diff --git a/logrotate-3.19.0.tar.xz b/logrotate-3.19.0.tar.xz deleted file mode 100644 index c048e18..0000000 --- a/logrotate-3.19.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ddd5274d684c5c99ca724e8069329f343ebe376e07493d537d9effdc501214ba -size 166276 diff --git a/logrotate-3.19.0.tar.xz.asc b/logrotate-3.19.0.tar.xz.asc deleted file mode 100644 index 56560e2..0000000 --- a/logrotate-3.19.0.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEmSqW4HUFbnnNghT5hz2zdXKjezYFAmHYAiwACgkQhz2zdXKj -ezYGlA//cGjoPxXWWGpdY6RxUBf9LLVVdTObkcx5P/4IUalR1md49ysk3Cw8XrGG -SbhFgTmrW4l+0ZRLaGXsSqEqKrMyUhGxQfRAOZIoOg3f84pPTG5evPcc3Xlp0o/C -ki/SQdjregUdrizsASis9lqp5o94RtH5p5NcUjj2/C0vaH08WzVtasSXp7L+02an -ewCytUYQJT32Nzukg1v1mY/+9il2yA1cXqU6IEkJR4opXvZ4kq6PMe0+AuQs0MkD -3/qkWiP98RUmrWfx6lDUSSTOts3xmpuxzKwnRsaJk8rSAm4VSTDbfotPpjEQM0it -+XtOzCiMdRLZ5hUzIerPdTs4SY696Usy6c58cwH6ocYuC3KQjZB8zhKJ4vbLH3bm -c+AJM8KZ4ey5Dnexx4QXhS16dJDjS2682qBHOPCnXnR9b4S2N5HWQHj9M8pDiaAa -ftafvq/13k4yziXn+pkUyKA6Ytx9VfVBpsMLfVAeJ93Q5K4pDbXc6UX0YXMxy660 -Ca1yG4sXhK0O9m8qPLUzBhcvzn8evAt08IXB/eDCEcwpOlH3xvxZt5aFikBM6der -Am5w38WjecbNOEirKzBi6ksMPv/K1+6dTqMIIDkLIQchACV8kIIDjI3ptr50PhBn -QS06qD7Oiy+BJQ/fSGhJtlaVbbk1+w0EzuWXXqE8E8V5B5Um1Xw= -=pq5V ------END PGP SIGNATURE----- diff --git a/logrotate-3.19.0-man_logrotate.patch b/logrotate-3.20.0-man_logrotate.patch similarity index 66% rename from logrotate-3.19.0-man_logrotate.patch rename to logrotate-3.20.0-man_logrotate.patch index be46a01..537d8e9 100644 --- a/logrotate-3.19.0-man_logrotate.patch +++ b/logrotate-3.20.0-man_logrotate.patch @@ -1,6 +1,6 @@ -diff -Naur logrotate-3.19.0.orig/logrotate.8.in logrotate-3.19.0/logrotate.8.in ---- logrotate-3.19.0.orig/logrotate.8.in 2022-02-24 11:18:24.202811846 +0100 -+++ logrotate-3.19.0/logrotate.8.in 2022-02-24 11:28:25.137690351 +0100 +diff -ur logrotate-3.20.0.orig/logrotate.8.in logrotate-3.20.0/logrotate.8.in +--- logrotate-3.20.0.orig/logrotate.8.in 2022-03-31 14:00:36.000000000 +0200 ++++ logrotate-3.20.0/logrotate.8.in 2022-05-25 15:40:21.015424608 +0200 @@ -48,6 +48,17 @@ is given on the command line, every file in that directory is used as a config file. @@ -19,15 +19,6 @@ diff -Naur logrotate-3.19.0.orig/logrotate.8.in logrotate-3.19.0/logrotate.8.in If no command line arguments are given, \fBlogrotate\fR will print version and copyright information, along with a short usage summary. If any errors occur while rotating logs, \fBlogrotate\fR will exit with -@@ -76,7 +87,7 @@ - acquires a lock on the state file, if it cannot be acquired \fBlogrotate\fR - will exit with value 3. The default state file is \fI@STATE_FILE_PATH@\fR. - If \fI/dev/null\fR is given as the state file, then \fBlogrotate\fR will --not try to write the state file. -+not try to lock or write the state file. - - .TP - \fB\-\-skip-state-lock\fR @@ -752,7 +763,8 @@ tab(:); l l l. diff --git a/logrotate-3.20.1.tar.xz b/logrotate-3.20.1.tar.xz new file mode 100644 index 0000000..c658bfb --- /dev/null +++ b/logrotate-3.20.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:742f6d6e18eceffa49a4bacd933686d3e42931cfccfb694d7f6369b704e5d094 +size 166712 diff --git a/logrotate-3.20.1.tar.xz.asc b/logrotate-3.20.1.tar.xz.asc new file mode 100644 index 0000000..3050d1a --- /dev/null +++ b/logrotate-3.20.1.