|
|
|
|
Changelog for rsyslog-module-gssapi-7.2.7-2.5.1.i586.rpm :
* Fri Apr 19 2013 mtAATTsuse.de- update to 7.2.7 [v7-stable] 2013-04-17 (bnc#809852): - rsyslogd startup information is now properly conveyed back to init when privileges are beging dropped. Actually, we have moved termination of the parent in front of the priv drop. So it shall work now in all cases. See code comments in commit for more details. - If forking, the parent now waits for a maximum of 60 seconds for termination by the child - improved debugging support in forked (auto-backgrounding) mode. The rsyslog debug log file is now continued to be written across the fork. - updated systemd files to match current systemd source - bugfix: failover/action suspend did not work correctly This was experienced if the retry action took more than one second to complete. For suspending, a cached timestamp was used, and if the retry took longer, that timestamp was already in the past. As a result, the action never was kept in suspended state, and as such no failover happened. The suspend functionalit now does no longer use the cached timestamp (should not have any performance implication, as action suspend occurs very infrequently). - bugfix: nested if/prifilt conditions did not work properly closes: http://bugzilla.adiscon.com/show_bug.cgi?id=415 - bugfix: script == comparison did not work properly on JSON objects [backport from 7.3 branch] - bugfix: imudp scheduling parameters did affect main thread, not imudp closes: http://bugzilla.adiscon.com/show_bug.cgi?id=409 - bugfix: imuxsock rate-limiting could not be configured via legacy conf Rate-limiting for the system socket could not be configured via legacy configuration directives. However, the new-style RainerScript config options worked. Thanks to Milan Bartos for the patch. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=390 - bugfix: using group resolution could lead to endless loop Thanks to Tomas Heinrich for the patch. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=310 - bugfix: $mmnormalizeuseramsg paramter was specified with wrong type Thank to Renzhong Zhang for alerting us of the problem. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=420 - bugfix: RainerScript getenv() function caused segfault when var was not found. Thanks to Philippe Muller for the patch. - bugfix: several issues in imkmsg see bug tracker: http://bugzilla.adiscon.com/show_bug.cgi?id=421#c8 - bugfix: imuxsock was missing SysSock.ParseTrusted module parameter To use that functionality, legacy rsyslog.conf syntax had to be used. Also, the doc was missing information on the \"ParseTrusted\" set of config directives. - bugfix: parameter action.execOnlyWhenPreviousIsSuspended was accidently of integer-type. For obvious reasons, it needs to be boolean. Note that this change can break existing configurations if they circumvented the problem by using 0/1 values. - doc bugfix: rsyslog.conf man page had invalid file format info closes: http://bugzilla.adiscon.com/show_bug.cgi?id=418- update to 7.2.6 [v7-stable] 2013-03-05: - slightly improved config parser error messages when invalid escapes happen - bugfix: include files got included in the wrong order closes: http://bugzilla.adiscon.com/show_bug.cgi?id=411 This happens if an $IncludeConfig directive was done on multiple files (e.g. the distro default of $IncludeConfig /etc/rsyslog.d/ *.conf). In that case, the order of include file processing is reversed, which could lead to all sorts of problems. Thanks to Nathan Stratton Treadway for his great analysis of the problem, which made bug fixing really easy. - bugfix: omelasticsearch failed when authentication data was provided ... at least in most cases it emitted an error message: \"snprintf failed when trying to build auth string\" Thanks to Joerg Heinemann for alerting us. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=404 - bugfix: some property-based filter were incorrectly parsed This usually lead to a syntax error on startup and rsyslogd not actually starting up. The problem was the regex, which did not care for double quote characters to follow in the action part - unfortunately something that can frequently happen with v6+ format. An example: :programname, isequal, \"as\" {action(type=\"omfile\" ...) } Here, the part :programname, isequal, \"as\" {action(type=\"omfile\" was treated as the property filter, and the rest as action part. Obviously, this did not work out. Unfortunately, such situations usually resulted in very hard to understand error messages.- Removed rsyslog.conf from doc file list, not shipped any more. * Fri Mar 29 2013 vcizekAATTsuse.com- restore SELinux label when creating xconsole (bnc#812447) * Tue Feb 19 2013 mtAATTsuse.de- Fixed rsyslog.service file to support reload (bnc#803994) * Tue Jan 15 2013 mtAATTsuse.de- Fixed relp build requires change, which broke SLE-11 build. * Mon Jan 14 2013 andreas.stiegerAATTgmx.de- update to 7.2.5 [v7-stable]: - build system cleanup - bugfix: omelasticsearch did not properly compile on some platforms due to missing libmath - bugfix: on termination, actions were incorrectly called - bugfix: very large memory consumption (and probably out of memory) when FromPos was specified in template, but ToPos not. - bugfix: timeval2syslogTime cause problems on some platforms due to invalid assumption on structure data types. - bugfix: compile errors in im3195 - bugfix: doGetFileCreateMode() had invalid validity check - bugfix: mmjsonparse errornously returned action error when no CEE cookie was present. * Wed Jan 09 2013 mtAATTsuse.com- Enable rsyslog.service and create the syslog.service alias link in post install -- regardless of a preset config (bnc#790805).