RSYSLOGD_COMPAT_VERSION.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 2 20:15:28 CEST 2009 - mt@suse.de
|
|
|
|
- Updated to rsyslog version 4.4.1 (v4-stable), a bug-fixing release,
|
|
providing some important fixes for issues that have only been
|
|
detected after the beta phase. Some of them are serious (like a
|
|
segfault when UDP messageforwarding is activated), so users of
|
|
4.4.0 are urged to upgrade to this release. Changelog for 4.4.1:
|
|
* features requiring Java are automatically disabled if Java
|
|
is not present (thanks to Michael Biebl for his help!)
|
|
* bugfix: invalid double-quoted PRI, among others in outgoing
|
|
messages. This causes grief with all receivers.
|
|
Bug tracker: http://bugzilla.adiscon.com/show_bug.cgi?id=147
|
|
* bugfix: Java testing tools were required, even if testbench
|
|
was disabled. This resulted in build errors if no Java was
|
|
present on the build system, even though none of the selected
|
|
option actually required Java. (I forgot to backport a similar
|
|
fix to newer releases).
|
|
* bugfix (backport): omfwd segfault. Note that the orginal (higher
|
|
version) patch states this happens only when debugging mode is
|
|
turned on. That statement is wrong: if debug mode is turned off,
|
|
the message is not being emitted, but the division by zero in
|
|
the actual parameters still happens.
|
|
- Removed jave2-devel-packages from build requires again
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 1 11:34:12 CEST 2009 - mt@suse.de
|
|
|
|
- Updated to rsyslog version 4.4.0, the actual stable 4.4.x series.
|
|
It provides several bugfixes, performance improvements and new
|
|
features: It adds generic network stream server for syslog, the
|
|
capability to rebind the send socket of the UDP output section,
|
|
allows multiple tcp listeners, multiple recipients in ommail,
|
|
new plugins as omprog, improved documentation and testbench
|
|
with a config switch. Please review ChangeLog file for details.
|
|
- Removed obsolete moddirs patch (included in 4.4.0)
|
|
- Added java2-devel-packages to BuildRequires (for test suite)
|
|
- Enabled omprog and omtemplate plugins, added them and the
|
|
lmstrmsrv plugin to the base-plugins file list.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 20 17:35:16 CEST 2009 - mt@suse.de
|
|
|
|
- Improved config file comments about usage of additional
|
|
modules provided in separate rsyslog-module packages.
|
|
- Enabled GnuTLS (syslog-transport-tls) support module.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 20 13:32:03 CEST 2009 - mt@suse.de
|
|
|
|
- Updated to rsyslog 3.20.6 [v3-stable]
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 15 14:51:08 CET 2008 - mt@suse.de
|
|
|
|
- Security fix to honor $AllowedSender settings (bnc#457273).
|
|
- Security fix [DoS] from 3.20.2 to emit a discard message every
|
|
minute only (when DisallowWarning enabled) instead of every time;
|
|
this prevernts an attacker can fill the disk (bnc#457273).
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 10 15:11:05 CEST 2008 - schwab@suse.de
|
|
|
|
- Run autoreconf.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 9 16:16:14 CEST 2008 - mt@suse.de
|
|
|
|
- Enabled mail, imfile and imtemplate modules
|
|
- Enabled snmp module, packaged as rsyslog-module-snmp
|
|
- Added patch to support multiple module directories,
|
|
in our case /lib[64]/rsyslog:/usr/lib[64]/rsyslog
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 4 15:15:14 CEST 2008 - mt@suse.de
|
|
|
|
- initial rsyslog 3.18.3 package
|
|
|