3.0.6
        Sun, 11 Apr 2010 10:35:46 +0200

        Bugfixes:
        * Fixed a boundary checking error on the usertty() destination,
          which can cause a local buffer to be overflown if the wtmp file on
          the system contains more than 123 characters in its ut_line
          member. It is not believed to be exploitable on the following
          platforms:
            Linux (32 chars)
            Solaris (12 chars)
            AIX (64 chars)
            HP-UX (12 chars)
            FreeBSD (8 chars)
            OpenBSD (8 chars)

        * Fixed a possible loss of the last partial message in the TCP and
          TLS transports of the syslog() driver.
        * Fixed empty line handling in the syslog() driver. The parser now
          accepts empty lines (which it didn't, but should have) and empty
          lines have the required trailing space which it didn't previously.
        * Fixed SDATA value lookup in case the the SD-ID contains dots.
        * Added escaping support to the structured-data parser.
        * Fixed an off-by-one bug in the structured data parser.
        * Fixed a possible segmentation fault after initializing the
          configuration when using unix-stream() and unix-dgram() destinations.
        * Fixed the Solaris 10 SMF script to handle "refresh" calls.
        * Fixed the Solaris 10 SMF script to handle an existing PID file
          without syslog-ng running with that pid.
        * Fixed the Solaris init/SMF scripts to avoid ugly error messages if
          the dump device doesn't exist. This situation can easily happen in
          a chroot or a zone.
        * Fixed a 100% CPU usage if the pipe() driver is applied to a regular
          file, or a file() driver on a named pipe.
        * Fixed a daylight saving problem in the transition window when
          receiving a BSD timestamp.
        * syslog-ng CSV format statistics (reachable via the syslog-ng.ctl
          socket) is now properly escaped.

        Other changes:
        * Fixed a linking problem with the MacOSX linker.
        * Added automatic test coverage for RFC5424 protocol format.
        * The SQL driver will drop a message after 3 failed attempts to
          insert it into the database.
        * If a character set conversion problem occurs on a connection,
          syslog-ng will drop the connection instead of trying to read
          further.

3.0.5
        Thu, 03 Dec 2009 18:02:56 +0100

        Bugfixes:
        * Fixed a possible hang that caused syslog-ng to completely stop
          processing messages, in case SQL destination is enabled in
          configure. The bug does not need a working SQL destination.
        * Fixed a possible 100% CPU usage in case an udp destination went
          down.
        * Fixed host_override/program_override options that were broken in
          3.0.4.
        * Fixed the SQL destination to avoid dropping the output queue in
          case a HUP was received.
        * Fixed a possible segmentation fault when parsing syntactically
          incorrect patterndb files.
        * Fixed ESTRING parser to include the ending quote character in the
          result.
        * Report an error in case there's no terminating brace in template
          macro references, e.g. no closing brace in ${macro} format.
        * Fixed FreeBSD init script to add $prefix/sbin to the PATH
          environment variable. This problem caused syslog-ng not to start
          up on boot.
        * Fixed FreeBSD /dev/klog message reading, follow_freq() needs to
          default to zero in this case (just like Linux /proc/kmsg).
        * Fixed a possible segfault in SIGHUP processing if an included file
          contains a syntax error.
        * RFC5424 over UDP erroneously required frame length, just like TCP,
          this is now fixed.
        * Fixed HP-UX 11iv2 compilation issue related to pread/pwrite
          compile errors.
        * The flow-control flag was erroneously enabled if any of the log
          statements contained either "final" or "fallback".
        * Fixed rewrite processing, in some cases a rewritten value could
          be propagated to wrong branches in the log processing tree.

        Other changes:
        * Added support for Cisco ASA timestamps.
        * Added version checks for PCRE in the configure script.
        * Integrate with system LSB init scripts a bit better, with 3.0.5
          the init script status reports should nicely integrate with
          the host system.

3.0.4
        Wed, 05 Aug 2009 12:51:31 +0200

        Bugfixes:
        * The use of the tcp6 destination caused aborts during startup,
          which has now been fixed.
        * The window size used for flow control could be decremented to a
          negative value in case multiple incoming connections overflowed
          the queue. This could cause an abort if a SIGHUP was received at
          this time.
        * Fixed a possible segmentation fault under Solaris if the syslog()
          driver was used without explicitly specifying a transport()
          option.
        * Fixed parse error handling when loading the patterndb.
        * Fixed the handling of door initialization failures on Solaris.

