rpms/audit/devel audit-1.7.1-lsb-headers.patch, NONE, 1.1 audit-1.7.1-overflow.patch, NONE, 1.1 audit.spec, 1.167, 1.168
Steve Grubb (sgrubb)
fedora-extras-commits at redhat.com
Tue Apr 1 16:34:11 UTC 2008
Author: sgrubb
Update of /cvs/pkgs/rpms/audit/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6460
Modified Files:
audit.spec
Added Files:
audit-1.7.1-lsb-headers.patch audit-1.7.1-overflow.patch
Log Message:
* Tue Apr 01 2008 Steve Grubb <sgrubb at redhat.com> 1.7-2
- Remove LSB headers from init scripts
- Fix buffer overflow in audit_log_user_command again
audit-1.7.1-lsb-headers.patch:
--- NEW FILE audit-1.7.1-lsb-headers.patch ---
diff -ur audit-1.6.10.orig/init.d/auditd.init audit-1.6.10/init.d/auditd.init
--- audit-1.6.10.orig/init.d/auditd.init 2008-03-27 10:53:28.000000000 -0400
+++ audit-1.6.10/init.d/auditd.init 2008-03-27 14:17:10.000000000 -0400
@@ -23,16 +23,6 @@
# 6 - program is not configured
# 7 - program is not running
#
-### BEGIN INIT INFO
-# Provides: audit
-# Required-Start: $syslog $local_fs
-# Required-Stop: $syslog $local_fs
-# Should-Start: $network
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: audit daemon
-# Description: The audit daemon collects system security events
-### END INIT INFO
PATH=/sbin:/bin:/usr/bin:/usr/sbin
audit-1.7.1-overflow.patch:
--- NEW FILE audit-1.7.1-overflow.patch ---
diff -urp audit-1.7/lib/audit_logging.c audit-1.7.1/lib/audit_logging.c
--- audit-1.7/lib/audit_logging.c 2008-03-27 11:11:34.000000000 -0400
+++ audit-1.7.1/lib/audit_logging.c 2008-04-01 11:55:41.000000000 -0400
@@ -653,8 +653,10 @@ int audit_log_user_command(int audit_fd,
}
p = cmd;
- strncpy(commname, cmd, PATH_MAX);
- commname[PATH_MAX] = 0;
+ if (len >= PATH_MAX) {
+ cmd[PATH_MAX] = 0;
+ len = PATH_MAX-1;
+ }
while (*p) {
if (*p == '"' || *p < 0x21 || (unsigned)*p > 0x7f) {
_audit_c2x(commname, cmd, len);
Index: audit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/audit/devel/audit.spec,v
retrieving revision 1.167
retrieving revision 1.168
diff -u -r1.167 -r1.168
--- audit.spec 30 Mar 2008 19:18:35 -0000 1.167
+++ audit.spec 1 Apr 2008 16:33:34 -0000 1.168
@@ -1,5 +1,5 @@
%define sca_version 0.4.6
-%define sca_release 2
+%define sca_release 3
%define selinux_variants mls strict targeted
%define selinux_policyver 3.2.5
%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
@@ -7,11 +7,13 @@
Summary: User space tools for 2.6 kernel auditing
Name: audit
Version: 1.7
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: System Environment/Daemons
URL: http://people.redhat.com/sgrubb/audit/
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
+Patch1: audit-1.7.1-overflow.patch
+Patch2: audit-1.7.1-lsb-headers.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: gettext-devel intltool libtool swig python-devel
BuildRequires: kernel-headers >= 2.6.18
@@ -95,6 +97,8 @@
%prep
%setup -q
+%patch1 -p1
+%patch2 -p1
mkdir zos-remote-policy
cp -p audisp/plugins/zos-remote/policy/audispd-zos-remote.* zos-remote-policy
@@ -315,6 +319,10 @@
%config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
%changelog
+* Tue Apr 01 2008 Steve Grubb <sgrubb at redhat.com> 1.7-2
+- Remove LSB headers from init scripts
+- Fix buffer overflow in audit_log_user_command again
+
* Sun Mar 30 2008 Steve Grubb <sgrubb at redhat.com> 1.7-1
- Handle user space avcs in prelude plugin
- Fix watched account login detection for some failed login attempts
More information about the fedora-extras-commits
mailing list