rpms/aide
7
0
Fork 0
Code Issues Pull Requests Releases Activity

RHEL 9.5.0 ERRATUM

Browse Source 
- AIDE fails when using root_prefix option
Resolves: RHEL-28882
This commit is contained in:
Radovan Sroka 2024-08-19 07:53:26 +02:00
parent fcfb8ebde3
commit 9c3605c60c
2 changed files with 26 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
aide.spec
View File

@ -1,7 +1,7 @@
Summary: Intrusion detection environment
Name: aide
Version: 0.16
Release: 101%{?dist}
Release: 102%{?dist}
URL: http://sourceforge.net/projects/aide
License: GPLv2+
@ -40,7 +40,7 @@ Patch8: aide-configure.patch
Patch9: aide-static-analysis.patch
Patch10: aide-0.16-CVE-2021-45417.patch
Patch11: aide-db-problem.patch
Patch12: rootPrefix.patch
%description
AIDE (Advanced Intrusion Detection Environment) is a file integrity
@ -87,10 +87,12 @@ mkdir -p -m0700 %{buildroot}%{_localstatedir}/lib/aide
%dir %attr(0700,root,root) %{_localstatedir}/log/aide
%changelog
* Fri May 17 2024 Radovan Sroka <rsroka@redhat.com> - 0.16-23
* Fri May 17 2024 Radovan Sroka <rsroka@redhat.com> - 0.16-102
RHEL 9.5.0 ERRATUM
- aide fails with "Not enough parameters in db:15384. Trying to continue." unexpectedly
Resolves: RHEL-27606
- AIDE fails when using root_prefix option
Resolves: RHEL-28882
* Mon Jan 24 2022 Radovan Sroka <rsroka@redhat.com> - 0.16-100
- backport fix for CVE-2021-45417

21
rootPrefix.patch Normal file
View File

@ -0,0 +1,21 @@
diff -Naur aide-0.16.orig/src/db_disk.c aide-0.16/src/db_disk.c
--- aide-0.16.orig/src/db_disk.c 2024-03-11 16:45:06.594013966 -0400
+++ aide-0.16/src/db_disk.c 2024-03-11 16:45:06.584013966 -0400
@@ -209,7 +209,7 @@
fullname=malloc((conf->root_prefix_length+2)*sizeof(char));
strcpy(fullname, conf->root_prefix);
strcat (fullname, "/");
- if (!get_file_status(&fullname[conf->root_prefix_length], &fs)) {
+ if (!get_file_status(fullname, &fs)) {
add = check_rxtree (&fullname[conf->root_prefix_length], conf->tree, &attr, fs.st_mode);
error (240, "%s match=%d, tree=%p, attr=%llu\n", &fullname[conf->root_prefix_length], add,
conf->tree, attr);
@@ -255,7 +255,7 @@
If not call, db_readline_disk again...
*/
- if (get_file_status(&fullname[conf->root_prefix_length], &fs)) {
+ if (get_file_status(fullname, &fs)) {
free (fullname);
goto recursion;
}