forked from pool/audit
a017b9810d
Copy from security/audit based on submit request 29108 from user msmeissn OBS-URL: https://build.opensuse.org/request/show/29108 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audit?expand=0&rev=31
579 lines
23 KiB
Plaintext
579 lines
23 KiB
Plaintext
-------------------------------------------------------------------
|
|
Sun Dec 13 15:39:09 CET 2009 - jengelh@medozas.de
|
|
|
|
- add baselibs.conf as a source
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 3 19:11:33 UTC 2009 - coolo@novell.com
|
|
|
|
- updated patches to apply with fuzz=0
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 28 16:23:29 CEST 2009 - crrodriguez@suse.de
|
|
|
|
- do not package static libraries
|
|
- fix -devel package dependencies
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jun 20 12:33:00 CEST 2009 - cmorve69@yahoo.es
|
|
|
|
- fixed build with --as-needed
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 19 10:35:46 CEST 2009 - coolo@novell.com
|
|
|
|
- disable as-needed for this package as it fails to build with it
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 11 17:20:28 CEST 2009 - tonyj@suse.de
|
|
|
|
- Update from 1.7.7 to 1.7.13.
|
|
- Redhat changelog for 1.7.8 - 1.7.13 follows:
|
|
* Tue Apr 21 2009 Steve Grubb <sgrubb@redhat.com> 1.7.13-1
|
|
- Disable libev asserts unless --with-debug passed to configure
|
|
- Handle kernel 2.6.29's audit = 0 boot parameter better
|
|
- Install audit.py file in arch specific python directory (Dan Walsh)
|
|
- Fix problem with negative uids in audit rules on 32 bit systems
|
|
- When file type is unknown, output octal for mode field (Miloslav Trmač)
|
|
- Update tty keystroke interpretations (Miloslav Trmač)
|
|
|
|
* Tue Feb 24 2009 Steve Grubb <sgrubb@redhat.com> 1.7.12-1
|
|
- Add definitions for crypto events
|
|
- Fix regression where msgtype couldn't be used as a range in audit rules
|
|
- In libaudit, extend time spent checking reply
|
|
- In acct events, prefer id over acct if given
|
|
- In aulast, try id and acct in USER_LOGIN events
|
|
- When in immutable mode, have auditctl tell user instead of sending rules
|
|
- Add option to sysconfig to disable audit system on auditd stop
|
|
- Add tcp_wrappers config option to auditd
|
|
- Aulastlog can now take input from stdin
|
|
- Update libaudit python bindings to throw exceptions on error
|
|
- Adjust formatting of TTY data in libauparse to be like ausearch/report
|
|
- Add more key mappings to TTY interpretations
|
|
- Add internal queue to audisp-remote
|
|
- Fix failure action code to allow executables in audisp-remote (Chu Li)
|
|
- Fix memory leak when NOLOG log_format option given to auditd
|
|
- Quieten some of the reconnect text being sent to syslog in audisp-remote
|
|
- Apply some libev fixups to auditd
|
|
- Cleanup shutdown sequence of auditd
|
|
- Allow auditd log rotation via SIGUSR1 when NOLOG log format option given
|
|
|
|
* Sat Jan 10 2009 Steve Grubb <sgrubb@redhat.com> 1.7.11-1
|
|
- Don't error out in auditd when calling setsid
|
|
- Reformat a couple auditd error messages (Oden Eriksson)
|
|
- If log rotate fails, leave the old log writable
|
|
- Fixed bug in setting up auditd event loop when listening
|
|
- Warn if on biarch machine and auditctl rules show a syscall mismatch
|
|
- Audisp-remote was not parsing some config options correctly
|
|
- In auparse, check for single key in addition to virtual keys
|
|
- When auditd shuts down, send AUDIT_RMW_TYPE_ENDING messages to clients
|
|
- Created reconnect option to remote ending setting of audisp-remote
|
|
|
|
* Sat Dec 13 2008 Steve Grubb <sgrubb@redhat.com> 1.7.10-1
|
|
- Fix ausearch and aureport to handle out of order events
|
|
- Add line-buffer option to ausearch & timeout pipe input (Tony Jones)
|
|
- Add support in ausearch/report for tty data
|
|
- In audisp-remote, allow the keyword "any" for local_port
|
|
- Tighten parsing for -m and -w options in auditctl
