rpms/audit/devel audit-1.7.1-lsb-headers.patch, NONE, 1.1 audit-1.7.1-overflow.patch, NONE, 1.1 audit.spec, 1.167, 1.168

Tue Apr 1 16:34:11 UTC 2008

Author: sgrubb

Update of /cvs/pkgs/rpms/audit/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6460

Modified Files:
	audit.spec 
Added Files:
	audit-1.7.1-lsb-headers.patch audit-1.7.1-overflow.patch 
Log Message:
* Tue Apr 01 2008 Steve Grubb <sgrubb at redhat.com> 1.7-2
- Remove LSB headers from init scripts
- Fix buffer overflow in audit_log_user_command again


audit-1.7.1-lsb-headers.patch:

--- NEW FILE audit-1.7.1-lsb-headers.patch ---
diff -ur audit-1.6.10.orig/init.d/auditd.init audit-1.6.10/init.d/auditd.init
--- audit-1.6.10.orig/init.d/auditd.init	2008-03-27 10:53:28.000000000 -0400
+++ audit-1.6.10/init.d/auditd.init	2008-03-27 14:17:10.000000000 -0400
@@ -23,16 +23,6 @@
 # 6 - program is not configured
 # 7 - program is not running
 #
-### BEGIN INIT INFO
-# Provides: audit
-# Required-Start: $syslog $local_fs
-# Required-Stop: $syslog $local_fs
-# Should-Start: $network
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: audit daemon
-# Description: The audit daemon collects system security events
-### END INIT INFO
 
 
 PATH=/sbin:/bin:/usr/bin:/usr/sbin

audit-1.7.1-overflow.patch:

--- NEW FILE audit-1.7.1-overflow.patch ---
diff -urp audit-1.7/lib/audit_logging.c audit-1.7.1/lib/audit_logging.c
--- audit-1.7/lib/audit_logging.c	2008-03-27 11:11:34.000000000 -0400
+++ audit-1.7.1/lib/audit_logging.c	2008-04-01 11:55:41.000000000 -0400
@@ -653,8 +653,10 @@ int audit_log_user_command(int audit_fd,
 	}
 
 	p = cmd;
-	strncpy(commname, cmd, PATH_MAX);
-	commname[PATH_MAX] = 0;
+	if (len >= PATH_MAX) {
+		cmd[PATH_MAX] = 0;
+		len = PATH_MAX-1;
+	}
 	while (*p) {
 		if (*p == '"' || *p < 0x21 || (unsigned)*p > 0x7f) {
 			_audit_c2x(commname, cmd, len);


Index: audit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/audit/devel/audit.spec,v
retrieving revision 1.167
retrieving revision 1.168
diff -u -r1.167 -r1.168
--- audit.spec	30 Mar 2008 19:18:35 -0000	1.167
+++ audit.spec	1 Apr 2008 16:33:34 -0000	1.168
@@ -1,5 +1,5 @@
 %define sca_version 0.4.6
-%define sca_release 2
+%define sca_release 3
 %define selinux_variants mls strict targeted
 %define selinux_policyver 3.2.5 
 %{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
@@ -7,11 +7,13 @@
 Summary: User space tools for 2.6 kernel auditing
 Name: audit
 Version: 1.7
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2+
 Group: System Environment/Daemons
 URL: http://people.redhat.com/sgrubb/audit/
 Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
+Patch1: audit-1.7.1-overflow.patch
+Patch2: audit-1.7.1-lsb-headers.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: gettext-devel intltool libtool swig python-devel
 BuildRequires: kernel-headers >= 2.6.18
@@ -95,6 +97,8 @@
 
 %prep
 %setup -q
+%patch1 -p1
+%patch2 -p1
 mkdir zos-remote-policy
 cp -p audisp/plugins/zos-remote/policy/audispd-zos-remote.* zos-remote-policy
 
@@ -315,6 +319,10 @@
 %config(noreplace) %{_sysconfdir}/security/console.apps/system-config-audit-server
 
 %changelog
+* Tue Apr 01 2008 Steve Grubb <sgrubb at redhat.com> 1.7-2
+- Remove LSB headers from init scripts
+- Fix buffer overflow in audit_log_user_command again
+
 * Sun Mar 30 2008 Steve Grubb <sgrubb at redhat.com> 1.7-1
 - Handle user space avcs in prelude plugin
 - Fix watched account login detection for some failed login attempts