- Check the existence of /etc/init.d/syslog script before calling the restart_on_update and stop_on_removal macros to avoid errors on update. Since openSUSE 12.3, no syslog init script is shipped (bnc#790298,bnc#750478). * Mon Jan 07 2013 mtAATTsuse.com- Update to 7.2.4 [v7-stable] with following changes: - enhance: permit RFC3339 timestamp in local log socket messages Thanks to Sebastien Ponce for the patch. - imklog: added ParseKernelTimestamp parameter (import from 5.10.2) Thanks to Marius Tomaschewski for the patch. - fix missing functionality: ruleset(){} could not specify ruleset queue The \"queue.xxx\" parameter set was not supported, and legacy ruleset config statements did not work (by intention). The fix introduces the \"queue.xxx\" parameter set. It has some regression potential, but only for the new functionality. Note that using that interface it is possible to specify duplicate queue file names, which will cause trouble. This will be solved in v7.3, because there is a too-large regression potential for the v7.2 stable branch. - imklog: added KeepKernelTimestamp parameter (import from 5.10.2) Thanks to Marius Tomaschewski for the patch. - bugfix: imklog mistakenly took kernel timestamp subseconds as nanoseconds ... actually, they are microseconds. So the fractional part of the timestamp was not properly formatted. (import from 5.10.2) Thanks to Marius Tomaschewski for the bug report and the patch idea. - bugfix: supportoctetcountedframing parameter did not work in imptcp - bugfix: modules not (yet) supporting new conf format were not properly registered. This lead to a \"module not found\" error message instead of the to-be-expected \"module does not support new style\" error message. That invalid error message could be quite misleading and actually stop people from addressing the real problem (aka \"go nuts\" ;)) - bugfix: template \"type\" parameter is mandatory (but was not) - bugfix: some message properties could be garbled due to race condition This happened only on very high volume systems, if the same message was being processed by two different actions. This was a regression caused by the new config processor, which did no longer properly enable msg locking in multithreaded cases. The bugfix is actually a refactoring of the msg locking code - we no longer do unlocked operations, as the use case for it has mostly gone away. It is potentially possible only at very low-end systems, and there the small additional overhead of doing the locking does not really hurt. Instead, the removal of that capability can actually slightly improve performance in common cases, as the code path is smaller and requires slightly less memory writes. That probably outperforms the extra locking overhead (which in the low-end case always happens in user space, without need for kernel support as we can always directly aquire the lock - there is no contention at all).- Removed imklog-kernel-timestamp-parsing (bnc#783967) patch obsoleted by this version. * Fri Nov 23 2012 mrueckertAATTsuse.de- fix zeromq support * Fri Nov 23 2012 mrueckertAATTsuse.de- fix hiredis support * Thu Nov 22 2012 mrueckertAATTsuse.de- enabled elastic search support (build enabled by default): - > new buildrequires curl devel - > new subpackage rsyslog-module-elasticsearch- added --enable-unlimited-select- added --enable-imttcp: - > this module is packaged in the main package as it has no new dependencies- added --enable-imdiag - > this module is packaged in the diag package- prepared adding support for hiredis, hdfs, mongodb and zeromq * Thu Nov 22 2012 mtAATTsuse.com- Update to 7.2.3 (v7-stable) a release providing following fixes: - regression fix: rsyslogd terminated when wild-card $IncludeConfig did not find actual include files. For example, if this directive is present: $IncludeConfig /etc/rsyslog.d/ *.conf and there are no *.conf files in /etc/rsyslog.d (but rsyslog.d exists), rsyslogd will emit an error message and terminate. Previous (and expected) behaviour is that an empty file set is no problem. HOWEVER, if the directory itself does not exist, this is flagged as an error and will load to termination (no startup). Unfortunately, this is often the case by default in many distros, so this actually prevents rsyslog startup. - doc improvements - enabled to build without libuuid, at loss of uuid functionality this enables smoother builds on older systems that do not support libuuid. Loss of functionality should usually not matter too much as uuid support has only recently been added and is very seldom used. - bugfix: omfwd did not properly support \"template\" parameter - bugfix: potential segfault when re_match() function was used Thanks to oxpa for the patch. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=371 - bugfix: potential abort of imtcp on rsyslogd shutdown - bugfix: imzmq3 segfault with PULL subscription Thanks to Martin Nilsson for the patch. - bugfix: improper handling of backslash in string-type template()s - bugfix: leading quote (\") in string-type template() lead to thight loop on startup - bugfix: no error msg on invalid field option in legacy/string template - bugfix: potential segfault due to invalid param handling in comparisons This could happen in RainerScript comparisons (like contains); in some cases an unitialized variable was accessed, which could lead to an invalid free and in turn to a segfault. