Hello,
We have just released rsyslog 3.20.1, a member of the v3-stable branch.
Most importantly, this release addresses a security vulnerability that
renders the $AllowedSender directive useless. This issue has already
been discussed here on the list. In addition to this, the release also
contains some bug fixes, including a memory leak that could cause real
trouble in environments that use TLS, as well as some very small
enhancements (that were considered small enough to be a applied to the
stable branch)
Security Advisory:
http://www.rsyslog.com/Article322.phtml
Download:
http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-141.phtml
Change Log:
http://www.rsyslog.com/Article323.phtml
All users are advised to update to this release. It is urgently
recommended not only for those that would be vulnerable to the security
issue but also to anyone using TLS-based communications.
Releases for the beta and devel branches will hopefully be posted later
today. The git archive has all relevant patches if someone has an urgent
need.
As always, feedback is appreciated. We hope this release will be useful.
Florian Riedl
--
Support
=======
Improving rsyslog is costly, but you can help! We are looking for
organizations that find rsyslog useful and wish to contribute back. You
can contribute by reporting bugs, improve the software, or donate money
or equipment.
Commercial support contracts for rsyslog are available, and they help
finance continued maintenance. Adiscon GmbH, a privately held German
company, is currently funding rsyslog development. We are always looking
for interesting development projects. For details on how to help, please
see http://www.rsyslog.com/doc-how2help.html .
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com
We have just released rsyslog 3.20.1, a member of the v3-stable branch.
Most importantly, this release addresses a security vulnerability that
renders the $AllowedSender directive useless. This issue has already
been discussed here on the list. In addition to this, the release also
contains some bug fixes, including a memory leak that could cause real
trouble in environments that use TLS, as well as some very small
enhancements (that were considered small enough to be a applied to the
stable branch)
Security Advisory:
http://www.rsyslog.com/Article322.phtml
Download:
http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-141.phtml
Change Log:
http://www.rsyslog.com/Article323.phtml
All users are advised to update to this release. It is urgently
recommended not only for those that would be vulnerable to the security
issue but also to anyone using TLS-based communications.
Releases for the beta and devel branches will hopefully be posted later
today. The git archive has all relevant patches if someone has an urgent
need.
As always, feedback is appreciated. We hope this release will be useful.
Florian Riedl
--
Support
=======
Improving rsyslog is costly, but you can help! We are looking for
organizations that find rsyslog useful and wish to contribute back. You
can contribute by reporting bugs, improve the software, or donate money
or equipment.
Commercial support contracts for rsyslog are available, and they help
finance continued maintenance. Adiscon GmbH, a privately held German
company, is currently funding rsyslog development. We are always looking
for interesting development projects. For details on how to help, please
see http://www.rsyslog.com/doc-how2help.html .
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com