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEmSqW4HUFbnnNghT5hz2zdXKjezYFAmKOSz8ACgkQhz2zdXKj +ezZHew/+Oc/4nfltNNFkK1FPmkfqNrehh69ho0AXDoR4Wtocyz9RTPL8Llfm4gEd +As1vzySNbUoGTJfDdnrhHZbBkrcLknZ8di8lQu9hkh/n7jB83ZxOFrUQv1bt2xbJ +W+Y3shL4X3TMdVkvsmH0o4VyMEJYcPMbuAUuLwPhRYTwgNCgwhSdb2xyYbsKyFYU +mnrmqeYIy4sXtAv+JPZLogBXmhx9ZbKV4qBY9zPlwvXaKyqJu47bgoUcEH9Kf54C +8f9k48+vJ8iyK3j4IAAjXqR/x+GCPQU0Px2Ft4KgFIMoC94IsUwEJQlZ08yzBL7s +ohoJJ/+9rjJI45t1JYRYmPEcGj1CaB05CbwJOOEk+x4AfzkZj6dZ0vm8M7Ux6PNb +eph/rOyEeAVxkUP17BdA9GmUTBgCM7nI4yFtXdY73qgMWBOUJR8iKbVqvL7/ke+7 +rpTg7qp5VRFOQ1uEyRxAnqpfNZJ5asnj0PV5jxydN6chpg95fb/Q15ycydHXI+XD +LE7lLN0HhhMJTh5zttYFmoZzJ4EaO3F5WstTaKMu8s1/oOeEec1mfCnUgxM1K24V +acHOJEf8XQsz1vBVU3tQcuWQqYt7WMHzO9Rj3Nqs9/lDpHRfXAczuFkmGTO1EA1w +UaK2cdAgT2TfNfMmvKyYTWzIVFviF/A25jFK+eGDDL0rkh1DorI= +=M/va +-----END PGP SIGNATURE----- diff --git a/logrotate.changes b/logrotate.changes index da7b547..810e483 100644 --- a/logrotate.changes +++ b/logrotate.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Wed May 25 20:06:20 UTC 2022 - Michael Ströder + +- update to 3.20.1: + * drop world-readable permission on state file even when ACLs are enabled (#446) +- removed obsolete logrotate-CVE-2022-1348-follow-up.patch + +------------------------------------------------------------------- +Wed May 25 15:31:32 UTC 2022 - David Anes + +- Security fix: (bsc#1199652, CVE-2022-1348) + * Add follow-up upstream patch for the introduced fix. + * Added patch logrotate-CVE-2022-1348-follow-up.patch + +- Update patch: + * logrotate-3.19.0-man_logrotate.patch -> logrotate-3.20.0-man_logrotate.patch + +------------------------------------------------------------------- +Wed May 25 13:34:17 UTC 2022 - Michael Ströder + +- update to 3.20.0: + * fix potential DoS from unprivileged users via the state file (CVE-2022-1348) + * fix a misleading debug message with copytruncate and rotate 0 (#443) + * add support for unsigned time_t (#438) + * do not lock state file /dev/null (#433) + ------------------------------------------------------------------- Thu Feb 24 10:36:07 UTC 2022 - Stefan Schubert diff --git a/logrotate.spec b/logrotate.spec index 6f1cb38..bd3e95c 100644 --- a/logrotate.spec +++ b/logrotate.spec @@ -19,7 +19,7 @@ %{!?_distconfdir: %global _distconfdir %{_prefix}%{_sysconfdir}} Name: logrotate -Version: 3.19.0 +Version: 3.20.1 Release: 0 Summary: Cron service for rotating, compressing, mailing and removing system log files License: GPL-2.0-or-later @@ -32,8 +32,9 @@ Source2: logrotate.default Source3: logrotate.service Source10: https://github.com/%{name}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz.asc Source100: %{name}-rpmlintrc -Patch0: logrotate-3.19.0-man_logrotate.patch +Patch0: logrotate-3.20.0-man_logrotate.patch BuildRequires: acl +BuildRequires: automake BuildRequires: libacl-devel BuildRequires: pkgconfig BuildRequires: pkgconfig(libselinux) @@ -52,9 +53,10 @@ It manages plain files only and is not involved in systemd's journal rotation. %prep %setup -q -%patch0 -p1 +%autopatch -p1 %build +autoreconf -f -i %configure \ --disable-silent-rules \ --with-state-file-path=%{_localstatedir}/lib/misc/logrotate.status \