rpms/prelude-correlator/devel prelude-correlator-0.9.0-brute.patch, NONE, 1.1 prelude-correlator-0.9.0-signal.patch, NONE, 1.1 prelude-correlator.spec, 1.4, 1.5

[Steve Grubb]

Author: sgrubb

Update of /cvs/pkgs/rpms/prelude-correlator/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv31914

Modified Files:
	prelude-correlator.spec 
Added Files:
	prelude-correlator-0.9.0-brute.patch 
	prelude-correlator-0.9.0-signal.patch 
Log Message:
* Sat Dec 05 2008 Steve Grubb <sgrubb at fedoraproject.org> 0.9.0-0.5.beta3
- Fix bz#469824 Correct brute force correlation rules
- Add signal header to prelude-correlator.c so it builds correctly
- Include unowned /usr/include/prelude-correlator directory


prelude-correlator-0.9.0-brute.patch:

--- NEW FILE prelude-correlator-0.9.0-brute.patch ---
diff -urp prelude-correlator-0.9.0-beta3.orig/plugins/lua/ruleset/brute-force.lua prelude-correlator-0.9.0-beta3/plugins/lua/ruleset/brute-force.lua
--- prelude-correlator-0.9.0-beta3.orig/plugins/lua/ruleset/brute-force.lua	2008-12-06 10:02:53.000000000 -0500
+++ prelude-correlator-0.9.0-beta3/plugins/lua/ruleset/brute-force.lua	2008-12-06 10:05:21.000000000 -0500
@@ -67,8 +67,8 @@ if is_failed_auth and userid then
         if ctx:CheckAndDecThreshold() then
             ctx:set("alert.classification.text", "Brute force attack")
             ctx:set("alert.correlation_alert.name", "Multiple failed login")
-            ctx:set("alert.impact.severity", "high")
-            ctx:set("alert.impact.description", "Multiple failed attempts have been made to login to a user account")
+            ctx:set("alert.assessment.impact.severity", "high")
+            ctx:set("alert.assessment.impact.description", "Multiple failed attempts have been made to login to a user account")
 
             ctx:alert()
             ctx:del()

prelude-correlator-0.9.0-signal.patch:

--- NEW FILE prelude-correlator-0.9.0-signal.patch ---
diff -urp prelude-correlator-0.9.0-beta3.orig/src/prelude-correlator.c prelude-correlator-0.9.0-beta3/src/prelude-correlator.c
--- prelude-correlator-0.9.0-beta3.orig/src/prelude-correlator.c	2008-12-06 10:02:53.000000000 -0500
+++ prelude-correlator-0.9.0-beta3/src/prelude-correlator.c	2008-12-06 10:03:40.000000000 -0500
@@ -25,6 +25,7 @@
 
 #include <stdlib.h>
 #include <string.h>
+#include <signal.h>
 
 #include <libprelude/prelude.h>
 #include <libprelude/prelude-log.h>


Index: prelude-correlator.spec
===================================================================
RCS file: /cvs/pkgs/rpms/prelude-correlator/devel/prelude-correlator.spec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- prelude-correlator.spec	4 Dec 2008 17:12:02 -0000	1.4
+++ prelude-correlator.spec	6 Dec 2008 15:12:53 -0000	1.5
@@ -3,7 +3,7 @@
 
 Name: prelude-correlator
 Version: 0.9.0
-Release: 0.4.%{prelude_rel}%{?dist}
+Release: 0.5.%{prelude_rel}%{?dist}
 Summary: Real time correlator of events received by Prelude Manager
 
 Group: Applications/Internet
@@ -11,6 +11,8 @@
 URL: http://www.prelude-ids.com
 Source0: http://www.prelude-ids.com/download/releases/prelude-correlator/%{name}-%{version}-%{prelude_rel}.tar.gz
 Source1: prelude-correlator.init
+Patch1: prelude-correlator-0.9.0-brute.patch
+Patch2: prelude-correlator-0.9.0-signal.patch
 
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) 
 BuildRequires: libprelude-devel
@@ -45,6 +47,8 @@
 
 %prep
 %setup -q -n %{name}-%{version}-%{prelude_rel}
+%patch1 -p1
+%patch2 -p1
 
 %build
 %configure 
@@ -101,8 +105,10 @@
 
 
 %changelog
-* Thu Dec  4 2008 Michael Schwendt <mschwendt at fedoraproject.org> 0.9.0-0.4.beta3
-- Include unowned /usr/include/prelude-correlator directory.
+* Sat Dec 05 2008 Steve Grubb <sgrubb at fedoraproject.org> 0.9.0-0.5.beta3
+- Fix bz#469824 Correct brute force correlation rules
+- Add signal header to prelude-correlator.c so it builds correctly
+- Include unowned /usr/include/prelude-correlator directory
 
 *Fri Jul 11 2008 Steve Grubb <sgrubb at redhat.com> 0.9.0-0.3.beta3
 - New beta release