Accepting request 765091 from security

Version update to version 2.8.5
Fix bz#1160384

OBS-URL: https://build.opensuse.org/request/show/765091
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=89

audit-2.8.4.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a410694d09fc5708d980a61a5abcb9633a591364f1ecc7e97ad5daef9c898c38
-size 1123889

audit-2.8.5.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7
+size 1140694

audit-allow-manual-stop.patch

@@ -13,10 +13,10 @@ SUSE since we lack the ability to use a custom stop/restart
 
 --- a/init.d/auditd.service
 +++ b/init.d/auditd.service
-@@ -7,7 +7,6 @@ DefaultDependencies=no
- After=local-fs.target systemd-tmpfiles-setup.service
- Conflicts=shutdown.target
+@@ -11,7 +11,6 @@
  Before=sysinit.target shutdown.target
+ ##Before=shutdown.target
+ Conflicts=shutdown.target
 -RefuseManualStop=yes
  ConditionKernelCommandLine=!audit=0
  Documentation=man:auditd(8) https://github.com/linux-audit/audit-documentation

audit-fno-common.patch

@@ -0,0 +1,24 @@
+From: Tony Jones <tonyj@suse.de>
+Subject: Resolve errors when compiling with -fno-common
+Git-commmit: 017e6c6ab95df55f34e339d2139def83e5dada1f
+References: bsc#1160384
+Upsteam: pending
+
+Header definitios need to be external when building with -fno-common (which
+is default in GCC 10).
+
+Fixes: ff25054df7ed
+Signed-off-by: Tony Jones <tonyj@suse.de>
+
+--- a/src/ausearch-common.h
++++ b/src/ausearch-common.h
+@@ -50,7 +50,7 @@ extern pid_t event_pid;
+ extern int event_exact_match;
+ extern uid_t event_uid, event_euid, event_loginuid;
+ extern const char *event_tuid, *event_teuid, *event_tauid;
+-slist *event_node_list;
++extern slist *event_node_list;
+ extern const char *event_comm;
+ extern const char *event_filename;
+ extern const char *event_hostname;
+

audit-secondary.changes

@@ -1,3 +1,46 @@
+-------------------------------------------------------------------
+Mon Jan 13 17:39:03 UTC 2020 - Tony Jones <tonyj@suse.com>
+
+- Update to version 2.6.5:
+  * Fix segfault on shutdown
+  * Fix hang on startup (#1587995)
+  * Add sleep to script to dump state so file is ready when needed
+  * Add auparse_normalizer support for SOFTWARE_UPDATE event
+  * Mark netlabel events as simple events so that get processed quicker
+  * When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833)
+  * Add 30-ospp-v42.rules to meet new Common Criteria requirements
+  * Update lookup tables for the 4.18 kernel
+  * In aureport, fix segfault in file report
+  * Add auparse_normalizer support for labeled networking events
+  * Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194)
+  * Event aging is off by a second
+  * In ausearch/auparse, correct event ordering to process oldest first
+  * auparse_reset was not clearing everything it should
+  * Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events
+  * In ausearch/report, lightly parse selinux portion of USER_AVC events
+  * In ausearch/report, limit record size when malformed
+  * In auditd, fix extract_type function for network originating events
+  * In auditd, calculate right size and location for network originating events
+  * Treat all network originating events as VER2 so dispatcher doesn't format it
+  * In audisp-remote do an initial connection attempt (#1625156)
+  * In auditd, allow expression of space left as a percentage (#1650670)
+  * On PPC64LE systems, only allow 64 bit rules (#1462178)
+  * Make some parts of auditd state report optional based on config
+  * Fix ausearch when checkpointing a single file (Burn Alting)
+  * Fix scripting in 31-privileged.rules wrt filecap (#1662516)
+  * In ausearch, do not checkpt if stdin is input source
+  * In libev, remove __cold__ attribute for functions to allow proper hardening
+  * Add tests to configure.ac for openldap support
+  * Make systemd support files use /run rather than /var/run (Christian Hesse)
+  * Fix minor memory leak in auditd kerberos credentials code
+  * Fix auditd regression where keep_logs is limited by rotate_logs 2 file test
+  * In ausearch/report fix --end to use midnight time instead of now (#1671338)
+
+- Fix build errors when using gcc-10 no-common default (bsc#1160384)
+  New patch: audit-fno-common.patch
+
+- Refresh audit-allow-manual-stop.patch
+
 -------------------------------------------------------------------
 Thu Mar 21 10:32:43 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
 