        Other changes:
        * Fixed performance degradation when using the
          host_override/program_override options.

3.0.3
        Thu, 25 Jun 2009 08:20:28 +0200

        IMPORTANT CHANGES:
        * There was an unintended change in the meaning of command line
          argument -C (--chroot) and -R (--persist-file) between 2.x and 3.x
          versions of syslog-ng. This release reverts this change back to
          the original 2.x behaviour. This is a incompatible change
          compared against 3.0.2. Please review your startup scripts if you
          use either -C or -R.

        Bugfixes:
        * Fixed a compilation problem if IPv6 is disabled.
        * Fixed a crash problem if a log statement has a filter but no
          destinations.
        * The usertty() driver was changed to open the terminal device in
          nonblocking mode, as open on a serial device might block which
          cause the syslog-ng process to hang.


3.0.2
	Thu, 07 May 2009 08:30:06 +0200

	Highlights:
	* This release is the first to feature binary packages, installation
	  packages for various platforms.

	Bugfixes:
	* Only assume that a source logfile was rotated if the new log file
          has a non-zero size. This fix solves a minor race which might
	  cause some messages to be lost from the end of the old logfile.
	* Fixed the processing of the -u and -g command line options to set
	  the user/group of the syslog-ng process. Previously all usernames
	  were rejected as non-existant.
	* Resolve usernames before chrooting, to avoid the need to have an
	  /etc/passwd & /etc/group inside the chroot.
	* Fixed the read rate of regular files, with the change in this
	  release it is now possible to fully saturate a destination pipe by
	  using plain text files.
	* Fixed a synchronization problem in the SQL destination on AIX
	  causing random crashes when the SQL destination is used.
	* Make the "syslog" reserved word usable as a facility name,
	  previously syslog-ng indicated a syntax error if syslog as a
	  facility was not enclosed in quotation marks.
	* Don't write the pidfile in case only a syntax check was requested.
	* Fixed compilation problems if SSL support is not enabled.
	* Set the default fd limit to 256 on cygwin as that platform does
	  not support the current default of 4096 used on all other
	  platforms.
	* Fixed template expansion for non-inline templates defined using
	  the template statement.
	* Fixed the handling of zero-sized packets in the udp() source.
	* Fixed the storing of regexp/db-parser() matches on big-endian, 32
	  bit CPUs.
	* Fixed character conversion in case one chunk of data has an
	  incomplete sequence at the end.
	* Don't let the character conversion eat up unlimited memory to
          avoid an easy DoS condition.
	* Fixed SSL certificate validation, added X.509 policy check, fixed
	  required-untrusted verify-mode and added basicConstraints
	  validation.
	* Fixed /dev/klog handling on FreeBSD, syslog-ng attempted to open
	  this device multiple times which is not permitted.
	* Fixed $TZOFS expansion in templates in case the target does not
	  specify a conversion timezone (which is the default and is true in
	  most cases).
	* Fixed the use of multiple SQL destinations, previously due to an
	  initialization problem only the first SQL destination would ever
	  start writing messages to the target database.
	* If you elected to use a host-file only name resolution, the check
	  to see if the hosts file was changed was performed for each DNS
	  resolution, causing a major performance drop. This was fixed.
	* Due to a typo in the configuration file parser, using SSL
	  destinations always resulted in a segmentation fault. This was
	  fixed.
	* Fixed counting the number of concurrent connections in the
	  SSL enabled tcp() source, previously failing handshakes were
	  counted, thus it is quite easy to reach the max-connection limit.
	* Clarified logging about connection rejected by
	  /etc/hosts.deny & /etc/hosts.allow
	* HP-UX 11v3 compilation fixes
	* Fixed SOURCEIP expansion for IPv6 addresses.
	* Fixed match(type(string)) not to match the message in case only a
	  prefix match was found.
	* Fixed capability setup code around file opens.

