——————————————————————————–
Fedora Update Notification
FEDORA-2014-12503
2014-10-10 14:43:11
——————————————————————————–

Name : rsyslog
Product : Fedora 20
Version : 7.4.8
Release : 2.fc20
URL : http://www.rsyslog.com/
Summary : Enhanced system logging and kernel message trapping daemon
Description :
Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL,
syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part,
and fine grain output format control. It is compatible with stock sysklogd
and can be used as a drop-in replacement. Rsyslog is simple to set up, with
advanced features suitable for enterprise-class, encryption-protected syslog
relay chains.

——————————————————————————–
Update Information:

Security fix for CVE-2014-3634
——————————————————————————–
ChangeLog:

* Tue Oct 7 2014 Tomas Heinrich <theinric@redhat.com> 7.4.8-2
– fix CVE-2014-3634
* Tue Apr 15 2014 Jakub Čajka <jcajka@redhat.com> 7.4.8-1.1
– backport support for platforms without atomic instructions
* Thu Feb 20 2014 Tomas Heinrich <theinric@redhat.com> 7.4.8-1
– rebase to 7.4.8
– add an explicit requirement on the version of libestr
– install the rsyslog-recover-qi.pl tool
– fix a typo in a package description
– add missing defattr directives
– add rsyslog-7.4.8-omjournal-warning.patch to fix
a condition for issuing a warning in omjournal
– add a patch to allow numeric specification of UIDs/GUIDs
rsyslog-7.4.8-numeric-uid.patch
– drop the “v5” string from the conf file as it’s misleading
– add rsyslog-7.4.8-dont-link-libee.patch to prevent
linking the main binary with libee
– replace rsyslog-7.3.15-imuxsock-warning.patch
with rsyslog-7.4.8-imuxsock-wrn.patch
– link to libhiredis explicitly
– add a patch to prevent message loss in imjournal
rsyslog-7.4.8-bz1026804-imjournal-message-loss.patch
resolves: #1026804
– move the rscryutil man page to the crypto subpackage
– add a patch to fix connection initialization in ompgsql
rsyslog-7.4.8-ompgsql-delay-connection.patch
for more details see:
http://lists.adiscon.net/pipermail/rsyslog/2014-February/036202.html
– add a patch for not enforcing teplate specification in ommongodb
rsyslog-7.4.8-ommongodb-dont-require-tpl.patch
for more details see:
http://bugzilla.adiscon.com/show_bug.cgi?id=513
——————————————————————————–
References:

[ 1 ] Bug #1142373 – CVE-2014-3634 rsyslog: remote syslog PRI vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1142373
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update rsyslog’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce