Version 8.14.0 [v8-stable] 2015-11-03
- add property "rawmsg-after-pri"
- bugfix: potential misadresseing in imfile
Could happen when wildcards were used.
- bugfix: re_extract RainerScript function did not work
Problems found with existing digests:
Package memconf distfile memconf-2.16/memconf.gz
b6f4b736cac388dddc5070670351cf7262aba048 [recorded]
95748686a5ad8144232f4d4abc9bf052721a196f [calculated]
Problems found locating distfiles:
Package dc-tools: missing distfile dc-tools/abs0-dc-burn-netbsd-1.5-0-gae55ec9
Package ipw-firmware: missing distfile ipw2100-fw-1.2.tgz
Package iwi-firmware: missing distfile ipw2200-fw-2.3.tgz
Package nvnet: missing distfile nvnet-netbsd-src-20050620.tgz
Package syslog-ng: missing distfile syslog-ng-3.7.2.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Version 8.13.0 [v8-stable] 2015-09-22
- ZeroMQ enhancements:
- Added the ability to set a static publishing topic per action as an
alternative to constructing topics with templates
- ZMQ_PUB socket now defaults to bind and ZMQ_SUB socket now defaults to
connect
- Redis enhancements:
- Can now LPUSH to a Redis list in "queue" mode
- Can now PUBLISH to a Redis channel in "publish" mode
- build requirement for rsyslog/mmnormalize is now liblognorm 1.1.2 or above
- mmnormalize: liblognorm error messages are now emitted via regular
rsyslog error reporting mechanism (aka "are now logged")
- add support for TCP client side keep-alives
- bugfix: imtcp/TLS hangs on dropped packets
- bugfix testbench: some tests using imptcp are run if module is disabled
- bugfix omkafka: Fixes a bug not accepting new messages anymore.
- bugfix: Parallel build issue "cannot find ../runtime/.libs/librsyslog.a:
No such file or directory" (#479) fixed.
- bugfix: Added missing mmpstructdata testfiles into makefile.
- bugfix: Reverted FIX for issue #392 as it had unexpected side effects.
- The new fix duplicates the Listener object for static files (like
done for dynamic files already), resolving issue #392 and #490.
- bugfix: issues in queue subsystem if syncqueuefiles was enabled
- Error 14 was generated on the .qi file directory handle.
As the .qi filestream does not have a directory set, fsync
was called on an empty directory causing a error 14 in debug log.
- When queue files existed on startup, the bSyncQueueFiles
strm property was not set to 1. This is now done in the
qqueueLoadPersStrmInfoFixup function.
- bugfix/testbench: tcpflood tool could abort when random data was added
- rscryutil: Added support to decrypt a not closed log file.
Version 8.12.0 [v8-stable] 2015-08-11
- Harmonize resetConfigVariables values and defaults
see also https://github.com/rsyslog/rsyslog/pull/413
Thanks to Tomas Heinrich for the patch.
- GT/KSI: fix some issues in signature file format and add conversion tool
The file format is incompatible to previous format, but tools have been
upgraded to handle both and also an option been added to convert from
old to new format.
- bugfix: ommysql did not work when gnutls was enabled
as it turned out, this was due to a check for GnuTLS functions
with the side-effect that
AC_CHECK_LIB, by default, adds the lib to LIBS, if there is no
explicit action, what was the case here. So everything was now
linked against GnuTLS, which in turn made ommysql fail.
Thanks to Thomas D. (whissi) for the analysis of the ommysql/gnutls
problem and Thomas Heinrich for pointing out that AC_CHECK_LIB might
be the culprit.
- bugfix omfile: potential memory leak on file close
see also: https://github.com/rsyslog/rsyslog/pull/423
Thanks to Robert Schiele for the patch.
- bugfix omfile: potential race in dynafile detection/creation
This could lead to a segfault.
Thanks to Tomas Heinrich for the patch.
- bugfix omfile: Fix race-condition detection in path-creation code
The affected code is used to detect a race condition in between
testing for the existence of a directory and creating it if it didn't
exist. The variable tracking the number of attempts wasn't reset for
subsequent elements in the path, thus limiting the number of
reattempts to one per the whole path, instead of one per each path
element.
This solution was provided by Martin Poole.