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=372 Thanks to Georgi Georgiev for reporting this bug and his great help in solving it. - bugfix: no error msg on unreadable $IncludeConfig path - bugfix: $IncludeConfig did not correctly process directories closes: http://bugzilla.adiscon.com/show_bug.cgi?id=376 The testbench was also enhanced to check for these cases. Thanks to Georgi Georgiev for the bug report. - bugfix: make rsyslog compile on kfreebsd again closes: http://bugzilla.adiscon.com/show_bug.cgi?id=380 Thanks to Guillem Jover for the patch. - bugfix: garbled message if field name was used with jsonf property option The length for the field name was invalidly computed, resulting in either truncated field names or including extra random data. If the random data contained NULs, the rest of the message became unreadable. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=374 - bugfix: potential segfault at startup with property-based filter If the property name was followed by a space before the comma, rsyslogd aborted on startup. Note that no segfault could happen if the initial startup went well (this was a problem with the config parser). closes: http://bugzilla.adiscon.com/show_bug.cgi?id=381 - bugfix: imfile discarded some file parts File lines that were incomplete (LF missing) *at the time imfile polled the file * were partially discarded. That part of the line that was read without the LF was discarded, and the rest of the line was submitted in the next polling cycle. This is now changed so that the partial content is saved until the complete line is read. Note that the patch affects only read mode 0. Thanks to Milan Bartos for providing the base idea for the solution.- Merged also fixes for unreliable kernel timestamp regression (bnc#783967), which will be picked up in a later v7-stable release: - imklog: added $klogParseKernelTimestamp option (default off), wich reverts to the 5.8.x behavior to use receive time for the kernel messages instead to try parse and convert the kernel timestamp, what is not reliable on some hardware (intel i7/Xeon). - imklog: added $klogKeepKernelTimestamp option (default off), causing to not remove the kernel timestamp from the message after a successful conversion. - imklog: fixed a conversion bug causing a <1sec incorrectness of the message time when the kernel timestamp is parsed.- Removed {} arround RSYSLOG_PARAMS variable in service file. systemd seems sometimes to not like it any more (bnc#788330). * Tue Nov 20 2012 mtAATTsuse.com- Require syslog-service >= 2.0 on 12.3, otherwise < 2.0, which contain the /etc/init.d/syslog init script. * Tue Nov 13 2012 mtAATTsuse.com- imuxsock: do not log EAGAIN in nonblocking recvfrom (bnc#734672) * Mon Nov 12 2012 mtAATTsuse.com- Removed handling of the -c option which is obsolete in rsyslog-7.x.- Fixed build requires / deps to work on 12.x and SLE-11-SP2.- Initialized RSYSLOG_PARAMS env variable in service file.- Marked additional log socket config as ghost. * Fri Nov 09 2012 mtAATTsuse.com- Readded things removed in previous change, that is compat version and params variable use, generation of additional (chroot) log sockets include file, xconsole handling in rsyslog.service.- Fixed liblognorm conditional build flag dependencies, removed all suse version dependencies.- Changed to install in /usr/sbin, compatibility link in /sbin.- Added klogd to build conflicts to resolve build service deps * Tue Nov 06 2012 tittiatcokeAATTgmail.com- Enabled rsyslog own systemd service file. This to resolve the current issue with a non starting system logger with systemd 185. (see also bnc#788330) * Mon Oct 29 2012 mtAATTsuse.com- Update to 7.2.1 (v7-stable), a pure bug-fixing release: - bugfix: ruleset()-object did only support a single statement - added -D rsyslogd option to enable config parser debug mode - improved syntax error messages by outputting the error token - the rsyslog core now suspeneds actions after 10 failures in a row. This was former the case after 1,000 failures and could cause rsyslog to be spammed/ressources misused. See the v6 compatibility doc for more details. - ommongodb rate-limits error messages to prevent spamming the syslog closes (for v7.2): http://bugzilla.adiscon.com/show_bug.cgi?id=366- Enabled compilation of kmsg, the kernel’s new structured logging system modile, mmaudit the message modification module supporting Linux audit format and mmjsonparse providing the cee-enhanced syslog format support message modification module. * Wed Oct 24 2012 mtAATTsuse.com- Update to 7.2.0 (v7-stable) a full structured-logging/CEE enabled version which provides following features compared to v5-stable: * greatly improved configuration language – the new language is much more intuitive than the legacy format. It will also prevent some typical mistakes simply be not permitting these invalid constructs. Note that legacy format is still fully supported (and you can of course do the same mistakes if you use legacy format). * greatly improved execution engine – with nested if/then/else constructs as well as the capability to modify variables during processing. * full support for structured logging and project lumberjack/CEE. this includes everything from being