|
|
- Add session query hint for aulast proof
|
|
- Fix audisp-remote to tolerate krb5 config options when not supported
|
|
- Created new aureport option for tty keystroke report
|
|
- audispd should detect backup config files and not use them
|
|
- When checking for ack in netlink interface, retry on EAGAIN a few times
|
|
- In aureport, fix mods report to show acct acted upon
|
|
|
|
* Wed Nov 05 2008 Steve Grubb <sgrubb@redhat.com> 1.7.9-1
|
|
- Fix uninitialized variable in aureport causing segfault
|
|
- Quieten down the gssapi not supported messages
|
|
- Fix bug interpretting i386 logs on x86_64 machines
|
|
- If kernel is in immutable mode, auditd should not send enable command
|
|
- Fix ausearch/report recent and now time keyword lookups
|
|
- Created aulast program
|
|
- prelude plugin should pull auid for login alert from 2nd uid field
|
|
- Add system boot, shutdown, and run level change events
|
|
- Add max_restarts to audispd.conf to limit times a plugin is restarted
|
|
- Expand session detection in ausearch
|
|
|
|
* Wed Oct 22 2008 Steve Grubb <sgrubb@redhat.com> 1.7.8-1
|
|
- Interpret TTY audit data in auparse (Miloslav Trmač)
|
|
- Extract terminal from USER_AVC events for ausearch/report (Peng Haitao)
|
|
- Add USER_AVCs to aureport's avc reporting (Peng Haitao)
|
|
- Short circuit hostname resolution in libaudit if host is empty
|
|
- If log_group and user are not root, don't check dispatcher perms
|
|
- Fix a bug when executing "ausearch -te today PM"
|
|
- Add --exit search option to ausearch
|
|
- Fix parsing config file when kerberos is disabled
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Apr 14 14:52:39 CEST 2009 - dmueller@suse.de
|
|
|
|
- refresh patches
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 10 12:34:56 CET 2008 - olh@suse.de
|
|
|
|
- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
|
|
(bnc#437293)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 5 02:30:03 CET 2008 - tonyj@suse.de
|
|
|
|
- Revision to previous fix for bnc#445353.
|
|
These should go into SLES11 RC1.
|
|
1) Add --line-buffered option to limit when stdout is flushed (performance).
|
|
2) Testing found a related bug where (if input is a pipe) the last logical
|
|
record would permanently be queued waiting for a subsequent record indicating
|
|
end of the previous. This subsequent record may never arrive. Timer is
|
|
now run causing this record to be flushed if no new record arrives within
|
|
timeout. This fix is upstream also.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 21 08:45:03 CET 2008 - tonyj@suse.de
|
|
|
|
- Force ausearch to flush stdout if pipe (bnc#445353)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Oct 30 12:34:56 CET 2008 - olh@suse.de
|
|
|
|
- obsolete old -XXbit packages (bnc#437293)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 26 23:27:59 CEST 2008 - tonyj@suse.de
|
|
|
|
- Update from 1.7.4 to 1.7.7. GSS support disabled for present
|
|
- Redhat changelog for 1.7.5 - 1.7.7 follows:
|
|
* Wed Sep 11 2008 Steve Grubb <sgrubb@redhat.com> 1.7.7-1
|
|
- Bug fixes for gss code in remote logging (DJ Delorie)
|
|
- Fix ausearch -i to keep the node field in the output
|
|
- ausyscall now does strstr match on syscall names
|
|
- Makefile cleanup (Philipp Hahn)
|
|
- Add watched syscall support to audisp-prelude
|
|
- Use the right define for tcp_wrappers in auditd
|
|
- Expose encoding API for fields being logged from user space
|
|
|
|
* Wed Sep 11 2008 Steve Grubb <sgrubb@redhat.com> 1.7.6-1
|
|
- Update event record list and aureport classifications (Yu Zhiguo/Peng Haitao)
|
|
- Add subject to audit daemon events (Chu Li)
|
|
- Fix parsing of acct & exe fields in user records (Peng Haitao)
|
|
- Make client error handling in audisp-remote robust (DJ Delorie)
|
|
- Add tcp_wrappers support for auditd
|
|
- Updated syscall tables for 2.6.27 kernel
|
|
- Add heartbeat exchange to remote logging protocol (DJ Delorie)
