[syslog-ng] syslog-ng 3.2.3 has been released
devel at balabit.hu
devel at balabit.hu
Sun May 1 23:40:38 CEST 2011
------------------------------------------------------------------------------
PACKAGE : syslog-ng
VERSION : 3.2.3
SUMMARY : new stable release
DATE : May 1, 2011
------------------------------------------------------------------------------
DESCRIPTION:
A new stable version of syslog-ng Open Source Edition (3.2.3) has been
released. For latest fixes in the 3.2.x feature branch you are recommended to
upgrade to this version.
CHANGES:
3.2.3
Sun, 01 May 2011 19:05:32 +0200
Highlights:
This is a maintenance release for the 3.2 branch, which contains
several important functionality fixes in the db-parser()
correllation code, an important security fix for FreeBSD & HP-UX
(CVE-2011-0343) and build fixes for cygwin and mixed mode linking.
Security fixes:
* Fixed a possible security issue on Debian/kFreeBSD and on
platforms where mode_t is an unsigned 16 bit value (FreeBSD,
HP-UX). On these platforms syslog-ng may be using 0xFFFF as the
permission bits. (CVE-2011-0343)
Bugfixes:
* Fixes an y2k38 problem that causes syslog-ng to use 100% CPU time
in case mark messages are enabled and the UNIX timestamps
overflows a signed 32 bit counter, which happens in 19th, January 2038
* Fixed file() destination to work on device nodes (e.g. files in
/dev). Without this change, syslog-ng started using 100% CPU time
if given devices as destinations that couldn't always consume
data.
* The code to restore the last file position for source files will
not accept file-position past the file size, and will restart the
file from the beginning instead.
* Don't attempt to remember the current file position for source
files that are read with follow-freq(0), e.g. /dev/klog and
/proc/kmsg. These are special files which do not have the notion
of file position, so no need to remember them. Regular files
should always be read with follow-freq() set to nonzero, which is
the default.
* Fixed linking unit tests and other tools in mixed linking mode.
* Fixed compilation on cygwin, especially lot of efforts went into
linker compatibility.
* Fixed building on platforms where PCRE is not in the standard
include path.
* Accept catch-all flag on log statements as well as catchall, as
this was incorrectly documented in the past.
db-parser() & pdbtool bugfixes:
* Fixed @XX style message reference parsing used in correllation
rules.
* Fixed a segfault in the $(grep) template function when processing
the parameters failed.
* Fixed segfault in "pdbtool match --debug-pattern" in case the
pattern doesn't match.
* Fixed "pdbtool test" as previously all patterndb.xml files were
reported to be invalid, even valid ones.
* Fixed correllation timer related issue that caused some timers not
to expire in rare cases.
db-parser() & pdbtool changes:
* Added support for enclosing template function arguments in
parenthesis, in which case the quotes within the parentheses are
not removed. For example: $(grep ('$FACILITY' == 'syslog'))
This makes writing $(grep) and $(if) arguments much easier.
* dbparser() the @NUMBER@ and @FLOAT@ parsers are able to parse
negative numbers.
* Added debug messages to dbparser() correllation so that it becomes
easier to diagnose db-parser() problems.
* Added -d (for --debug) and -v (for --verbose) options to pdbtool
in order to make patterndb debugging easier.
* Added --no-parse option to "pdbtool patternize" in order to read
files without syslog-style parsing.
Other changes:
* Added error messages on DBI initialization failures.
* Added systemd socket activation support.
Build related changes:
* Support for old (e.g. pre 7.1 commonly found in RHEL5) PCRE
versions at the cost of an inoperating "newline" regexp flag.
* configure now validates flex/bison versions better, as the
requirements are more strict starting with syslog-ng 3.2
* Drop the creation of libsyslog-ng-patterndb.so.
* "make clean" will properly remove libafsocket.so symlink.
Credits:
syslog-ng is developed as a community project. All changes and
improvements requires effort, and this effort is really appreciated.
Writing code, testing changes or simply providing use-cases and
information on one's setup will make syslog-ng better.
Here are the people, listed in no specific order who made this
release possible.
Steven Chamberlain
Roger
Paul Krizak (AMD)
Attila Szalay (BalaBit)
Matthew Hall
Marius Tomaschewski (SUSE)
Gergely Nagy (BalaBit)
Tom Gundersen
Dalibor Toman (Fortech.cz)
Corinna Vinschen (RedHat)
Balazs Scheidler (BalaBit)
Laszlo Boszormenyi (LSC.hu)
Arkadiusz Miśkiewicz (PLD Linux)
Valentijn Sessink
Hendrik Visage
Peter Gyongyosi (BalaBit)
Zoltan Pallagi (BalaBit)
Mishou Michael (US IRS)
Thanks for their efforts, it is appreciated.
DOWNLOAD:
You can download the source or binary packages from:
http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/upgrades/
The documentation of the syslog-ng Open Source Edition is available in
The syslog-ng Open Source Edition Administrator's Guide at
http://www.balabit.com/support/documentation/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 199 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20110501/c921e199/attachment.pgp
More information about the syslog-ng
mailing list