A new version of syslog-ng Store Box 4 LTS (4 LTS (4.0.4)) has been
released. For latest fixes in the 4 LTS (4.0.x) branch you are
recommended to upgrade to this version.
4 LTS (4.0.4)
Thu, 31 Aug 2015 15:34:00 +0100
#33318 SSB now properly handles when bad stripes appear on the
hard disk stripes in HW raid, and sends out alerts.
#33520 When configuring SNMP agent settings, SSB sometimes
unnecessarily enclosed the set value between double-quote
characters ("). This has been corrected.
#33493 Debug messages were not properly logged when syslog-ng was
disabled, causing the following error message to appear in the
system logs: "PHP Fatal error: Call to undefined method
Log::log_debug() in /opt/ssb/lib/LogSpaces.php"
This has been corrected, now debug messages are logged properly
even if syslog-ng is disabled.
#33492 On newer, hardware RAID-based appliances, SSB sends false-
positive alert events while the weekly scheduled consistency
check is running, even if the array and all disks are in optimal
This has been fixed, now SSB does not send alerts under
#32522 MSSQL did not create a new table for every month because
syslog-ng used the same transaction to create the table and
Now these are done in two separate steps: if the new table does
not exist, it is created first, and the values are inserted in a
separate transaction. If any transaction fails, syslog-ng sends
a rollback sql command and starts a new transaction.
#33270 After generating a debug bundle on T4 or T10 machines, and then
updating the SSB firmware, synchronizing the boot firmware to
the slave not failed if SSB was not rebooted between generating
the debug bundle and updating the firmware. This has been
corrected, synchronization now works as expected.
#33265 Because of changes in nfs-utils, SSB could connect to NFSv4
servers only. From now on, SSB can connect to NFS server with
protocol version lower than 4.
#33394 Accessing the Policies > Shares page unnecessarily invokes the
"net ads testjoin" function, even if no share is configured.
This has been corrected.
#32127 The configuration file of syslog-ng was world-readable. The file
permissions have been adjusted, now only the necessary processes
can access this file.
Upgraded to Ubuntu security upstream: apt, bash, batik, bind9, binutils, coreutils, cpio, cups, curl, dbus, e2fsprogs, elfutils, freetype, fuse, gnupg, gnutls26, icu, jinja2, libav, libdrm, libgcrypt11, libtasn1-3, libx11, libxalan2-java, libxext, libxfont, libxi, libxrender, libyaml, mime-support, munin, net-snmp, nspr, nss, ntp, openjdk-7, openssh, pcre3, pixman, python2.7, python3.2, pyyaml, qt4-x11, rsyslog, sqlite3, tcpdump, tiff, tzdata, unzip packages has been updated
READ CAREFULLY IF YOU UPGRADE FROM A VERSION PRECEEDING SSB 4.0.1
If you upgrade from a version preceeding SSB 4.0.1, you must manually download and execute a script.
Compared to SSB 3.x, SSB 4 LTS includes a newer version of the OpenSSH application. The /etc/ssh/ssh_known_hosts file on SSB contains a line that the newer version of OpenSSH considers invalid, and ignores the known_hosts file. As a result, if you have two SSB nodes in high-availability mode, SSB cannot access the other node using SSH to upgrade its firmware. Although the problem does not cause any issues on a standalone SSB, you are recommended to execute the script even if you do not use SSB in high-availability mode.
How to solve the problem
To solve the problem, complete the following steps.
1. Login to the SSB web interface and navigate to the 'Basic Settings > Management > SSH settings' page.
2. Verify that the 'Enable remote SSH access' option is enabled.
If you cannot access SSB using SSH, you will need to access SSB from a local console.
3. Download the script from https://www.balabit.com/downloads/files/ssb/4.0.1/source/ssb-4.0.x-upgrade-ssh_known_hosts.sh to your computer.
4. Issue the ssb-4.0.x-upgrade-ssh_known_hosts.sh <SSB-hostname-or-ipaddress> command to execute the script (replace <SSB-hostname-or-ipaddress> with the IP address or hostname of your SSB).
* If remote SSH access to SSB is enabled, you can execute the script from your local computer, or any other computer that can access SSB and can execute Shell scripts. If you are running Microsoft Windows, you can download the WinSCP utility from http://winscp.net/, copy the script to SSB, login to SSB using an SSH client (or the IPMI console), and execute the script locally.
* If you cannot remotely access SSB, you can execute the script locally on SSB. In this case, use 127.0.0.1 as <SSB-hostname-or-ipaddress>.
6. If needed, enter the password. (The script will require the password at least once.)
7. The script automatically corrects the ssh_known_hosts file on the SSB found at <SSB-hostname-or-ipaddress>, and also on the other node if it is running in high-availability mode.
What happens if you do not execute the script
If you upgrade an SSB HA without correcting the known_hosts file, SSB will not be able to synchronize data between the two nodes, requiring the secondary node to be reinstalled, and all data re-synchronized.
For details on the issues corrected in this release, see our issue
tracking page at https://my.balabit.com/fixed-bugs/revision/ssb
Firmwares and other files for syslog-ng Store Box are available at:
The documentation of the syslog-ng Store Box is available in
The syslog-ng Store Box Administrator Guide at
BalaBit IT Security
Read more »