|
|
- Audit connect/disconnect of remote clients
|
|
- In ausearch, collect pid from AVC records (Peng Haitao)
|
|
- Add auparse_get_field_type function to describe field's contents
|
|
- Add GSS/Kerberos encryption to the remote protocol (DJ Delorie)
|
|
|
|
* Mon Aug 25 2008 Steve Grubb <sgrubb@redhat.com> 1.7.5-1
|
|
- Update system-config-audit to 0.4.8
|
|
- Whole lot of bug fixes - see ChangeLog for details
|
|
- Reimplement auditd main loop using libev
|
|
- Add TCP listener to auditd to receive remote events
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 5 03:13:56 CEST 2008 - tonyj@suse.de
|
|
|
|
- Remove audit rules on audit stop (bnc#409093)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 25 01:50:54 CEST 2008 - tonyj@suse.de
|
|
|
|
- Update from 1.7.2 to 1.7.4
|
|
- Redhat changelog for 1.7.3 - 1.7.4 follows:
|
|
* Mon May 19 2008 Steve Grubb <sgrubb@redhat.com> 1.7.4-1
|
|
- Fix interpreting of keys in syscall records
|
|
- Interpret audit rule config change list fields
|
|
- Don't error on name=(null) PATH records in ausearch/report
|
|
- Add key report to aureport
|
|
- Fix --end today to be now
|
|
- Added python bindings for auparse_goto_record_num
|
|
- Update system-config-audit to 0.4.7 (Miloslav Trmac)
|
|
- Add support for the filetype field option in auditctl
|
|
- In audispd boost priority after starting children
|
|
|
|
* Fri May 09 2008 Steve Grubb <sgrubb@redhat.com> 1.7.3-1
|
|
- Fix path processing in AVC records.
|
|
- auparse_find_field_next() wasn't resetting field ptr going to next record.
|
|
- auparse_find_field() wasn't checking current field before iterating
|
|
- cleanup some string handling in audisp-prelude plugin
|
|
- Update auditctl man page
|
|
- Fix output of keys in ausearch interpretted mode
|
|
- Fix ausearch/report --start now to not be reset to midnight
|
|
- Added auparse_goto_record_num function
|
|
- Prelude plugin now uses auparse_goto_record_num to avoid skipping a record
|
|
- audispd now has a priority boost config option
|
|
- Look for laddr in avcs reported via prelude
|
|
- Detect page 0 mmaps and alert via prelude
|
|
|
|
- Update from 1.6.8 to 1.7.2
|
|
- Complete fix for BNC# 378725
|
|
- Redhat changelog for 1.6.9-1.7.2 follows:
|
|
* Wed Apr 09 2008 Steve Grubb <sgrubb@redhat.com> 1.7.2-1
|
|
- gen_table.c now includes IPC defines to avoid glibc-headers wild goose chase
|
|
- ausyscall program added for cross referencing syscall name and number info
|
|
- Add login session ID search capability to ausearch
|
|
|
|
* Tue Apr 08 2008 Steve Grubb <sgrubb@redhat.com> 1.7.1-1
|
|
- Remove LSB headers info for init scripts
|
|
- Fix buffer overflow in audit_log_user_command, again (#438840)
|
|
- Fix memory leak in EOE code in auditd (#440075)
|
|
- In auditctl, don't use new operators in legacy rule format
|
|
- Made a couple corrections in alpha & x86_64 syscall tables (Miloslav Trmac)
|
|
- Add example STIG rules file
|
|
- Add string table lookup performance improvement patch (Miloslav Trmac)
|
|
- auparse_find_field_next performance improvement
|
|
|
|
* Sun Mar 30 2008 Steve Grubb <sgrubb@redhat.com> 1.7-1
|
|
- Improve input error handling in audispd
|
|
- Improve end of event detection in auparse library
|
|
- Improve handling of abstract namespaces
|
|
- Add test mode for prelude plugin
|
|
- Handle user space avcs in prelude plugin
|
|
- Audit event serial number now recorded in idmef alert
|
|
- Add --just-one option to ausearch
|
|
- Fix watched account login detection for some failed login attempts
|
|
- Couple fixups in audit logging functions (Miloslav Trmac)
|
|
- Add support in auditctl for virtual keys
|
|
- Added new type for user space MAC policy load events
|
|
- auparse_find_field_next was not iterating correctly, fixed it
|
|
- Add idmef alerts for access or execution of watched file
|
|
- Fix buffer overflow in audit_log_user_command
|
|