- bugfix parser subsystem: potential misadressing in SanitizeMsg()
could lead to a segfault
Thanks to Tomas Heinrich for the patch.
- imfile: files moved outside of directory are now (properly) handled
- bugfix: imfile: segfault when using startmsg.regex if first log line
doesn't match
Thanks to Ciprian Hacman for the patch.
- bugfix imfile: file table was corrupted when on file deletion
This could happen when a file that was statically configured (not via an
wildcard) was deleted.
- bugfix ompgsql: transaction were improperly handled
now transaction support is solidly disabled until we have enough requests
to implement it again. Module still works fine in single insert mode.
closes https://github.com/rsyslog/rsyslog/issues/399
- bugfix mmjsonparse: memory leak if non-cee-json message is processed
see also https://github.com/rsyslog/rsyslog/pull/383
Thanks to Anton Matveenko for the patch
- testbench: remove raciness from UDP based tests
- testbench: added bash into all scripts makign it mandatory
- bugfix testbench: Fixed problem building syslog_caller util when
liblogging-stdlog is not available.
Thanks to Louis Bouchard for the patch
- bugfix rscryutil.1: Added fix checking for generate_man_pages condition
Thanks to Radovan Sroka for the patch
- bugfix freebsd console: \n (NL) is prepended with \r (CR) in console
output on freebsd only. For more details see here:
https://github.com/rsyslog/rsyslog/issues/372
Thanks to AlexandreFenyo for the patch
------------------------------------------------------------------------------
Version 8.11.0 [v8-stable] 2015-06-30
- new signature provider for Keyless Signature Infrastructure (KSI) added
- build system: re-enable use of "make distcheck"
- add new signature provider for Kesless Signature Infrastructure (KSI)
This has also been added to existing tooling; KSI is kind of v2 of
the Guardtime functionality and has been added in the appropriate
places.
- bugfix imfile: regex multiline mode ignored escapeLF option
Thanks to Ciprian Hacman for reporting the problem
closes https://github.com/rsyslog/rsyslog/issues/370
- bugfix omkafka: fixed several concurrency issues, most of them related
to dynamic topics.
Thanks to Janmejay Singh for the patch.
- bugfix: execonlywhenpreviousissuspended did not work correctly
This especially caused problems when an action with this attribute was
configured with an action queue.
- bugfix core engine: ensured global variable atomicity
This could lead to problems in RainerScript, as well as probably in other
areas where global variables are used inside rsyslog. I wouldn't outrule
it could lead to segfaults.
Thanks to Janmejay Singh for the patch.
- bugfix imfile: segfault when using startmsg.regex because of empty log line
closes https://github.com/rsyslog/rsyslog/issues/357
Thanks to Ciprian Hacman for the patch.
- bugfix: build problem on Solaris
Thanks to Dagobert Michelsen for reporting this and getting us up to
speed on the openCWS build farm.
- bugfix: build system strndup was used even if not present
now added compatibility function. This came up on Solaris builds.
Thanks to Dagobert Michelsen for reporting the problem.
closes https://github.com/rsyslog/rsyslog/issues/347
- bugfix imjournal: do not pass empty messages to rsyslog core
this causes a crash of the daemon
see also https://github.com/rsyslog/rsyslog/pull/412
Thanks to Tomas Heinrich for the patch.
- bugfix imjournal: cosmetic memory leak
very small and an shutdown only, so did not affect operations
see also https://github.com/rsyslog/rsyslog/pull/411
Thanks to Tomas Heinrich for the patch.
Version 8.10.0 [v8-stable] 2015-05-19
- imfile: add capability to process multi-line messages based on regex
input parameter "endmsg.regex" was added for that purpose. The new
mode provides much more power in processing different multiline-formats.
- pmrfc3164: add new parameters
* "detect.yearAfterTimestamp"
This supports timestamps as generated e.g. by some Aruba Networks
equipment.
* "permit.squareBracesInHostname"
Permits to use "hostnames" in the form of "[127.0.0.1]"; also seen in
Aruba Networks equipment, but we strongly assume this can also happen
in other cases, especially with IPv6.
- supplementary groups are now set when dropping privileges
closes https://github.com/rsyslog/rsyslog/issues/296
Thanks to Zach Lisinski for the patch.
