update is fixing $AllowedSender security issue

.cvsignore

@@ -1 +1 @@
-rsyslog-3.21.3.tar.gz
+rsyslog-3.21.9.tar.gz

rsyslog-3.21.3-clock.patch

@@ -1,14 +0,0 @@
-diff -up rsyslog-3.21.3/action.c.clock rsyslog-3.21.3/action.c
---- rsyslog-3.21.3/action.c.clock	2008-08-28 10:23:10.000000000 +0200
-+++ rsyslog-3.21.3/action.c	2008-08-28 10:37:24.000000000 +0200
-@@ -577,6 +577,10 @@ dbgprintf("NTH: conf: %d, actual %d\n", 
- 
- 	dbgprintf("Called action, logging to %s\n", module.GetStateName(pAction->pMod));
- 
-+	if(pAction->tLastExec > now) {
-+		/* if we are traveling back in time, reset tLastExec */
-+		pAction->tLastExec = (time_t) 0;
-+	}
- 	/* now check if we need to drop the message because otherwise the action would be too
- 	 * frequently called. -- rgerhards, 2008-04-08
- 	 */

rsyslog-3.21.3-manual.patch

@@ -1,67 +0,0 @@
-diff -up rsyslog-3.21.3/tools/rsyslog.conf.5.orig rsyslog-3.21.3/tools/rsyslog.conf.5
---- rsyslog-3.21.3/tools/rsyslog.conf.5.orig	2008-09-01 15:21:50.000000000 +0200
-+++ rsyslog-3.21.3/tools/rsyslog.conf.5	2008-09-01 15:21:51.000000000 +0200
-@@ -91,7 +91,7 @@ $ModLoad imtcp
- $InputTCPServerRun 514
- .TP
- .TP
--.I imtcp
-+.I imrelp
- Input plugin for the RELP protocol. RELP can be used instead
- of UDP or plain TCP syslog to provide reliable delivery of
- syslog messages. Please note that plain TCP syslog does NOT
-@@ -159,6 +159,54 @@ Every rule line consists of two fields, 
- two fields are separated by one or more spaces or tabs. The selector field specifies 
- a pattern of facilities and priorities belonging to the specified action.
- 
-+.SH SELECTORS
-+
-+The selector field itself again consists of two parts, a facility and a
-+priority, separated by a period ('.'). Both parts are case insensitive and can
-+also be specified as decimal numbers, but don't do that, you have been warned.
-+Both facilities and priorities are described in rsyslog(3). The names mentioned
-+below correspond to the similar LOG_-values in /usr/include/rsyslog.h.
-+
-+The facility is one of the following keywords: auth, authpriv, cron, daemon,
-+kern, lpr, mail, mark, news, security (same as auth), syslog, user, uucp and
-+local0 through local7. The keyword security should not be used anymore and mark
-+is only for internal use and therefore should not be used in applications.
-+Anyway, you may want to specify and redirect these messages here. The facility
-+specifies the subsystem that produced the message, i.e. all mail programs log
-+with the mail facility (LOG_MAIL) if they log using syslog.
-+
-+The priority is one of the following keywords, in ascending order: debug, info,
-+notice, warning, warn (same as warning), err, error (same as err), crit, alert,
-+emerg, panic (same as emerg). The keywords error, warn and panic are deprecated
-+and should not be used anymore. The priority defines the severity of the message.
-+
-+The behavior of the original BSD syslogd is that all messages of the specified
-+priority and higher are logged according to the given action. Rsyslogd behaves
-+the same, but has some extensions.
-+
-+In addition to the above mentioned names the rsyslogd(8) understands the
-+following extensions: An asterisk ('*') stands for all facilities or all
-+priorities, depending on where it is used (before or after the period). The
-+keyword none stands for no priority of the given facility.
-+
-+You can specify multiple facilities with the same priority pattern in one
-+statement using the comma (',') operator. You may specify as much facilities as
-+you want. Remember that only the facility part from such a statement is taken, a
-+priority part would be skipped.
-+
-+Multiple selectors may be specified for a single action using the semicolon
-+(';') separator. Remember that each selector in the selector field is capable
-+to overwrite the preceding ones. Using this behavior you can exclude some
-+priorities from the pattern.
-+
-+Rsyslogd has a syntax extension to the original BSD source, that makes its use
-+more intuitively. You may precede every priority with an equation sign ('=') to
-+specify only this single priority and not any of the above. You may also (both
-+is valid, too) precede the priority with an exclamation mark ('!') to ignore
-+all that priorities, either exact this one or this and any higher priority. If
-+you use both extensions than the exclamation mark must occur before the equation
-+sign, just use it intuitively.
-+
- .SH ACTIONS
- The action field of a rule describes what to do with the message. In general, message content 
- is written to a kind of "logfile". But also other actions might be done, like writing to a 

rsyslog.spec

@@ -2,8 +2,8 @@
 
 Summary: Enhanced system logging and kernel message trapping daemons
 Name: rsyslog
-Version: 3.21.3
-Release: 4%{?dist}
+Version: 3.21.9
+Release: 1%{?dist}
 License: GPLv3+
 Group: System Environment/Daemons
 URL: http://www.rsyslog.com/
@@ -12,8 +12,6 @@ Source1: rsyslog.init
 Source2: rsyslog.conf
 Source3: rsyslog.sysconfig
 Source4: rsyslog.log
-Patch0: rsyslog-3.21.3-clock.patch
-Patch1: rsyslog-3.21.3-manual.patch
 BuildRequires: zlib-devel
 BuildRequires: autoconf automake
 Requires: logrotate >= 3.5.2
@@ -89,8 +87,6 @@ IETF standard protocol.
 
 %prep
 %setup -q
-%patch0 -p1 -b .clock
-%patch1 -p1 -b .manual
 
 %build
 export CFLAGS="$RPM_OPT_FLAGS -DSYSLOGD_PIDNAME=\\\"syslogd.pid\\\""
@@ -196,6 +192,9 @@ fi
 %{_libdir}/rsyslog/lmnsd_gtls.so
 
 %changelog
+* Mon Dec 15 2008 Peter Vrabec <pvrabec@redhat.com> 3.21.9-1
+- update is fixing $AllowedSender security issue
+
 * Mon Sep 15 2008 Peter Vrabec <pvrabec@redhat.com> 3.21.3-4
 - use RPM_OPT_FLAGS
 - use same pid file and logrotate file as syslog-ng (#441664)

sources

@@ -1 +1 @@
-bacd7f5351bf29c12d41b72265df5723  rsyslog-3.21.3.tar.gz
+06e1d9fa8f40263bb654b38d2ef57e6c  rsyslog-3.21.9.tar.gz