- Add basic remote logging plugin - only sends & no flow control
|
|
- Update ausearch with interpret fixes from auparse
|
|
|
|
* Sun Mar 09 2008 Steve Grubb <sgrubb@redhat.com> 1.6.9-1
|
|
- Apply hidden attribute cleanup patch (Miloslav Trmac)
|
|
- Apply auparse expression interface patch (Miloslav Trmac)
|
|
- Fix potential memleak in audit event dispatcher
|
|
- Change default audispd queue depth to 80
|
|
- Update system-config-audit to version 0.4.6 (Miloslav Trmac)
|
|
- audisp-prelude alerts now controlled by config file
|
|
- Updated syscall table for 2.6.25 kernel
|
|
- Apply patch correcting acct field being misencoded (Miloslav Trmac)
|
|
- Added watched account login detection for prelude plugin
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 23 14:17:17 CEST 2008 - tonyj@suse.de
|
|
|
|
- Fix for bnc#378725 VUL-0: audit buffer overflow
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de
|
|
|
|
- added baselibs.conf file to build xxbit packages
|
|
for multilib support
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 26 21:29:38 CET 2008 - tonyj@suse.de
|
|
|
|
- Update from 1.6.2 to 1.6.8.
|
|
- Move audisp-plugins to new secondary spec (along with existing
|
|
python libs).
|
|
- Redhat changelog follows:
|
|
|
|
* Thu Feb 14 2008 Steve Grubb <sgrubb@redhat.com> 1.6.8-1
|
|
- Update for gcc 4.3
|
|
- Cleanup descriptors in audispd before running plugin
|
|
- Fix 'recent' keyword for aureport/search
|
|
- Fix SE Linux policy for zos_remote plugin
|
|
- Add event type for group password authentication attempts
|
|
- Couple of updates to the translation tables
|
|
- Add detection of failed group authentication to audisp-prelude
|
|
|
|
* Thu Jan 31 2008 Steve Grubb <sgrubb@redhat.com> 1.6.7-1
|
|
- In ausearch/report, prefer -if to stdin
|
|
- In ausearch/report, add new command line option --input-logs (#428860)
|
|
- Updated audisp-prelude based on feedback from prelude-devel
|
|
- Added prelude alert for promiscuous socket being opened
|
|
- Added prelude alert for SE Linux policy enforcement changes
|
|
- Added prelude alerts for Forbidden Login Locations and Time
|
|
- Applied patch to auparse fixing error handling of searching by
|
|
interpreted value (Miloslav Trmac)
|
|
|
|
* Sat Jan 19 2008 Steve Grubb <sgrubb@redhat.com> 1.6.6-1
|
|
- Add prelude IDS plugin for IDMEF alerts
|
|
- Add --user option to aulastlog command
|
|
- Use desktop-file-install for system-config-audit
|
|
|
|
* Mon Jan 07 2008 Steve Grubb <sgrubb@redhat.com> 1.6.5-1
|
|
- Add more errno strings for exit codes in auditctl
|
|
- Fix config parser to allow either 0640 or 0600 for audit logs (#427062)
|
|
- Check for audit log being writable by owner in auditd
|
|
- If auditd logging was suspended, it can be resumed with SIGUSR2 (#251639)
|
|
- Updated CAPP, LSPP, and NISPOM rules for new capabilities
|
|
- Added aulastlog utility
|
|
|
|
* Sat Dec 29 2007 Steve Grubb <sgrubb@redhat.com> 1.6.4-1
|
|
- fchmod of log file was on wrong variable (#426934)
|
|
- Allow use of errno strings for exit codes in audit rules
|
|
|
|
* Thu Dec 27 2007 Steve Grubb <sgrubb@redhat.com> 1.6.3-1
|
|
- Add kernel release string to DEAMON_START events
|
|
- Fix keep_logs when num_logs option disabled (#325561)
|
|
- Fix auparse to handle node fields for syscall records
|
|
- Update system-config-audit to version 0.4.5 (Miloslav Trmac)
|
|
- Add keyword week-ago to aureport & ausearch start/end times
|
|
- Fix audit log permissions on rotate. If group is root 0400, otherwise 0440
|
|
- Add RACF zos remote audispd plugin (Klaus Kiwi)
|
|
- Add event queue overflow action to audispd
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 18 14:43:11 CET 2008 - schwab@suse.de
|
|
|
|
- Use autoreconf.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 31 07:08:38 CET 2007 - tonyj@suse.de
|
|
|
|
- Incorporate 1 more Redhat fixe post 1.6.2
|
|
- Go back to 10.2 behaviour wrt to starting in disabled state.