- imfile: added brace glob expansion to wildcard
Thanks to Zach Lisinski for the patch.
- zmq: add the ability for zeromq input and outputs to advertise their
presence on UDP via the zbeacon API.
Thanks to Brian Knox for the contribution.
- added omhttpfs: contributed module for writing to HDFS via HTTP
Thanks to sskaje for the contribution.
- Configure option "--disable-debug-symbols" added which is disabled per
default. If you set the new option, configure won't set the appropriate
compiler flag to generate debug symbols anymore.
- When building from git source we now require rst2man and yacc (or a
replacement like bison).
That isn't any new requirement, we only added missing configure checks.
- Configure option "--enable-generate-man-pages" is now disabled for non git
source builds per default but enforced when building from git source.
- mmpstrucdata: some code cleanup
removed lots of early development debug outputs
- bugfix imuxsock: fix a crash when setting a hostname
Setting a hostname via the legacy directive would lead to a crash
during shutdown caused by a double-free.
Thanks to Tomas Heinrich for the patch.
- bugfix: memory leak in mmpstrucdata
Thanks to Gregoire Seux for reporting this issue.
closes https://github.com/rsyslog/rsyslog/issues/310
- bugfix (minor): default action name: assigned number was one off
see also https://github.com/rsyslog/rsyslog/pull/340
Thanks to Tomas Heinrich for the patch.
- bugfix: memory leak in imfile
A small leak happened each time a new file was monitored based on
a wildcard. Depending on the rate of file creation, this could result
in a serious memory leak.
Version 8.9.0 [v8-stable] 2015-04-07
- omprog: add option "hup.forward" to forwards HUP to external plugins
- imuxsock: added capability to use regular parser chain
- 0mq: improvements in input and output modules
- imtcp: add support for ip based bind for imtcp -> param "address"
- bugfix: MsgDeserialize out of sync with MsgSerialize for StrucData
- bugfix imfile: partial data loss, especially in readMode != 0
- bugfix: potential large memory consumption with failed actions
- bugfix: omudpspoof: invalid default send template in RainerScript format
- bugfix: size-based legacy config statements did not work properly
- build system: added option --without-valgrind-testbench
- rsyslogd: fix misleading typos in error messages
Version 8.8.0 [v8-stable] 2015-02-24
- omkafka: add support for dynamic topics and auto partitioning
- imtcp/imptcp: support for broken Cisco ASA TCP syslog framing
- omfwd: more detailled error messages in case of UDP send error
- TLS syslog: enable capability to turn on GnuTLS debug logging
- bugfix: $AbortOnUncleanConfig did not work
- improve rsyslogd -v output and error message with meta information
version number is now contained in error message and build platform in
version output
- bugfix imtcp: octet-counted framing cannot be turned off
- bugfix: build problems on Illuminos
- bugfix: invalid data size for iMaxLine global property
- bugfix: negative values for maxMessageSize global parameter were permitted
- add message metadata "system" to msg object
this permits to store metadata alongside the message
- imfile: add support for "filename" metadata
this is useful in cases where wildcards are used
- imptcp: make stats counter names consistent with what imudp, imtcp uses
- added new module "omkafka" to support writing to Apache Kafka
- omfwd: add new "udp.senddelay" parameter
- mmnormalize enhancements
- RainerScript "foreach" iterator and array reading support
- now requires liblognorm >= 1.0.2
- add support for systemd >= 209 library names
- BSD "ntp" facility (value 12) is now also supported in filter
- bugfix: global(localHostName="xxx") was not respected in all modules
- bugfix: emit correct error message on config-file-not-found
- bugfix: impstats emitted invalid JSON format (if JSON was selected)
- bugfix: (small) memory leak in omfile's outchannel code
- bugfix: imuxsock did not deactivate some code not supported by platform
Version 8.6.0 [v8-stable] 2014-12-02
- configuration-setting rsyslogd command line options deprecated
- new and enhanced plugins for 0mq. These are currently experimantal.
- empty rulesets have been permitted. They no longer raise a syntax error.
