[syslog-ng] syslog-ng OSE 2.1.4 released
Jean-Baptiste Quenot
jbq at caraldi.com
Tue Jun 16 11:21:03 CEST 2009
2009/3/17 Balazs Scheidler <bazsi at balabit.hu>:
> Hi,
>
> I've released syslog-ng OSE 2.1.4 with the following changes:
>
> 2.1.4
> Tue, 17 Mar 2009 13:35:00 +0100
>
> Bugfixes:
> * Fixed a possible DoS condition triggered by a destination port
> unreachable ICMP packet received from a UDP destination.
> syslog-ng started eating all available memory and CPU until it
> crashed if this happened.
Hi there,
I'm experiencing an issue with an unreachable UDP destination. CPU is
at 100% because of syslog-ng, and strace gives:
poll([{fd=6, events=0}, {fd=7, events=0}, {fd=14, events=0}, {fd=11,
events=POLLOUT}, {fd=27, events=0}, {fd=12, events=0}, {fd=28,
events=0}, {fd=18, events=0}, {fd=29, events=0}, {fd=30, events=0},
{fd=24, events=0}, {fd=31, events=0}, {fd=32, events=0}, {fd=33,
events=0}, {fd=13, events=0}, {fd=5, events=0}, {fd=16, events=0},
{fd=17, events=0}, {fd=15, events=0}, {fd=9, events=0}, {fd=10,
events=0}, {fd=8, events=0}, {fd=22, events=0}, {fd=23, events=0},
{fd=19, events=0}, {fd=21, events=0}, {fd=4, events=POLLIN}, {fd=3,
events=POLLIN}], 28, 117196) = 1 ([{fd=30, revents=POLLERR}])
poll([{fd=6, events=0}, {fd=7, events=0}, {fd=14, events=0}, {fd=11,
events=POLLOUT}, {fd=27, events=0}, {fd=12, events=0}, {fd=28,
events=0}, {fd=18, events=0}, {fd=29, events=0}, {fd=30, events=0},
{fd=24, events=0}, {fd=31, events=0}, {fd=32, events=0}, {fd=33,
events=0}, {fd=13, events=0}, {fd=5, events=0}, {fd=16, events=0},
{fd=17, events=0}, {fd=15, events=0}, {fd=9, events=0}, {fd=10,
events=0}, {fd=8, events=0}, {fd=22, events=0}, {fd=23, events=0},
{fd=19, events=0}, {fd=21, events=0}, {fd=4, events=POLLIN}, {fd=3,
events=POLLIN}], 28, 117196) = 1 ([{fd=30, revents=POLLERR}])
poll([{fd=6, events=0}, {fd=7, events=0}, {fd=14, events=0}, {fd=11,
events=POLLOUT}, {fd=27, events=0}, {fd=12, events=0}, {fd=28,
events=0}, {fd=18, events=0}, {fd=29, events=0}, {fd=30, events=0},
{fd=24, events=0}, {fd=31, events=0}, {fd=32, events=0}, {fd=33,
events=0}, {fd=13, events=0}, {fd=5, events=0}, {fd=16, events=0},
{fd=17, events=0}, {fd=15, events=0}, {fd=9, events=0}, {fd=10,
events=0}, {fd=8, events=0}, {fd=22, events=0}, {fd=23, events=0},
{fd=19, events=0}, {fd=21, events=0}, {fd=4, events=POLLIN}, {fd=3,
events=POLLIN}], 28, 117196) = 1 ([{fd=30, revents=POLLERR}])
poll([{fd=6, events=0}, {fd=7, events=0}, {fd=14, events=0}, {fd=11,
events=POLLOUT}, {fd=27, events=0}, {fd=12, events=0}, {fd=28,
events=0}, {fd=18, events=0}, {fd=29, events=0}, {fd=30, events=0},
{fd=24, events=0}, {fd=31, events=0}, {fd=32, events=0}, {fd=33,
events=0}, {fd=13, events=0}, {fd=5, events=0}, {fd=16, events=0},
{fd=17, events=0}, {fd=15, events=0}, {fd=9, events=0}, {fd=10,
events=0}, {fd=8, events=0}, {fd=22, events=0}, {fd=23, events=0},
{fd=19, events=0}, {fd=21, events=0}, {fd=4, events=POLLIN}, {fd=3,
events=POLLIN}], 28, 117196) = 1 ([{fd=30, revents=POLLERR}])
poll([{fd=6, events=0}, {fd=7, events=0}, {fd=14, events=0}, {fd=11,
events=POLLOUT}, {fd=27, events=0}, {fd=12, events=0}, {fd=28,
events=0}, {fd=18, events=0}, {fd=29, events=0}, {fd=30, events=0},
{fd=24, events=0}, {fd=31, events=0}, {fd=32, events=0}, {fd=33,
events=0}, {fd=13, events=0}, {fd=5, events=0}, {fd=16, events=0},
{fd=17, events=0}, {fd=15, events=0}, {fd=9, events=0}, {fd=10,
events=0}, {fd=8, events=0}, {fd=22, events=0}, {fd=23, events=0},
{fd=19, events=0}, {fd=21, events=0}, {fd=4, events=POLLIN}, {fd=3,
events=POLLIN}], 28, 117195) = 1 ([{fd=30, revents=POLLERR}])
Does the above-mentioned change in 2.1.4 fix this? I'm using 2.0.9
right now. Is there a patch available somewhere so that I can
backport the change? I couldn't find a source repository on your
site.
BTW: Why are there so many versions of syslog-ng? 2.0.x, 2.1.x,
3.0.x... Debian and Ubuntu are still at 2.0.9.
Thanks in advance, and keep up the good work!
--
Jean-Baptiste Quenot
http://jbq.caraldi.com/
More information about the syslog-ng
mailing list