|
|
This time using patch submitted upstream, fix for #Bug 333739
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 10 23:18:24 CEST 2007 - tonyj@suse.de
|
|
|
|
- Upgrade to 1.6.2
|
|
Plus two bugs discovered in Fedora, will be fixed in 1.6.3
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 25 01:13:09 CEST 2007 - tonyj@suse.de
|
|
|
|
- Upgrade to 1.5.5
|
|
Correct bug in audit_make_equivalent function (Al Viro)
|
|
Local: add AppArmor audit ID (upstream in 1.5.6)
|
|
don't build RedHat system-config-audit
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 12 01:38:36 CEST 2007 - tonyj@suse.de
|
|
|
|
- Upgrade to 1.5.4
|
|
Add feed interface to auparse library (John Dennis)
|
|
Apply patch to libauparse for unresolved symbols (#241178)
|
|
Apply patch to add line numbers for file events in libauparse (John Dennis)
|
|
Change seresults to seresult in libauparse (John Dennis)
|
|
Add unit32_t definition to swig (#244210)
|
|
Add support for directory auditing
|
|
Update acct field to be escaped
|
|
- Fix for #280487 "%ghost /var/log/audit/audit.log will remove the logfile"
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 7 11:24:29 CEST 2007 - rguenther@suse.de
|
|
|
|
- Drop pkg-config BuildRequires introduced by last change.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 2 19:08:53 CEST 2007 - tonyj@suse.de
|
|
|
|
- Upgrade to 1.5.3. Drop AUDITD_DISABLE_CONTEXTS from audit sysconfig
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 29 02:46:08 CET 2006 - tonyj@suse.de
|
|
|
|
- Upgrade to 1.2.9 (drop several patches which are now upstream)
|
|
- Move to using /etc/audit directory for config files
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 31 22:57:52 CEST 2006 - tonyj@suse.de
|
|
|
|
- Upgrade to 1.2.6-1
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Aug 26 09:01:50 CEST 2006 - olh@suse.de
|
|
|
|
- do not define __KERNEL__ in userland apps
|
|
- remove unused sys/syscall.h include
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 16 15:42:58 CEST 2006 - cthiel@suse.de
|
|
|
|
- split audit into audit and audit-libs-python
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 5 21:05:40 CEST 2006 - sbeattie@suse.de
|
|
|
|
- disable syscall audit context creation by default #172154
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 20 16:18:29 CET 2006 - meissner@suse.de
|
|
|
|
- Do not print a misleading errormessage when audit
|
|
is not compiled into the kernel. #152733
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 6 14:21:06 CET 2006 - meissner@suse.de
|
|
|
|
- On kernels without auditing, which report ECONNREFUSED,
|
|
do not output stuff to stderr on startup. #152733
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Feb 25 09:55:48 CET 2006 - kukuk@suse.de
|
|
|
|
- Fix moving of devel libraries, don't install .la file
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 22 15:10:44 CET 2006 - meissner@suse.de
|
|
|
|
- moved libaudit.so symlink to /usr/lib and to -devel package,
|
|
as requested by Thorsten.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 17 19:56:14 CET 2006 - meissner@suse.de
|
|
|
|
- check sendto() return against -1 (error with errno set).
