Accepting request 910030 from security

- Update to version 3.0.3: * Dont interpret audit netlink groups unless AUDIT_NLGRP_MAX is defined * Add support for AUDIT_RESP_ORIGIN_UNBLOCK_TIMED to ids * Change auparse_feed_has_data in auparse to include incomplete events * Auditd, stop linking against -lrt * Add ProtectHome and RestrictRealtime to auditd.service * In auditd, read up to 3 netlink packets in a row * In auditd, do not validate path to plugin unless active * In auparse, only emit config errors when AUPARSE_DEBUG env variable exists - use https source urls - Update to version 3.0.3: * Dont interpret audit netlink groups unless AUDIT_NLGRP_MAX is defined * Add support for AUDIT_RESP_ORIGIN_UNBLOCK_TIMED to ids * Change auparse_feed_has_data in auparse to include incomplete events * Auditd, stop linking against -lrt * Add ProtectHome and RestrictRealtime to auditd.service * In auditd, read up to 3 netlink packets in a row * In auditd, do not validate path to plugin unless active * In auparse, only emit config errors when AUPARSE_DEBUG env variable exists - use https source urls OBS-URL: https://build.opensuse.org/request/show/910030 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=95
2021-08-07 15:57:08 +00:00 · 2021-08-07 15:57:08 +00:00 · cdf3fa9c76
commit cdf3fa9c76
parent 42d0a5fa7c d083951a31
7 changed files with 38 additions and 10 deletions
--- a/audit-3.0.2.tar.gz
+++ b/audit-3.0.2.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:18ae558900eb1c85a8d68c42f70f8e71a8f763c2c661ec8e89cccd26edc2d506
-size 1184356
--- a/audit-3.0.3.tar.gz
+++ b/audit-3.0.3.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:23777e1dc9a80a2ee06a4d442a6a0a9bcbf1ae7ee4b5738a220ff619738cc904
+size 1186684
--- a/audit-no-gss.patch
+++ b/audit-no-gss.patch
@ -18,5 +18,5 @@ but need manual removal here.
 -krb5_principal = auditd
 -##krb5_key_file = /etc/audit/audit.key
 distribute_network = no
- q_depth = 400
+ q_depth = 1200
 overflow_action = SYSLOG
--- a/audit-secondary.changes
+++ b/audit-secondary.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Fri Jul 30 18:14:14 CEST 2021 - Enzo Matsumiya <ematsumiya@suse.com>
+
+- Update to version 3.0.3:
+  * Dont interpret audit netlink groups unless AUDIT_NLGRP_MAX is defined
+  * Add support for AUDIT_RESP_ORIGIN_UNBLOCK_TIMED to ids
+  * Change auparse_feed_has_data in auparse to include incomplete events
+  * Auditd, stop linking against -lrt
+  * Add ProtectHome and RestrictRealtime to auditd.service
+  * In auditd, read up to 3 netlink packets in a row
+  * In auditd, do not validate path to plugin unless active
+  * In auparse, only emit config errors when AUPARSE_DEBUG env variable exists
+- use https source urls
+
 -------------------------------------------------------------------
 Mon Jun 14 20:54:49 CEST 2021 - Enzo Matsumiya <ematsumiya@suse.com>

--- a/audit-secondary.spec
+++ b/audit-secondary.spec
@ -22,13 +22,13 @@
 # The seperation is required to minimize unnecessary build cycles.
 %define 	_name audit
 Name:           audit-secondary
-Version:        3.0.2
+Version:        3.0.3
 Release:        0
 Summary:        Linux kernel audit subsystem utilities
 License:        GPL-2.0-or-later
 Group:          System/Monitoring
-URL:            http://people.redhat.com/sgrubb/audit/
-Source0:        http://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz
+URL:            https://people.redhat.com/sgrubb/audit/
+Source0:        https://people.redhat.com/sgrubb/audit/%{_name}-%{version}.tar.gz
 Source1:        system-group-audit.conf
 Patch1:         audit-plugins-path.patch
 Patch2:         audit-no-gss.patch
--- a/audit.changes
+++ b/audit.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Fri Jul 30 18:14:14 CEST 2021 - Enzo Matsumiya <ematsumiya@suse.com>
+
+- Update to version 3.0.3:
+  * Dont interpret audit netlink groups unless AUDIT_NLGRP_MAX is defined
+  * Add support for AUDIT_RESP_ORIGIN_UNBLOCK_TIMED to ids
+  * Change auparse_feed_has_data in auparse to include incomplete events
+  * Auditd, stop linking against -lrt
+  * Add ProtectHome and RestrictRealtime to auditd.service
+  * In auditd, read up to 3 netlink packets in a row
+  * In auditd, do not validate path to plugin unless active
+  * In auparse, only emit config errors when AUPARSE_DEBUG env variable exists
+- use https source urls
+
 -------------------------------------------------------------------
 Mon Jun 14 20:54:49 CEST 2021 - Enzo Matsumiya <ematsumiya@suse.com>

--- a/audit.spec
+++ b/audit.spec
@ -17,13 +17,13 @@


 Name:           audit
-Version:        3.0.2
+Version:        3.0.3
 Release:        0
 Summary:        Linux kernel audit subsystem utilities
 License:        GPL-2.0-or-later
 Group:          System/Monitoring
-URL:            http://people.redhat.com/sgrubb/audit/
-Source0:        http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
+URL:            https://people.redhat.com/sgrubb/audit/
+Source0:        https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
 Source1:        baselibs.conf
 Source2:        README-BEFORE-ADDING-PATCHES
 Patch0:         change-default-log_group.patch