import OL aide-0.16-103.el9_6.2
This commit is contained in:
parent
0ae03f0f89
commit
d00bcb6c12
1662
SOURCES/aide-0.16-CVE-2025-54389.patch
Normal file
1662
SOURCES/aide-0.16-CVE-2025-54389.patch
Normal file
File diff suppressed because it is too large
Load Diff
11
SOURCES/aide-db-problem.patch
Normal file
11
SOURCES/aide-db-problem.patch
Normal file
@ -0,0 +1,11 @@
|
||||
diff -up aide-0.16/src/commandconf.c.rhcase03736158 aide-0.16/src/commandconf.c
|
||||
--- aide-0.16/src/commandconf.c.rhcase03736158 2024-03-01 11:06:35.305712992 +0100
|
||||
+++ aide-0.16/src/commandconf.c 2024-03-01 11:08:07.726499878 +0100
|
||||
@@ -306,6 +306,7 @@ int db_input_wrapper(char* buf, int max_
|
||||
retval=0;
|
||||
buf[0]='\0';
|
||||
}else {
|
||||
+ buf[0]='\0';
|
||||
if((retval=gzread(*db_gzp,buf,max_size))<0){
|
||||
error(0,_("gzread() failed: gzerr=%s!\n"),gzerror(*db_gzp,&err));
|
||||
retval=0;
|
||||
@ -290,6 +290,7 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
|
||||
/etc/usbguard CONTENT_EX
|
||||
|
||||
# Ignore some files
|
||||
!/boot/grub2/grubenv$
|
||||
!/etc/mtab$
|
||||
!/etc/.*~
|
||||
|
||||
|
||||
21
SOURCES/rootPrefix.patch
Normal file
21
SOURCES/rootPrefix.patch
Normal file
@ -0,0 +1,21 @@
|
||||
diff -Naur aide-0.16.orig/src/db_disk.c aide-0.16/src/db_disk.c
|
||||
--- aide-0.16.orig/src/db_disk.c 2024-03-11 16:45:06.594013966 -0400
|
||||
+++ aide-0.16/src/db_disk.c 2024-03-11 16:45:06.584013966 -0400
|
||||
@@ -209,7 +209,7 @@
|
||||
fullname=malloc((conf->root_prefix_length+2)*sizeof(char));
|
||||
strcpy(fullname, conf->root_prefix);
|
||||
strcat (fullname, "/");
|
||||
- if (!get_file_status(&fullname[conf->root_prefix_length], &fs)) {
|
||||
+ if (!get_file_status(fullname, &fs)) {
|
||||
add = check_rxtree (&fullname[conf->root_prefix_length], conf->tree, &attr, fs.st_mode);
|
||||
error (240, "%s match=%d, tree=%p, attr=%llu\n", &fullname[conf->root_prefix_length], add,
|
||||
conf->tree, attr);
|
||||
@@ -255,7 +255,7 @@
|
||||
If not call, db_readline_disk again...
|
||||
*/
|
||||
|
||||
- if (get_file_status(&fullname[conf->root_prefix_length], &fs)) {
|
||||
+ if (get_file_status(fullname, &fs)) {
|
||||
free (fullname);
|
||||
goto recursion;
|
||||
}
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: Intrusion detection environment
|
||||
Name: aide
|
||||
Version: 0.16
|
||||
Release: 100%{?dist}
|
||||
Release: 103%{?dist}.2
|
||||
URL: http://sourceforge.net/projects/aide
|
||||
License: GPLv2+
|
||||
|
||||
@ -38,8 +38,10 @@ Patch6: coverity.patch
|
||||
Patch7: aide-0.16-crash-elf.patch
|
||||
Patch8: aide-configure.patch
|
||||
Patch9: aide-static-analysis.patch
|
||||
|
||||
Patch10: aide-0.16-CVE-2021-45417.patch
|
||||
Patch11: aide-db-problem.patch
|
||||
Patch12: rootPrefix.patch
|
||||
Patch13: aide-0.16-CVE-2025-54389.patch
|
||||
|
||||
%description
|
||||
AIDE (Advanced Intrusion Detection Environment) is a file integrity
|
||||
@ -86,6 +88,23 @@ mkdir -p -m0700 %{buildroot}%{_localstatedir}/lib/aide
|
||||
%dir %attr(0700,root,root) %{_localstatedir}/log/aide
|
||||
|
||||
%changelog
|
||||
* Thu Aug 21 2025 Attila Lakatos <alakatos@redhat.com> - 0.16-103.2
|
||||
RHEL 9.6.Z ERRATUM
|
||||
- CVE-2025-54389 aide: improper output neutralization enables bypassing
|
||||
Resolves: RHEL-109910
|
||||
|
||||
* Wed Jan 15 2025 Radovan Sroka <rsroka@redhat.com> - 0.16-103
|
||||
RHEL 9.6.0 ERRATUM
|
||||
- /boot/grub2/grubenv's timestamp is getting modified continuously due to "boot_success" implementation
|
||||
Resolves: RHEL-4331
|
||||
|
||||
* Fri May 17 2024 Radovan Sroka <rsroka@redhat.com> - 0.16-102
|
||||
RHEL 9.5.0 ERRATUM
|
||||
- aide fails with "Not enough parameters in db:15384. Trying to continue." unexpectedly
|
||||
Resolves: RHEL-27606
|
||||
- AIDE fails when using root_prefix option
|
||||
Resolves: RHEL-28882
|
||||
|
||||
* Mon Jan 24 2022 Radovan Sroka <rsroka@redhat.com> - 0.16-100
|
||||
- backport fix for CVE-2021-45417
|
||||
Resolves: rhbz#2041950
|
||||
|
||||
Loading…
Reference in New Issue
Block a user