[SECURITY] Fedora 8 Update: syslog-ng-2.0.10-1.fc8
updates at fedoraproject.org
updates at fedoraproject.org
Sun Dec 7 04:33:55 UTC 2008
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-10920
2008-12-07 02:17:19
--------------------------------------------------------------------------------
Name : syslog-ng
Product : Fedora 8
Version : 2.0.10
Release : 1.fc8
URL : http://www.balabit.com/products/syslog-ng/
Summary : Syslog replacement daemon
Description :
syslog-ng, as the name shows, is a syslogd replacement, but with new
functionality for the new generation. The original syslogd allows
messages only to be sorted based on priority/facility pairs; syslog-ng
adds the possibility to filter based on message contents using regular
expressions. The new configuration scheme is intuitive and powerful.
Forwarding logs over TCP and remembering all forwarding hops makes it
ideal for firewalled environments.
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2008-5110
--------------------------------------------------------------------------------
ChangeLog:
* Tue Dec 2 2008 Douglas E. Warner <silfreed at silfreed.net> 2.0.10-1
- update to 2.0.10
- fix for CVE-2008-5110
* Mon Sep 15 2008 Peter Vrabec <pvrabec at redhat.com> 2.0.8-3
- do not conflicts with rsyslog, both rsyslog and syslog-ng use
same pidfile and logrotate file (#441664)
* Sat Sep 6 2008 Tom "spot" Callaway <tcallawa at redhat.com> 2.0.8-2
- fix license tag
* Thu Jan 31 2008 Douglas E. Warner <silfreed at silfreed.net> 2.0.8-1
- updated to 2.0.8
- removed logrotate patch
* Tue Jan 29 2008 Douglas E. Warner <silfreed at silfreed.net> 2.0.7-2
- added patch from git commit a8b9878ab38b10d24df7b773c8c580d341b22383
to fix log rotation (bug#430057)
* Tue Jan 8 2008 Douglas E. Warner <silfreed at silfreed.net> 2.0.7-1
- updated to 2.0.7
- force regeneration to avoid broken paths from upstream (#265221)
- adding loggen binary
* Mon Dec 17 2007 Douglas E. Warner <silfreed at silfreed.net> 2.0.6-1
- updated to 2.0.6
- fixes DoS in ZSA-2007-029
* Thu Nov 29 2007 Peter Vrabec <pvrabec at redhat.com> 2.0.5-3
- add conflicts (#400661)
* Wed Aug 29 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 2.0.5-2
- Rebuild for selinux ppc32 issue.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #471984 - CVE-2008-5110 syslog-ng improper chroot
https://bugzilla.redhat.com/show_bug.cgi?id=471984
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update syslog-ng' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list