able to create, interpret and handle JSON-based structured log messages, including the ability to normalize legacy text log messages. * more plugins – like support for MongoDB, HDFS, and ElasticSearch as well as for the kernel’s new structured logging system. * higher performance – many optimizations all over the code, like 5 to 10 times faster execution time for script-based filters, enhanced multithreaded TCP input plugin, DNS cache and many more. * Wed Oct 17 2012 fcrozatAATTsuse.com- Fix build with new systemd location. * Wed Oct 17 2012 mtAATTsuse.com- Use RFC-5424 conform log format with RFC-3339 high-precision timestamps by default, removed obsolete rsyslog.early.conf. * Mon Sep 24 2012 andreas.stiegerAATTgmx.de- prevent installation with other providers of syslog (bnc#780608) * Fri Sep 21 2012 mtAATTsuse.com- Changed default /etc/rsyslog.conf we install to not use multiple facilities with the same priority pattern in one statement using the comma operator. This started to cause a start failure with rsyslog-6.4.x (bnc#780607) and seems to be a bug in rsyslog. Upstream report http://bugzilla.adiscon.com/show_bug.cgi?id=358, switched to use alternative syntax using semicolon separator. * Thu Sep 20 2012 andreas.stiegerAATTgmx.de- update to 6.4.2 [V6-STABLE] 2012-09-20: - bugfix: potential abort, if action queue could not be properly started - bugfix: remove invalid socket option call from imuxsock - bugfix: missing support for escape sequences in RainerScript - bugfix: config validation run did not always return correct return state * Thu Sep 20 2012 andreas.stiegerAATTgmx.de- add rsyslog-6.4.1-CheckConnection-no-return-in-nonvoid-function.patch to fix rsyslog no-return-in-nonvoid-function netstrm.c:258 in CheckConnection() * Mon Sep 17 2012 mtAATTsuse.com- Update to 6.4.1 [V6-STABLE] 2012-09-06: - bugfix: multiple main queues with same queue file name were not detected. This lead to queue file corruption. While the root cause is a config error, it is a bug that this important and hard to find config error was not detected by rsyslog. - bugfix: “jsonf” property replacer option did generate invalid JSON in JSON, we have “fieldname”:”value”, but the option emitted “fieldname”=”value”. Interestingly, this was accepted by a couple of sinks, most importantly elasticsearch. Now the correct format is emitted, which causes a remote chance that some things that relied on the wrong format will break. Thanks to Miloslav Trmač for the patch - change $!all-json did emit an empty (thus non-JSON) string if no libee data was present. It now emits {} and thus valid JSON. There is a small risk that this may break some things that relied on the previous inconsistency. Thanks to Miloslav Trmač for the patch - bugfix: omusrsmsg incorrect return state & config warning handling. During config file processing, Omusrmsg often incorrectly returned a warning status, even when no warning was present (caused by uninitialized variable). Also, the core handled warning messages incorrectly, and treated them as errors. As a result, omusrmsg (most often) could not properly be loaded. Note that this only occurs with legacy config action syntax. This was a regression caused by an incorrect merge in to the 6.3.x codebase. Thanks to Stefano Mason for alerting us of this bug. - bugfix: Fixed TCP CheckConnection handling in omfwd.c. Interface needed to be changed in lower stream classes. Syslog TCP Sending is now resumed properly. Unfixed, that lead to non-detection of downstate of remote hosts. * Tue Sep 04 2012 andreas.stiegerAATTgmx.de- License is (GPL-3.0+ and Apache-2.0), [bnc#778591]- The template subpackage was never published, remove obsoletes * Fri Aug 31 2012 andreas.stiegerAATTgmx.de- update to 6.4.0 [BETA] 2012-08-20 This is the first version of the 6.4.0 stable branch. http://www.rsyslog.com/changelog/- add rsyslog-6.3.11-glblCheckCnf-no-return-in-nonvoid-function.patch to fix compiler warning- rsyslog-6.2.2-link-libestr.patch no longer required- template functionality was removed upstream * Mon Aug 27 2012 andreas.stiegerAATTgmx.de- add support for mmnormalize (via liblognorm) and template modules * Tue Jul 03 2012 andreas.stiegerAATTgmx.de- update to 6.2.2 [V6-stable] 2012-06-13 http://www.rsyslog.com/changelog-for-6-2-2-v6-stable/- add rsyslog-6.2.2-link-libestr.patch to correctly link against libestr * Sun Jul 01 2012 andreas.stiegerAATTgmx.de- updated to 5.8.12 [V5-stable] 2012-06-06 - add small delay (50ms) after sending shutdown message - support for resolving huge groups - bugfix: delayble source could block action queue, even if there was - bugfix: disk queue was not persisted on shutdown, regression of fix to - bugfix/omudpspoof: problems, including abort, happend when run on - bugfix: if debug message could end up in log file when forking - bugfix/tcpflood: sending small test files did not work correctly - bugfix: potential hang due to mutex deadlock - bugfix: property PROCID empty instead of proper nilvalue if not present * Mon May 07 2012 mtAATTsuse.com- Updated to 5.8.11 [V5-stable] 2012-05-03: - bugfix: ommysql did not properly init/exit the mysql runtime library this could lead to segfaults. Triggering condition: multiple action instances using ommysql. Thanks to Tomas Heinrich for reporting this problem and providing an initial patch (which my solution is based on, I need to add more code to clean the mess up). - bugfix: rsyslog did not terminate when delayable