audit-secondary.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package audit-secondary
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -22,18 +22,19 @@
 # The seperation is required to minimize unnecessary build cycles.
 %define 	_name audit
 Name:           audit-secondary
-Version:        2.8.4
+Version:        2.8.5
 Release:        0
 Summary:        Linux kernel audit subsystem utilities
 License:        GPL-2.0-or-later
 Group:          System/Monitoring
-Url:            http://people.redhat.com/sgrubb/audit/
+URL:            http://people.redhat.com/sgrubb/audit/
 Source0:        http://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz
 Patch1:         audit-plugins-path.patch
 Patch2:         audit-no-gss.patch
 Patch3:         audit-allow-manual-stop.patch
 Patch4:         audit-ausearch-do-not-require-tclass.patch
 Patch5:         audit-python3.patch
+Patch6:         audit-fno-common.patch
 BuildRequires:  audit-devel = %{version}
 BuildRequires:  autoconf >= 2.12
 BuildRequires:  gcc-c++
@@ -112,6 +113,7 @@ rm -rf audisp/plugins/prelude
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 
 %if %{without python2} && %{with python3}
 # Fix python env call in tests if we only have Python3.

audit.changes

@@ -1,3 +1,44 @@
+-------------------------------------------------------------------
+Mon Jan 13 17:39:03 UTC 2020 - Tony Jones <tonyj@suse.com>
+
+- Update to version 2.6.5:
+  * Fix segfault on shutdown
+  * Fix hang on startup (#1587995)
+  * Add sleep to script to dump state so file is ready when needed
+  * Add auparse_normalizer support for SOFTWARE_UPDATE event
+  * Mark netlabel events as simple events so that get processed quicker
+  * When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833)
+  * Add 30-ospp-v42.rules to meet new Common Criteria requirements
+  * Update lookup tables for the 4.18 kernel
+  * In aureport, fix segfault in file report
+  * Add auparse_normalizer support for labeled networking events
+  * Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194)
+  * Event aging is off by a second
+  * In ausearch/auparse, correct event ordering to process oldest first
+  * auparse_reset was not clearing everything it should
+  * Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events
+  * In ausearch/report, lightly parse selinux portion of USER_AVC events
+  * In ausearch/report, limit record size when malformed
+  * In auditd, fix extract_type function for network originating events
+  * In auditd, calculate right size and location for network originating events
+  * Treat all network originating events as VER2 so dispatcher doesn't format it
+  * In audisp-remote do an initial connection attempt (#1625156)
+  * In auditd, allow expression of space left as a percentage (#1650670)
+  * On PPC64LE systems, only allow 64 bit rules (#1462178)
+  * Make some parts of auditd state report optional based on config
+  * Fix ausearch when checkpointing a single file (Burn Alting)
+  * Fix scripting in 31-privileged.rules wrt filecap (#1662516)
+  * In ausearch, do not checkpt if stdin is input source
+  * In libev, remove __cold__ attribute for functions to allow proper hardening
+  * Add tests to configure.ac for openldap support
+  * Make systemd support files use /run rather than /var/run (Christian Hesse)
+  * Fix minor memory leak in auditd kerberos credentials code
+  * Fix auditd regression where keep_logs is limited by rotate_logs 2 file test
+  * In ausearch/report fix --end to use midnight time instead of now (#1671338)
+
+- Remote zos building is now a configurable option.  
+  It should be disabled in audit (and left enabled in audit-secondary).
+
 -------------------------------------------------------------------
 Thu Mar 21 10:33:03 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
 

audit.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package audit
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,12 +17,12 @@
 
 
 Name:           audit
-Version:        2.8.4
+Version:        2.8.5
 Release:        0
 Summary:        Linux kernel audit subsystem utilities
 License:        GPL-2.0-or-later
 Group:          System/Monitoring
-Url:            http://people.redhat.com/sgrubb/audit/
+URL:            http://people.redhat.com/sgrubb/audit/
 Source0:        http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
 Source1:        baselibs.conf
 Source2:        README-BEFORE-ADDING-PATCHES
@@ -87,7 +87,8 @@ export LDFLAGS="-Wl,-z,relro,-z,now"
 	--with-libwrap \
 	--without-libcap-ng \
 	--disable-static \
-	--without-python
+	--without-python \
+	--disable-zos-remote
 make %{?_smp_mflags} -C lib
 make %{?_smp_mflags} -C auparse
 make %{?_smp_mflags} -C docs