From 348e0bd05605589e72ed578660b191fc219ca006fc40a6185cf794b9f8d3c5ed Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Fri, 25 Apr 2008 13:32:44 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=15 --- audit-bnc378725.patch | 29 +++++++++++++++++++++++++++++ audit-secondary.spec | 2 +- audit.changes | 5 +++++ audit.spec | 6 +++++- 4 files changed, 40 insertions(+), 2 deletions(-) create mode 100644 audit-bnc378725.patch diff --git a/audit-bnc378725.patch b/audit-bnc378725.patch new file mode 100644 index 0000000..ca2f91b --- /dev/null +++ b/audit-bnc378725.patch @@ -0,0 +1,29 @@ +From: tonyj@suse.de +Subject: VUL-0: audit buffer overflow +References: BNC# 378725 +Upstream: auditd 1.7.2 + +Bugtraq ID: 28524 Linux Audit Daemon 'audit_log_user_command()' Local Buffer +Overflow Vulnerability. + +This problem was found in Fedora when sudo was modified to call +audit_log_user_command. + +Fix backported from auditd v1.7.2 + +diff -urp audit-1.6.5.orig/lib/audit_logging.c audit-1.6.5/lib/audit_logging.c +--- audit-1.6.5.orig/lib/audit_logging.c 2008-04-01 16:33:34.000000000 -0400 ++++ audit-1.6.5/lib/audit_logging.c 2008-04-01 16:34:12.000000000 -0400 +@@ -652,7 +652,11 @@ int audit_log_user_command(int audit_fd, + } + + p = cmd; +- strcpy(commname, cmd); ++ if (len >= PATH_MAX) { ++ cmd[PATH_MAX] = 0; ++ len = PATH_MAX-1; ++ } ++ strcpy(commname,cmd); + while (*p) { + if (*p == '"' || *p < 0x21 || (unsigned)*p > 0x7f) { + _audit_c2x(commname, cmd, len); diff --git a/audit-secondary.spec b/audit-secondary.spec index 2ab5e5b..8899ad6 100644 --- a/audit-secondary.spec +++ b/audit-secondary.spec @@ -18,7 +18,7 @@ Summary: Python Bindings for libaudit License: GPL v2 or later Group: System/Monitoring Version: 1.6.8 -Release: 3 +Release: 4 Url: http://people.redhat.com/sgrubb/audit/ Source0: audit-%{version}.tar.bz2 Patch0: audit-no_sca.patch diff --git a/audit.changes b/audit.changes index 1693020..f87bb10 100644 --- a/audit.changes +++ b/audit.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Apr 23 14:17:17 CEST 2008 - tonyj@suse.de + +- Fix for bnc#378725 VUL-0: audit buffer overflow + ------------------------------------------------------------------- Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de diff --git a/audit.spec b/audit.spec index ba8e376..3fcb674 100644 --- a/audit.spec +++ b/audit.spec @@ -15,7 +15,7 @@ Name: audit BuildRequires: gcc-c++ Summary: User Space Tools for 2.6 Kernel Auditing Version: 1.6.8 -Release: 9 +Release: 11 License: GPL v2 or later Group: System/Monitoring Url: http://people.redhat.com/sgrubb/audit/ @@ -25,6 +25,7 @@ Source2: auditd.sysconfig Patch0: audit-no_sca.patch Patch1: audit-no_python.patch Patch2: audit-no_plugins.patch +Patch3: audit-bnc378725.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: %{name}-libs = %{version}-%{release} PreReq: %insserv_prereq %fillup_prereq @@ -77,6 +78,7 @@ Authors: %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 %build autoreconf -fi @@ -198,6 +200,8 @@ fi %ghost %config(noreplace) /var/log/audit/audit.log %changelog +* Wed Apr 23 2008 tonyj@suse.de +- Fix for bnc#378725 VUL-0: audit buffer overflow * Thu Apr 10 2008 ro@suse.de - added baselibs.conf file to build xxbit packages for multilib support