Hi all,
We have just released rsyslog 4.1.2, a member of the v4-development
branch.
Most importantly, this release addresses a security vulnerability that
renders the $AllowedSender directive useless. This release has another
security fix, which addresses a imudp which emitted a message each time
a non-permitted sender tried to send a message. This could have filled
the disk. Now it only emits a message once per minute. Further, all
fixes and changes from 3.21.9 (beta) and 3.20.2 (stable) have been
included in this release.
Security Advisory:
http://www.rsyslog.com/Article322.phtml
Download:
http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-143.phtml
Change Log:
http://www.rsyslog.com/Article331.phtml
All users are advised to update to this release. It is urgently
recommended not only for those that would be vulnerable to the security
issue but also to anyone using TLS-based communications.
As always, feedback is appreciated. We hope this release will be useful.
Florian Riedl
--
Support
=======
Improving rsyslog is costly, but you can help! We are looking for
organizations that find rsyslog useful and wish to contribute back. You
can contribute by reporting bugs, improve the software, or donate money
or equipment.
Commercial support contracts for rsyslog are available, and they help
finance continued maintenance. Adiscon GmbH, a privately held German
company, is currently funding rsyslog development. We are always looking
for interesting development projects. For details on how to help, please
see http://www.rsyslog.com/doc-how2help.html .
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com
We have just released rsyslog 4.1.2, a member of the v4-development
branch.
Most importantly, this release addresses a security vulnerability that
renders the $AllowedSender directive useless. This release has another
security fix, which addresses a imudp which emitted a message each time
a non-permitted sender tried to send a message. This could have filled
the disk. Now it only emits a message once per minute. Further, all
fixes and changes from 3.21.9 (beta) and 3.20.2 (stable) have been
included in this release.
Security Advisory:
http://www.rsyslog.com/Article322.phtml
Download:
http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-143.phtml
Change Log:
http://www.rsyslog.com/Article331.phtml
All users are advised to update to this release. It is urgently
recommended not only for those that would be vulnerable to the security
issue but also to anyone using TLS-based communications.
As always, feedback is appreciated. We hope this release will be useful.
Florian Riedl
--
Support
=======
Improving rsyslog is costly, but you can help! We are looking for
organizations that find rsyslog useful and wish to contribute back. You
can contribute by reporting bugs, improve the software, or donate money
or equipment.
Commercial support contracts for rsyslog are available, and they help
finance continued maintenance. Adiscon GmbH, a privately held German
company, is currently funding rsyslog development. We are always looking
for interesting development projects. For details on how to help, please
see http://www.rsyslog.com/doc-how2help.html .
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com