inputs were blocked due to unvailable sources. Fixes: http://bugzilla.adiscon.com/show_bug.cgi?id=299 Thanks to Marcin M for bringing up this problem and Andre Lorbach for helping to reproduce and fix it. - bugfix: active input in “light delay state” could block rsyslog termination, at least for prolonged period of time - bugfix: imptcp input name could not be set. Config directive was accepted, but had no effect bugfix: assigned ruleset was lost when using disk queues This looked quite hard to diagnose for disk-assisted queues, as the pure memory part worked well, but ruleset info was lost for messages stored inside the disk queue. - bugfix: hostname was not requeried on HUP Thanks to Per Jessen for reporting this bug and Marius Tomaschewski for his help in testing the fix. - bugfix: inside queue.c, some thread cancel states were not correctly reset. While this is a bug, we assume it did have no practical effect because the reset as it was done was set to the state the code actually had at this point. But better fix this…- Removed obsolete requery hostname patch * Thu Apr 12 2012 mtAATTsuse.com- Added upstream patchset to requery hostname on HUP (bnc#755857)- Removed obsolete rsyslog-5.8.7-systemd-log-socket.patch- Updated to 5.8.10 [V5-stable] 2012-04-05: - bugfix: segfault on startup if $actionqueuefilename was missing for disk queue config. Thanks to Tomas Heinrich for the patch. - bugfix: segfault if disk-queue was started up with old queue file Thanks to Tomas Heinrich for the patch. - bugfix: memory leak in array passing output module mode by 5.8.9 [V5-stable] 2012-03-15: - added tool to recover disk queue if .qi file is missing (recover_qi.pl) Thanks to Kaiwang Chen for contributing this tool - bugfix: stopped DA queue was never processed after a restart due to a regression from statistics module. - added better doc for statsobj interface. Thanks to Kaiwang Chen for his suggestions and analysis in regard to the stats subsystem. by 5.8.8 [V5-stable] 2012-03-05: - bugfix: omprog made rsyslog abort on startup if not binary to execute was configured - bugfix: imklog invalidly computed facility and severity closes: http://bugzilla.adiscon.com/show_bug.cgi?id=313 improves interop with systemd journal * Mon Feb 20 2012 mtAATTsuse.com- Detect if we have to use the new /run/systemd/journal/syslog socket instead of the /dev/log under newer systemd versions. Obsoletes listen.conf installed by systemd (bnc#747871).- updated to 5.8.7 [V5-stable]: - bugfix: instabilities when using RFC5424 header fields Thanks to Kaiwang Chen for the patch - bugfix: imuxsock did truncate part of received message if it did not contain a proper date. The truncation occured because we removed that part of the messages that was expected to be the date. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=295 - bugfix: potential abort after reading invalid X.509 certificate closes: http://bugzilla.adiscon.com/show_bug.cgi?id=290 Thanks to Tomas Heinrich for the patch - bugfix: stats counter were not properly initialized on creation - FQDN hostname for multihomed host was not always set to the correct name if multiple aliases existed. Thanks to Tomas Heinreich for the patch.- updated to 5.8.6 [V5-stable]: - bugfix: missing whitespace after property-based filter was not detected - bugfix: $OMFileFlushInterval period was doubled - now using correct value - bugfix: ActionQueue could malfunction due to index error Thanks to Vlad Grigorescu for the patch - bugfix: $ActionExecOnlyOnce interval did not work properly Thanks to Tomas Heinrich for the patch - bugfix: race condition when extracting program name, APPNAME, structured data and PROCID (RFC5424 fields) could lead to invalid characters e.g. in dynamic file names or during forwarding (general malfunction ofthese fields in templates, mostly under heavy load) - bugfix: imuxsock did no longer ignore message-provided timestamp, if so configured (the *default *). Lead to no longer sub-second timestamps. closes: http://bugzilla.adiscon.com/show_bug.cgi?id=281 - bugfix: omfile returns fatal error code for things that go really wrong previously, RS_RET_RESUME was returned, which lead to a loop inside the rule engine as omfile could not really recover. - bugfix: imfile did invalid system call under some circumstances when a file that was to be monitored did not exist BUT the state file actually existed. Mostly a cosmetic issue. Root cause was incomplete error checking in stream.c; so patch may affect other code areas. - bugfix: rsyslogd -v always said 64 atomics were not present thanks to mono_matsuko for the patch- Changed /etc/rsyslog.early.conf to just include rsyslog.conf, fixed spec to use sd-daemon.