------------------------------------------------------------------------------ PACKAGE : syslog-ng VERSION : 3.0.2 SUMMARY : new stable release DATE : May 8, 2009 ------------------------------------------------------------------------------ DESCRIPTION: A new stable version of syslog-ng Open Source Edition (3.0.2) has been released. For latest fixes in the 3.0.x branch you are recommended to upgrade to this version. CHANGES: 3.0.2 Thu, 07 May 2009 08:30:06 +0200 Highlights: * This release is the first to feature binary packages, installation packages for various platforms. Bugfixes: * Only assume that a source logfile was rotated if the new log file has a non-zero size. This fix solves a minor race which might cause some messages to be lost from the end of the old logfile. * Fixed the processing of the -u and -g command line options to set the user/group of the syslog-ng process. Previously all usernames were rejected as non-existant. * Resolve usernames before chrooting, to avoid the need to have an /etc/passwd & /etc/group inside the chroot. * Fixed the read rate of regular files, with the change in this release it is now possible to fully saturate a destination pipe by using plain text files. * Fixed a synchronization problem in the SQL destination on AIX causing random crashes when the SQL destination is used. * Make the "syslog" reserved word usable as a facility name, previously syslog-ng indicated a syntax error if syslog as a facility was not enclosed in quotation marks. * Don't write the pidfile in case only a syntax check was requested. * Fixed compilation problems if SSL support is not enabled. * Set the default fd limit to 256 on cygwin as that platform does not support the current default of 4096 used on all other platforms. * Fixed template expansion for non-inline templates defined using the template statement. * Fixed the handling of zero-sized packets in the udp() source. * Fixed the storing of regexp/db-parser() matches on big-endian, 32 bit CPUs. * Fixed character conversion in case one chunk of data has an incomplete sequence at the end. * Don't let the character conversion eat up unlimited memory to avoid an easy DoS condition. * Fixed SSL certificate validation, added X.509 policy check, fixed required-untrusted verify-mode and added basicConstraints validation. * Fixed /dev/klog handling on FreeBSD, syslog-ng attempted to open this device multiple times which is not permitted. * Fixed $TZOFS expansion in templates in case the target does not specify a conversion timezone (which is the default and is true in most cases). * Fixed the use of multiple SQL destinations, previously due to an initialization problem only the first SQL destination would ever start writing messages to the target database. * If you elected to use a host-file only name resolution, the check to see if the hosts file was changed was performed for each DNS resolution, causing a major performance drop. This was fixed. * Due to a typo in the configuration file parser, using SSL destinations always resulted in a segmentation fault. This was fixed. * Fixed counting the number of concurrent connections in the SSL enabled tcp() source, previously failing handshakes were counted, thus it is quite easy to reach the max-connection limit. * Clarified logging about connection rejected by /etc/hosts.deny & /etc/hosts.allow * HP-UX 11v3 compilation fixes * Fixed SOURCEIP expansion for IPv6 addresses. * Fixed match(type(string)) not to match the message in case only a prefix match was found. * Fixed capability setup code around file opens. Other changes: * Implemented 'store-legacy-msghdr' source flag which keeps the original value of MSGHDR intact, instead of parsing/rebuilding it at the cost of some performance penalty. * Implemented 'empty-lines' source flag to avoid dropping empty log messages which is the default behaviour. * Added support for file includes in the configuration file. * Allow follow_freq() to be a floating point number. * Cygwin packaging fixes. * Make it possible to create named pipes automatically in the pipe() destination. * Allow the use of macros in the filename of pipe() destinations. * Added support for setting the default priority/facility value for each source that get applied to messages that lack one. * Recognize "mssql" as an alias for "freetds" in the SQL destination. * Added the "greedy" flags to the csv-parser(): it makes the last column eat the complete end of the line without caring about column separation characters * Added the "drop-invalid" flag to the csv-parser() which makes the parser drop anything that has less columns than it expects to have. * Make it possible to use fractions of a second even in non-ISO timestamps. * The default values for SQL columns is being deprecated, please supply SQL schema information explicitly in your SQL destinations. A warning message was added in case you don't have a full schema and rely on the default values. * The SQL destination got a null() option that specifies a 'special' value for a column which get replaced by an SQL NULL. * Added local_timezone() option to file/sql destinations that control the timezone used when expanding the filename/tablename templates. It defaults to the local timezone. Configure changes: * This section lists changes that might affect distribution packages, please make sure that these changes do not break the syslog-ng packages in any way. * Changed the default value of pidfiledir to ${localstatedir} to match GNU conventions, you can specify it explicitly with a --with-pidfile-dir configure option. * Changed the default linking mode to "dynamic" to make it easier to compile syslog-ng, as most distributions prefer dynamic libraries over static ones. This means that syslog-ng might not be able to start up if /usr is on NFS. On platforms where syslog-ng is used as a system logger, the previous setting of --enable-mixed-linking is preferred. Loggen changes: * the sequence number and timestamping of generated messages were erroneously commented out, these were reverted. * do not allow message sizes that are larger than the predefined message buffer size. * in addition to reporting the number of messages/sec, also report the effective bandwidth used during testing. Test suite changes: * A lot of enhancements to the functional test program to cover more of the syslog-ng code, like SSL sources & SQL destinations. DOWNLOAD: You can download the latest binaries from: http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/... The latest versions of syslog-ng in source format can be found at: http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/