2.1.3 Wed, 19 Nov 2008 12:52:47 +0100 NOTE: this release fixes a security problem CVE-2008-5110, see the changelog below for more details. Bugfixes: * Fixed chroot() support to change into the chrooted directory after chroot is invoked. This fixes the security problem CVE-2008-5110. NOTE: this vulnerability is not exploitable on its own, it only makes breaking out of the jail somewhat easier. Please also NOTE that, even with this patch applied, it is still possible to break out of the jail if syslog-ng is running as root. * Fixed the code to resolve usernames, 2.1.2 had a regression which caused all username lookups to fail. 2.1.2 Wed, 12 Nov 2008 12:25:37 +0100 Bugfixes: * Fixed handling windows sizes above 65535 by changing the internal reference counter type to a 32 bit integer. * Fixed the reported port number in log statistics messages. * Fixed the internal representation of "facility" values, earlier an 8 bit value was used for both the priority and facility values, and although systems do not define facilities in this range, the LOG_FACMASK macro defines two additional bits. The type of this field was changed to 16 bits. * Fixed filter evaluation, the evaluation in AND and OR operators had a problem, it evaluated the right-hand-size of expressions first, and then the left-hand-side. This is wrong, and it easily ruins the concept of extracting information from messages via regexps. * Fixed a segmentation fault in the configuration parser on OpenBSD/amd64. All configuration options that expected a number in the parser may cause a crash, as the strdup() function went undeclared on OpenBSD, causing it to be auto-declared as a function returning "int". As a 32 bit int cannot hold a 64 bit pointer, this may cause a crash if the high-order bits of the pointer are lost. * Fixed a possible "stall" of the syslog-ng main loop, when SQL destinations are used and flow control is enabled on the log path feeding the SQL destination. * Fixed a possible 100% CPU usage case on HP-UX. HP-UX may return POLLERR on its own without the other flags set, this was not properly handled by syslog-ng, causing it to spin on the CPU. Other changes: * Instead of relying on BalaBit's version of libdbi, adapt the configure script to libdbi upstream. This currently means that instead of dbi-0.8.pc, syslog-ng is looking for dbi.pc, just as the upstream installs the pkg-config file. * Added --enable-mixed-linking option to the configure script. This functionally equivalent of the default linking option in syslog-ng 2.0. This change only makes this possibility more explicit. * Fixed some compilation warnings. * Removed the build dependency on flex 2.5.34. 2.1.1 Thu, 28 Aug 2008 09:26:30 +0200 Bugfixes: * Fixed a possible crash in stats message generation. * Fixed compilation problem in loggen on FreeBSD. Other changes: * The netmask filter was changed to assume that local messages are received from 127.0.0.1. 2.1beta2 Fri, 13 Jun 2008 14:37:08 +0200 Bugfixes: * Create /var/lib/syslog-ng directory from RPM packages. * Fixed a 100% CPU usage problem triggered by the pipe() destination. This is a regression in 2.1beta1 and does not affect earlier versions. * Removed test code that injected "Connection timed out" errors into local file writes. * Set the current directory to the root once syslog-ng daemonized itself. * Fixed the $PID macro to only extract information from the syslog message header and not from the message contents. Other changes: * Instead of using O_APPEND for file writes, add an lseek before writing which performs much better with the NFS client in BSD kernels. * Added support for suppressing duplicate messages. This feature was contributed by Chris Packham. * The default linking mode is changed to dynamic linking, as static linking is more difficult for users to cope with. Those who use NFS mounted /usr on machines where syslog-ng runs on will probably need to explicitly ask for the previous behaviour. 2.1beta1 Fri, 18 Apr 2008 18:00:59 +0200 Bugfixes: * Fixed a possible SIGABRT crash if the hosts file passed to dns-cache-hosts() had multiple entries with the same IP address. * Fixed a bug that caused the persistent DNS cache (e.g. /etc/hosts) to be reloaded for all name resolution requests. * Fixed a possible crash during startup if "-g" was specified without using "-u". * Fixed handling more than 256 destinations by changing the reference counter type of LogMessages to a 16 bit value. * Fixed door initialization on Solaris, the door portion of sun-streams() sources did not work in previous releases. * Fixed a possible segmentation fault in handling file sources that are marked optional and the source file does not exist. * Fixed the LinkSys style timestamp parser to avoid recognizing hostnames starting with numbers as the year value of the timestamp. * Fixed the year recognition heuristics as the older used the previous year in some cases when the client's clock was too fast. Other changes: * Backported end-of-message search algorithm from PE, which results in increased performance and the removal of vague interpretation of messages that contain both NUL and NL characters. * Removed destination files from the set of polled fds, they are always writable anyway and cause performance degradation when a lot of destination files are managed. * Fixed some FreeBSD and AIX portability issues. * Added the BSDTAG macro, implementation by Jung Christian. * Changed the reconnection logic in the TCP destination driver to reattempt connections for any kind of network problems. Therefore an unknown DNS name will not prevent syslog-ng to start up with an initialization error. * Changed the file write error handling logic to suspend writing to a file destination on write errors, but retry it some time later. This time interval is controlled by time_reopen() just like with other drivers.