[ch] from docs on 11.4 only. * Mon Feb 20 2012 mtAATTsuse.com- Cleaned up the config files a bit, updated comments in config file, marked the /etc/rsyslog.early.conf obsolete. Note: rsyslog will be started early/before network using its normal /etc/rsyslog.conf config file (adopted scripts in syslog-service package). When any kind of remote logging is in use, then on-disk queues should be enabled. To start it after the network, please set the SYSLOG_REQUIRES_NETWORK=yes variable in /etc/sysconfig/syslog (bnc#728565). * Wed Sep 07 2011 mrueckertAATTsuse.de- update to 5.8.5 [V5-stable] - bugfix/security: off-by-two bug in legacy syslog parser, CVE-2011-3200 bnc#714658 - bugfix: mark message processing did not work correctly - bugfix: potential hang condition during tag emulation - bugfix: too-early string termination during tag emulation - bugfix: The NUL-Byte for the syslogtag was not copied in MsgDup (msg.c) - bugfix: fixed incorrect state handling for Discard Action (transactions) Note: This caused all messages in a batch to be set to COMMITTED, even if they were discarded. * Wed Aug 24 2011 mtAATTsuse.de- Adopted to require new syslog-service package on 12.x, that provides the /etc/init.d/syslog LSB init script and systemd syslog.service service file. Removed rsyslog.service file installation from spec file. (fate#311316). * Fri Aug 19 2011 mrueckertAATTsuse.de- Update to 5.8.4 [V5-stable] - bugfix: potential misadressing in property replacer - bugfix: memcpy overflow can occur in allowed sender checkig if a name is resolved to IPv4-mapped-on-IPv6 address Found by Ismail Dönmez at suse - bugfix: potential misadressing in property replacer - bugfix: MSGID corruption in RFC5424 parser under some circumstances closes: http://bugzilla.adiscon.com/show_bug.cgi?id=275- remove rsyslog-5.8.0-memcpy.patch: applied upstream- fix build for older distros: only buildrequire systemd-devel for newer than 11.4, use systemd for the others * Fri Aug 19 2011 crrodriguezAATTopensuse.org- Fix build with new gnutls * Tue Aug 02 2011 ajAATTsuse.de- Require systemd-devel to follow package split. * Wed Jul 13 2011 mrueckertAATTsuse.de- drop modules imtemplate and omtemplate, the 2 modules are base templates for people who want to develop their own modules. * Tue Jul 12 2011 mrueckertAATTsuse.de- enabled a few more modules which dont pull extra dependencies: impstats, pmcisconames, pmaixforwardedfrom, pmsnare, pmrfc3164sd, omruleset, mmsnmptrapd * Tue Jul 12 2011 mrueckertAATTsuse.de- guard the file list entry for rsyslog.service with if {with systemd}. Please keep the package working on older distros. * Tue Jul 12 2011 mrueckertAATTsuse.de- upstream asked to change the syntax in the default config files to the new syntax: old: *. * * # (write to all) new: *. * :omusrmsg: * old: *. * $channel new: *. * :omfile:$channel from what i can see we are only affected with: old: *.emerg * new: *.emerg :omusrmsg: * * Tue Jul 12 2011 mrueckertAATTsuse.de- Updated to 5.8.3 [V5-stable] - systemd support: set stdout/stderr to null - thx to Lennart for the patch - added support for the \":omusrmsg:\" syntax in configuring user messages - added support for the \":omfile:\" syntax in configuring user messages Note: previous outchannel syntax will generate a warning message. This may be surprising to some users, but it is quite urgent to alert them of the new syntax as v6 can no longer support the previous one. * Tue Jun 21 2011 mtAATTsuse.de- Updated to 5.8.2 [V5-stable] (bnc#701282) a maintenance release, containing only stability fixes: - bugfix: problems in failover action handling closes: http://bugzilla.adiscon.com/show_bug.cgi?id=270 closes: http://bugzilla.adiscon.com/show_bug.cgi?id=254 - bugfix: mutex was invalidly left unlocked during action processing At least one case where this can occur is during thread shutdown, which may be initiated by lower activity. In most cases, this is quite unlikely to happen. However, if it does, data structures may be corrupted which could lead to fatal failure and segfault. I detected this via a testbench test, not a user report. But I assume that some users may have had unreproducable aborts that were cause by this bug. - bugfix: memory leak in imtcp & subsystems under some circumstances This leak is tied to error conditions which lead to incorrect cleanup of some data structures. [backport from v6] - bugfix/improvement:$WorkDirectory now gracefully handles trailing slashes * Tue May 31 2011 ajAATTsuse.de- Add systemd service file back (bnc#696963). * Fri May 27 2011 mtAATTsuse.de- Removed touch of obsolete /var/log/boot.log from spec post. * Thu May 19 2011 mrueckertAATTsuse.de- update to 5.8.1 - bugfix: invalid processing in QUEUE_FULL condition If the the multi-submit interface was used and a QUEUE_FULL condition occured, the failed message was properly destructed. However, the rest of the input batch, if it existed, was not processed. So this lead to potential loss of messages and a memory leak. The potential loss of messages was IMHO minor, because they would have been dropped in most cases due to the queue remaining full, but very few lucky ones from the batch may have made it. Anyhow, this has now been changed so that the rest of the batch is properly tried to be enqueued and, if not possible, destructed. - new module mmsnmptrapd, a sample message modification module This can be useful to reformat snmptrapd messages and also serves as a sample for how to write message modification modules using the output module interface. Note that we introduced this new functionality directly into the stable release, as it does not modify the core and as such cannot have any side-effects if it is not used (and thus the risk is solely on users requiring that functionality). - bugfix: rate-limiting inside imuxsock did not work 100% correct reason was that a global config variable was invalidly accessed where a listener variable should have been used. Also performance-improved the case when rate limiting is turned off (this is a very unintrusive change, thus done directly to the stable version). - bugfix: $myhostname not available in RainerScript (and no error message) closes: http://bugzilla.adiscon.com/show_bug.cgi?id=233 - bugfix: memory and file descriptor leak in stream processing Leaks could occur under some circumstances if the file stream handler errored out during the open call. Among others, this could cause very big memory leaks if there were a problem with unreadable disk queue files. In regard to the memory leak, this closes: http://bugzilla.adiscon.com/show_bug.cgi?id=256 - bugfix: doc for impstats had wrong config statements also, config statements were named a bit inconsistent, resolved that problem by introducing an alias and only documenting the consistent statements Thanks to Marcin for bringing up this problem. - bugfix: IPv6-address could not be specified in omrelp this was due to improper parsing of \":\" closes: http://bugzilla.adiscon.com/show_bug.cgi?id=250 - bugfix: TCP connection invalidly aborted when messages needed to be discarded (due to QUEUE_FULL or similar problem) - bugfix: $LocalHostName was not honored under all circumstances closes: http://bugzilla.adiscon.com/show_bug.cgi?id=258 - bugfix(minor): improper template function call in syslogd.c * Fri Apr 29 2011 idoenmezAATTnovell.com- Add rsyslog-5.6.5-memcpy.patch: fix overflowing memcpy call in runtime/net.c * Wed Apr 27 2011 mrueckertAATTsuse.de- move most of the additional requirements and subpackages into conditionals so we can switch them on and off by more easily. * Tue Apr 26 2011 mtAATTsuse.de- Dropped obsolete rsyslog-systemd-integration.bnc656104.diff * Tue Apr 26 2011 mrueckertAATTsuse.de- dont ship the systemd service file for now. * Sun Apr 24 2011 mrueckertAATTsuse.de- update to 5.8.0 (v5-tsable) This is the new v5-stable branch, importing all feature from the 5.7.x versions. To see what has changed in regard to the previous v5-stable, check the entries for 5.7.x in /usr/share/doc/packages/rsyslog/ChangeLog. - bugfix: race condition in deferred name resolution closes: http://bugzilla.adiscon.com/show_bug.cgi?id=238 Special thanks to Marcin for his persistence in helping to solve this bug. - bugfix: DA queue was never shutdown once it was started closes: http://bugzilla.adiscon.com/show_bug.cgi?id=241- dropped patch rsyslog-deferred-dns-query-race.diff included in the release- refreshed rsyslog-systemd-integration.bnc656104.diff: most of the patch went upstream just a small chunk left- fixed the with_dbi conditional, it was using the build_with_relp.- added a new conditional with_systemd and moved all the systemd specific things from suse_version >= 1140 to the with_systemd conditional. the patch line in the preamble should be unconditional. * Fri Apr 08 2011 mtAATTsuse.de- bugfix: race condition in deferred name resolution (id=238) from v5.8.0 candidate. * Thu Mar 24 2011 mtAATTsuse.de- Updated to 5.6.5 (v5-stable) with following bugfixes: * bugfix: failover did not work correctly if repeated msg reduction was on. affected directive: $ActionExecOnlyWhenPreviousIsSuspended on * bugfix: omlibdbi did not use password from rsyslog.conf closes: http://bugzilla.adiscon.com/show_bug.cgi?id=203 * bugfix(kind of): tell users that config graph can currently not be generated closes: http://bugzilla.adiscon.com/show_bug.cgi?id=232 * bugfix: discard action did not work under some circumstances fixes: http://bugzilla.adiscon.com/show_bug.cgi?id=217 (bnc#676041) * bugfix: potential abort condition when $RepeatedMsgReduction were set to on as well as potentially in a number of other places where MsgDup() was used. This only happened when the imudp input module was used and it depended on name resolution not yet had taken place. (bnc#679030) * bugfix: fixed a memory leak and potential abort condition this could happen if multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. fixes: http://bugzilla.adiscon.com/show_bug.cgi?id=226 fixes: http://bugzilla.adiscon.com/show_bug.cgi?id=218 * bugfix: memory leak when $RepeatedMsgReduction on was used bug tracker: http://bugzilla.adiscon.com/show_bug.cgi?id=225 (bnc#681568)- Merged systemd socket activation support * Wed Feb 02 2011 mtAATTsuse.de- update to 5.6.3 (v5-stable) with following bugfixes (digest): * action processor released mememory too early, resulting in potential issue in retry cases (very unlikely). * batch processing flagged invalid message as \"bad\" under some circumstances * unitialized variable could cause issues under extreme conditions plus some minor nits. * batches which had actions in error were not properly retried in all cases * imfile did duplicate messages under some circumstances- enabled plain tcp input, unix socket output, last message parser and the libdbi module as separate package.- disabled systemd patch for openSUSE <= 11.3 * Thu Jan 20 2011 mtAATTsuse.de- Improved systemd socket activation support to allow multiple unix sockets and activation in forking mode (bnc#656197). * Fri Dec 03 2010 mtAATTsuse.de- update to 5.6.2 (v5-stable) with following bugfixes: * compile failed on systems without epoll_create1() Thanks to David Hill for providing a fix. * atomic increment for msg object may not work correct on all platforms. Thanks to Chris Metcalf for the patch * replacements for atomic operations for non-int sized types had problems. At least one instance of that problem could potentially lead to abort (inside omfile).- Increased mark frequency in rsyslog.conf to 1 hour- Enabled duplicate message reduction in rsyslog.conf to catch at least buggy programs running amok and writting same message zillion times until the disk gets out of space (bnc#656197).- Merged rsyslog-systemd-integration.bnc656104.diff (fuzz=0). * Mon Nov 29 2010 mtAATTsuse.de- update to 5.6.1 This release addresses a TLS bug, that has been bothering a lot of users lately. It stops rsyslog from looping, thus disabling functionality and bearing the risk of unresponsiveness of the whole system. Other issues have been fixed for imptcp, failing testbench, segfault on empty templates and failed compile. For more detailed information, please review the ChangeLog and http://bugzilla.adiscon.com/show_bug.cgi?id=194, http://bugzilla.adiscon.com/show_bug.cgi?id=204, http://bugzilla.adiscon.com/show_bug.cgi?id=206.- applied systemd integration base patch (without the service and socket unit files, because we\'ll use same for all syslog damons) extracted from git master (bnc#656104). * Sat Nov 20 2010 cooloAATTnovell.com- build with libnet-devel on 11.4 * Mon Nov 15 2010 chrisAATTcomputersalat.de- update to 5.6.0 This release brings all changes and enhancements of the 5.5.x series to the v5-stable branch. - bugfix: a couple of problems that imfile had on some platforms, namely Ubuntu (not their fault, but occured there) - bugfix: imfile utilizes 32 bit to track offset. Most importantly, this problem can not experienced on Fedora 64 bit OS (which has 64 bit long\'s!)- removed obsolete patch - xconsole-pipe-loop- rpmlint - name-repeated-in-summary C Rsyslog * Wed Apr 28 2010 mtAATTsuse.de- Added $klogConsoleLogLevel 1 to the config, to use same default [KERNEL_LOGLEVEL in /etc/sysconfig/syslog] as klogd (bnc#593699).- Improved filter to discard iptables msgs higher err on console, changed to set default file template instead per file, removed duplicate filters (bnc#593699). * Tue Apr 27 2010 mtAATTsuse.de- Applied fix to avoid a tight send-retry loop in case there is nobody receiving the messages sent to the xconsole pipe (bnc#597293, http://bugzilla.adiscon.com/show_bug.cgi?id=186).- Disabled relp support for < 11.3 (librelp is new)- Fixed to create /var/run/rsyslog in post-install (rpmlint) * Wed Apr 14 2010 mrueckertAATTsuse.de- dropped install_all_modules_in_lib conditional and all related code- new subpackages - enable RELP support. new depdendency librelp - enable diagnotic tools. - enable UDP spoof support. new dependency libnet- moved module paths to 2 variables defined on top of the spec * Tue Apr 13 2010 mtAATTsuse.de- Updated to rsyslog version 5.4.0 (v5-stable). This version begins a new stable series based on the 5.3.x series, which has been proven rather well in practice. The new 5.4.0 contains fixes for all known problems. See ChangeLog file for a detailed history. The main new feature is speed: several optimizations were done, including support for epoll in tcp listeners.- Added new lmzlibw.so and omruleset.so to the file list.- Recompressed original tar.gz source archive using bzip2. * Wed Sep 09 2009 mtAATTsuse.de- Added read-only RSYSLOGD_NATIVE_VERSION sysconfig/syslog variable, that is set to the native mode version number for the -c parameter while every installation and used in the /etc/init.d/syslog script, except the user overrides this default in RSYSLOGD_COMPAT_VERSION. * Wed Sep 02 2009 mtAATTsuse.de- Updated to rsyslog version 4.4.1 (v4-stable), a bug-fixing release, providing some important fixes for issues that have only been detected after the beta phase. Some of them are serious (like a segfault when UDP messageforwarding is activated), so users of 4.4.0 are urged to upgrade to this release. Changelog for 4.4.1: * features requiring Java are automatically disabled if Java is not present (thanks to Michael Biebl for his help!) * bugfix: invalid double-quoted PRI, among others in outgoing messages. This causes grief with all receivers. Bug tracker: http://bugzilla.adiscon.com/show_bug.cgi?id=147 * bugfix: Java testing tools were required, even if testbench was disabled. This resulted in build errors if no Java was present on the build system, even though none of the selected option actually required Java. (I forgot to backport a similar fix to newer releases). * bugfix (backport): omfwd segfault. Note that the orginal (higher version) patch states this happens only when debugging mode is turned on. That statement is wrong: if debug mode is turned off, the message is not being emitted, but the division by zero in the actual parameters still happens.- Removed jave2-devel-packages from build requires again * Tue Sep 01 2009 mtAATTsuse.de- Updated to rsyslog version 4.4.0, the actual stable 4.4.x series. It provides several bugfixes, performance improvements and new features: It adds generic network stream server for syslog, the capability to rebind the send socket of the UDP output section, allows multiple tcp listeners, multiple recipients in ommail, new plugins as omprog, improved documentation and testbench with a config switch. Please review ChangeLog file for details.- Removed obsolete moddirs patch (included in 4.4.0)- Added java2-devel-packages to BuildRequires (for test suite)- Enabled omprog and omtemplate plugins, added them and the lmstrmsrv plugin to the base-plugins file list. * Mon Apr 20 2009 mtAATTsuse.de- Improved config file comments about usage of additional modules provided in separate rsyslog-module packages.- Enabled GnuTLS (syslog-transport-tls) support module. * Mon Apr 20 2009 mtAATTsuse.de- Updated to rsyslog 3.20.6 [v3-stable]
|
|
|