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 25 21:34:31 CET 2006 - mls@suse.de
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 25 12:09:31 CET 2006 - ro@suse.de
|
|
|
|
- fix fillup call since filename != packagename
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 24 19:01:52 CET 2006 - ro@suse.de
|
|
|
|
- do not skip fillup in postinstall
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 23 08:54:33 CET 2006 - dreynolds@suse.de
|
|
|
|
- Modified inssrv macro args to enable on boot
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 18 21:33:21 CET 2006 - tonyj@suse.de
|
|
|
|
- Add support for AppArmor (submitted upstream for 1.1.4)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jan 13 11:35:57 CET 2006 - meissner@suse.de
|
|
|
|
- Updated to 1.1.3.
|
|
- Moved audispd to /usr/sbin since it uses /usr/lib/libstdc++
|
|
- Updated sysconfig snippet.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 8 11:32:45 CET 2005 - meissner@suse.de
|
|
|
|
- upgraded to 1.0.12.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 4 12:41:35 CET 2005 - kukuk@suse.de
|
|
|
|
- Update to 1.0.9.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 12 17:24:55 CEST 2005 - meissner@suse.de
|
|
|
|
- upgraded to 1.0.6. ptrdift patch now solved upstream.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 5 15:17:05 CEST 2005 - meissner@suse.de
|
|
|
|
- Upgraded to 1.0.5
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 5 12:00:38 CEST 2005 - dmueller@suse.de
|
|
|
|
- add norootforbuild
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 26 11:40:27 CEST 2005 - meissner@suse.de
|
|
|
|
- Upgraded to 1.0.4.
|
|
- Make rate & backlog 32 bit unsigned int in auditctl
|
|
- In auditctl, if -F arch is given with -t option, don't require list
|
|
- Update auditd man page
|
|
- Add size check to audit_send
|
|
- Update message for audit_open failure when kernel doesn't support audit
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 23 14:07:44 CEST 2005 - meissner@suse.de
|
|
|
|
- Upgraded to 1.0.3 bugfix release:
|
|
- adjust file perms of newly created log file in auditd
|
|
- fix 2 memory leaks and an out of bounds access in auditd
|
|
- fix case where auditd was closing netlink descriptor too early
|
|
- fix watch rules not to take field arguments in auditctl
|
|
- fix bug where inode, devmajor, devminor, exit, and success fields in auditctl
|
|
rules were not getting the correct value stored
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 17 14:19:29 CEST 2005 - meissner@suse.de
|
|
|
|
- Added /var/log/audit directory and ghost audit.log #105131
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 10 13:37:56 CEST 2005 - meissner@suse.de
|
|
|
|
- Upgraded to 1.0.2
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 4 11:20:00 CEST 2005 - meissner@suse.de
|
|
|
|
- Upgraded to 1.0.1.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 11 14:47:38 CEST 2005 - meissner@suse.de
|
|
|
|
- Update to version 0.9.16.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 21 08:38:17 CEST 2005 - meissner@suse.de
|
|
|
|
- Update to version 0.9.10.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 17 11:21:42 CEST 2005 - meissner@suse.de
|
|
|
|
- Update to version 0.9.7.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 16 14:51:48 CEST 2005 - kukuk@suse.de
|
|
|
|
- Update to version 0.9.5
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 14 01:30:20 CEST 2005 - ro@suse.de
|
|
|
|
- make it build with current includes
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 31 14:15:30 CEST 2005 - meissner@suse.de
|
|
|
|
- Upgraded to 0.9.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 13 13:08:41 CEST 2005 - meissner@suse.de
|
|
|
|
- upgraded to 0.6.8
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 19 10:39:54 CEST 2005 - meissner@suse.de
|
|
|
|
- Upgraded to 0.6.11.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 15 17:52:43 CEST 2005 - pth@suse.de
|
|
|
|
- Make libaudit.h define pgoff_t by itself.
|
|
- Fix a minor warning.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 30 17:58:32 CEST 2005 - meissner@suse.de
|
|
|
|
- Upgraded to 0.6.9.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Mar 4 11:23:29 CET 2005 - meissner@suse.de
|
|
|
|
- Upgraded to 0.6.5.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 3 14:59:36 CET 2005 - meissner@suse.de
|
|
|
|
- initial package of auditd for new kernel auditing system.
|
|
|