1.253. rsyslog

Updated rsyslog packages that fix one security issue are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) associated with each description below.
The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control.

Security Fix

CVE-2011-3200
A two byte buffer overflow flaw was found in the rsyslog daemon's parseLegacySyslogMsg function. An attacker able to submit log messages to rsyslogd could use this flaw to crash the daemon.
All rsyslog users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the rsyslog daemon will be restarted automatically.
Enhanced rsyslog packages are now available for Red Hat Enterprise Linux 6.
The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. Rsyslog is compatible with stock sysklogd, and can be used as a drop-in replacement. It is simple to set up, with advanced features suitable for enterprise-class, encryption-protected syslog relay chains.
Enhancement
BZ#642994
With this update, rsyslog is built with the PIE (Position Independent Executable) and RELRO (read-only relocations) flags, thus, increasing the overall security. Also, rsyslog now owns the "/etc/pki/rsyslog" directory. A ChangeLog which contains a record of changes made to the rsyslog package was added to the existing documentation in the "/usr/share/doc/rsyslog-[VERSION]" directory.
Users of rsyslog are advised to upgrade to these updated packages, which add this enhancement.
Updated rsyslog packages that add one enhancement are now available for Red Hat Enterprise Linux 6.
The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control.
BZ#742275
This update introduces the new configuration option "SpaceLFOnReceive" and the log format template "RSYSLOG_SysklogdFileFormat". These new features allow users to configure rsyslog to behave like the old sysklogd daemon, available in previous releases.
Users that require sysklogd compatibility from rsyslog are advised to upgrade to these updated rsyslog packages, which add this enhancement.
Updated rsyslog packages that fix one bug are now available for Red Hat Enterprise Linux 6.
The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control.
Bug Fix
Prior to this update, the "$ActionSendStreamDriverMode" configuration directive did not have any effect on big-endian platforms. Due to this behavior, the Transport Layer Security (TLS) encryption was not enabled. This update modifies the code to correctly process the configuration directive. Now, TLS encryption works as expected.
All users of rsyslog are advised to upgrade to these updated packages, which fix this bug.