Hi all, We have just released rsyslog 4.1.2, a member of the v4-development branch. Most importantly, this release addresses a security vulnerability that renders the $AllowedSender directive useless. This release has another security fix, which addresses a imudp which emitted a message each time a non-permitted sender tried to send a message. This could have filled the disk. Now it only emits a message once per minute. Further, all fixes and changes from 3.21.9 (beta) and 3.20.2 (stable) have been included in this release.
Security Advisory: http://www.rsyslog.com/Article322.phtml Download: http://www.rsyslog.com/Downloads-req-viewdownloaddetails-lid-143.phtml Change Log: http://www.rsyslog.com/Article331.phtml All users are advised to update to this release. It is urgently recommended not only for those that would be vulnerable to the security issue but also to anyone using TLS-based communications. As always, feedback is appreciated. We hope this release will be useful. Florian Riedl -- Support ======= Improving rsyslog is costly, but you can help! We are looking for organizations that find rsyslog useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for rsyslog are available, and they help finance continued maintenance. Adiscon GmbH, a privately held German company, is currently funding rsyslog development. We are always looking for interesting development projects. For details on how to help, please see http://www.rsyslog.com/doc-how2help.html . _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