- add parameter -N3 to enable config check of partial config file
- rsyslogd -e option has finally been removed
- testbench improvements
- testbench is now by default disabled
- add new RainerScript functions warp() and replace()
- mmnormalize can now also work on a variable
- new property date options for day ordinal and week number
- remove --enable-zlib configure option, we always require it
- slight source-tree restructuring: contributed modules are now in their
own ./contrib directory
- bugfix: imudp makes rsyslog hang on shutdown when more than 1 thread used
- bugfix: not all files closed on auto-backgrounding startup
- bugfix: typo in queue configuration parameter made parameter unusable
- bugfix: unitialized buffer off-by-one error in hostname generation
- bugfix imuxsock: possible segfault when SysSock.Use="off"
- bugfix: RainerScript: invalid ruleset names were accepted during ruleset
defintion, but could of course not be used when e.g. calling a ruleset.
- bugfix: some module entry points were not called for all modules callbacks
like endCnfLoad() were primarily being called for input modules. This has
been corrected. Note that this bugfix has some regression potential.
- bugfix omlibdbi: connection was taken down in wrong thread
- imttcp was removed because it was an incompleted experimental module
- pmrfc3164sd because it was a custom module nobody used
- omoracle was removed because it was orphaned and did not build/work
for quite some years and nobody was interested in fixing it
Version 8.5.0 [v8-stable] 2014-10-24
- imfile greatly refactored and support for wildcards added
- PRI-handling code refactored for more clarity and robustness
- ommail: add support for RainerScript config system [action() object]
- refactored the auto-backgrounding method
- make gntls tcp syslog driver emit more error messages
- bugfix: imfile did not complain if configured file did not exist
- bugfix: build failure on systems which don't have json_tokener_errors
- imgssapi: log remote peer address in some error messages
Version 8.4.2 [v8-stable] 2014-10-02
- bugfix: the fix for CVE-2014-3634 did not handle all cases. This is
corrected now. see also: CVE-2014-3683
- fixed a build problem on some platforms. Thanks to Olaf for the patch
- behaviour change: "msg" of messages with invalid PRI set to "rawmsg"
When the PRI is invalid, the rest of the header cannot be valid. So
we move all of it to MSG and do not try to parse it out. Note that
this is not directly related to the security issue but rather done
because it makes most sense.
Version 8.4.1 [v8-stable] 2014-09-30
- imudp: add for bracketing mode, which makes parsing stats easier
- permit at-sign in variable names
closes: https://github.com/rsyslog/rsyslog/issues/110
- bugfix: fix syntax error in anon_cc_numbers.py script
Thanks to github user anthcourtney for the patch.
closes: https://github.com/rsyslog/rsyslog/issues/109
- bugfix: ompgsql: don't loose uncomitted data on retry
Thanks to Jared Johnson and Axel Rau for the patch.
- bugfix: imfile: if a state file for a different file name was set,
that different file (name) was monitored instead of the configured
one. Now, the state file is deleted and the correct file monitored.
closes: https://github.com/rsyslog/rsyslog/issues/103
- bugfix: omudpspoof: source port was invalid
Thanks to Pavel Levshin for the patch
- bugfix: build failure on systems which don't have json_tokener_errors
Older versions of json-c need to use a different API (which don't
exists on newer versions, unfortunately...)
Thanks to Thomas D. for reporting this problem.
- bugfix: omelasticsearch does not work with broken/changed ES 1.0+ API
closes: https://github.com/rsyslog/rsyslog/issues/104
- bugfix: mmanon did not properly anonymize IP addresses starting with '9'
Thanks to defa-at-so36.net for reporting this problem.
closes: http://bugzilla.adiscon.com/show_bug.cgi?id=529
- bugfix: build problems on SuSe Linux
Thanks Andreas Stieger for the patch
- bugfix: omelasticsearch error file did not work correctly on ES 1.0+
due to a breaking change in the ElasticSearch API.
see also: https://github.com/rsyslog/rsyslog/issues/104
- bugfix: potential abort when a message with PRI > 191 was processed
if the "pri-text" property was used in active templates, this could be
abused to a remote denial of service from permitted senders
see also: CVE-2014-3634
Rsyslog is an enhanced syslogd supporting, among others, MySQL,
PostgreSQL, failover log destinations, syslog/tcp, fine grain
output format control, high precision timestamps, queued operations
and the ability to filter on any message part. It is quite
compatible to stock sysklogd and can be used as a drop-in
replacement.
