rpm/audit
SHA256
1
0
Fork 0
forked from pool/audit
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=15

Browse Source
This commit is contained in:
OBS User unknown 2008-04-25 13:32:44 +00:00 committed by Git OBS Bridge
parent d2feff24ad
commit 348e0bd056
4 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
audit-bnc378725.patch Normal file
View File

@ -0,0 +1,29 @@
From: tonyj@suse.de
Subject: VUL-0: audit buffer overflow
References: BNC# 378725
Upstream: auditd 1.7.2
Bugtraq ID: 28524 Linux Audit Daemon 'audit_log_user_command()' Local Buffer
Overflow Vulnerability.
This problem was found in Fedora when sudo was modified to call
audit_log_user_command.
Fix backported from auditd v1.7.2
diff -urp audit-1.6.5.orig/lib/audit_logging.c audit-1.6.5/lib/audit_logging.c
--- audit-1.6.5.orig/lib/audit_logging.c 2008-04-01 16:33:34.000000000 -0400
+++ audit-1.6.5/lib/audit_logging.c 2008-04-01 16:34:12.000000000 -0400
@@ -652,7 +652,11 @@ int audit_log_user_command(int audit_fd,
}
p = cmd;
- strcpy(commname, cmd);
+ if (len >= PATH_MAX) {
+ cmd[PATH_MAX] = 0;
+ len = PATH_MAX-1;
+ }
+ strcpy(commname,cmd);
while (*p) {
if (*p == '"' || *p < 0x21 || (unsigned)*p > 0x7f) {
_audit_c2x(commname, cmd, len);

2
audit-secondary.spec
View File

@ -18,7 +18,7 @@ Summary: Python Bindings for libaudit
License: GPL v2 or later License: GPL v2 or later
Group: System/Monitoring Group: System/Monitoring
Version: 1.6.8 Version: 1.6.8
Release: 3 Release: 4
Url: http://people.redhat.com/sgrubb/audit/ Url: http://people.redhat.com/sgrubb/audit/
Source0: audit-%{version}.tar.bz2 Source0: audit-%{version}.tar.bz2
Patch0: audit-no_sca.patch Patch0: audit-no_sca.patch

5
audit.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Wed Apr 23 14:17:17 CEST 2008 - tonyj@suse.de
- Fix for bnc#378725 VUL-0: audit buffer overflow
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de

6
audit.spec
View File

@ -15,7 +15,7 @@ Name: audit
BuildRequires: gcc-c++ BuildRequires: gcc-c++
Summary: User Space Tools for 2.6 Kernel Auditing Summary: User Space Tools for 2.6 Kernel Auditing
Version: 1.6.8 Version: 1.6.8
Release: 9 Release: 11
License: GPL v2 or later License: GPL v2 or later
Group: System/Monitoring Group: System/Monitoring
Url: http://people.redhat.com/sgrubb/audit/ Url: http://people.redhat.com/sgrubb/audit/
@ -25,6 +25,7 @@ Source2: auditd.sysconfig
Patch0: audit-no_sca.patch Patch0: audit-no_sca.patch
Patch1: audit-no_python.patch Patch1: audit-no_python.patch
Patch2: audit-no_plugins.patch Patch2: audit-no_plugins.patch
Patch3: audit-bnc378725.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: %{name}-libs = %{version}-%{release} Requires: %{name}-libs = %{version}-%{release}
PreReq: %insserv_prereq %fillup_prereq PreReq: %insserv_prereq %fillup_prereq
@ -77,6 +78,7 @@ Authors:
%patch0 -p1 %patch0 -p1
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1
%build %build
autoreconf -fi autoreconf -fi
@ -198,6 +200,8 @@ fi
%ghost %config(noreplace) /var/log/audit/audit.log %ghost %config(noreplace) /var/log/audit/audit.log
%changelog %changelog
* Wed Apr 23 2008 tonyj@suse.de
- Fix for bnc#378725 VUL-0: audit buffer overflow
* Thu Apr 10 2008 ro@suse.de * Thu Apr 10 2008 ro@suse.de
- added baselibs.conf file to build xxbit packages - added baselibs.conf file to build xxbit packages
for multilib support for multilib support