	Other changes:
	* Implemented 'store-legacy-msghdr' source flag which keeps the
	  original value of MSGHDR intact, instead of parsing/rebuilding it
	  at the cost of some performance penalty.
	* Implemented 'empty-lines' source flag to avoid dropping empty log
	  messages which is the default behaviour.
	* Added support for file includes in the configuration file.
	* Allow follow_freq() to be a floating point number.
	* Cygwin packaging fixes.
	* Make it possible to create named pipes automatically in the pipe()
	  destination.
	* Allow the use of macros in the filename of pipe() destinations.
	* Added support for setting the default priority/facility value for
	  each source that get applied to messages that lack one.
	* Recognize "mssql" as an alias for "freetds" in the SQL
	  destination.
	* Added the "greedy" flags to the csv-parser(): it makes the last
	  column eat the complete end of the line without caring about
	  column separation characters
	* Added the "drop-invalid" flag to the csv-parser() which makes the
	  parser drop anything that has less columns than it expects to
	  have.
	* Make it possible to use fractions of a second even in non-ISO
	  timestamps.
	* The default values for SQL columns is being deprecated, please
	  supply SQL schema information explicitly in your SQL destinations.
	  A warning message was added in case you don't have a full schema
	  and rely on the default values.
	* The SQL destination got a null() option that specifies a 'special'
	  value for a column which get replaced by an SQL NULL.
	* Added local_timezone() option to file/sql destinations that
	  control the timezone used when expanding the filename/tablename
	  templates. It defaults to the local timezone.

	Configure changes:
	* This section lists changes that might affect distribution
	  packages, please make sure that these changes do not break the
	  syslog-ng packages in any way.
	* Changed the default value of pidfiledir to ${localstatedir} to
	  match GNU conventions, you can specify it explicitly with a
	  --with-pidfile-dir configure option.
	* Changed the default linking mode to "dynamic" to make it easier to
	  compile syslog-ng, as most distributions prefer dynamic libraries
	  over static ones. This means that syslog-ng might not be able to
	  start up if /usr is on NFS. On platforms where syslog-ng is used
	  as a system logger, the previous setting of --enable-mixed-linking
	  is preferred.
	  
	Loggen changes:
	* the sequence number and timestamping of generated messages were
	  erroneously commented out, these were reverted.
	* do not allow message sizes that are larger than the predefined
	  message buffer size.
	* in addition to reporting the number of messages/sec, also report
	  the effective bandwidth used during testing.
	  
	Test suite changes:
	* A lot of enhancements to the functional test program to cover more
	  of the syslog-ng code, like SSL sources & SQL destinations.


3.0.1
        Wed, 24 Dec 2008 12:16:08 +0100

We are happy to announce that version 3.0 of the syslog-ng Open Source Edition
application has been released. The news and highlights of this version are
summarized below:

NEWS:

        Communication:
        * Version 3.0 of syslog-ng supports the new syslog protocol standards
          developed by the Internet Engineering Task Force (IETF). The details
          of these protocols can be found at
          http://www.ietf.org/internet-drafts/draft-ietf-syslog-protocol-23.txt
          and
          http://www.ietf.org/internet-drafts/draft-ietf-syslog-transport-tls-11.txt.
        * The capability to encrypt log connections using TLS has been added.

        Configuration:
        * Log statements can be embedded into each other, making it possible to
          design complex log paths. That way for example the results of a filter
          can be sent to multiple destinations, or it can be sent to a
          destination unchanged, and partly rewritten for the other destination.

        Log files:
        * The encoding of source files can be set for proper character
          conversion (internally syslog-ng represents every message in UTF-8).

        Log messages:
        * The syslog-ng application assigns a unique message identification
          number to every log message, making it easy to detect if any messages
          are lost.
        * The syslog-ng application can read, process, and rewrite structured
          messages (e.g., Apache webserver logs) using templates and
          regular expressions. Both messages with fixed field sizes and fields
          separated with delimiters (e.g., comma-separated values) are
          supported.

DOWNLOAD:

This is a source code only release, no binary packages are available at this
time. Those will be provided at a later date.

The documentation of syslog-ng OSE 3.0, including the installation and user
guides is be available at:
http://www.balabit.com/support/documentation/?product=syslog-ng

Best Regards,

BalaBit IT Security
