#996246 syslog-ng: Spams /var/log/syslog with 100 MB of "Destination timeout has elapsed, closing connection" per day after upgrade from Buster to Bullseye

Package:
syslog-ng
Source:
syslog-ng
Submitter:
Axel Beckert
Date:
2023-03-15 04:36:03 UTC
Severity:
important
Tags:
#996246#5
Date:
2021-10-12 13:55:33 UTC
From:
To:
Dear Syslog-NG Maintainers,

I've run in an annoying bug with syslog-ng in Debian 11 Bullseye which
is already fixed upstream in version 3.30:

   * What led up to the situation?

Upgrading a high-traffic syslog-ng server from Debian Buster to Bullseye.

   * What exactly did you do (or not do) that was effective (or
     ineffective)?

We did not change any of the configuration except what the package
changes (and which was untouched by us).

   * What was the outcome of this action?

About 100 MB of /var/log/syslog within 24h (the upgrade was
on 13:30 UTC yesterday):

#996246#12
Date:
2021-10-12 16:41:44 UTC
From:
To:
Hi,

Axel Beckert wrote:

I've prepared a potential stable update at
https://github.com/xtaran/syslog-ng-debian/tree/debian/bullseye in
commit
https://github.com/xtaran/syslog-ng-debian/commit/4b508ba601f16b11378886f2626016816dcf0e2a

The patch is attached as well.

I'm now running this in production. It still has the "~abe1" suffix in
the version number (i.e. debian/changelog) in git so that any
potential security update overrides my local bugfix.

If you want to use this as real stable update, you need to remove that
safety guard suffix at least. Feel free to also bump the changelog
entry signature and replace "* Non-maintainer upload" with "[ Axel
Beckert ]".

Wanted to do a pull request for this, but Github doesn't seem to allow
pull requests which create new branches. And this shouldn't go into
any existing branch. So you need to pull or cherry-pick this on your
own into a debian/bullseye (or similar) branch.

The Stable Release Managers likely want to see that patch in Debian
Testing first, so you should probably start with updating Debian
Unstable to the latest upstream stable release and wait for that to
migrate to testing, before uploading any stable update package.

Thanks in advance for your consideration.

		Regards, Axel