import OL aide-0.16-103.el9_6.2

This commit is contained in:
eabdullin 2025-08-26 12:29:38 +00:00
parent 0ae03f0f89
commit d00bcb6c12
5 changed files with 1716 additions and 2 deletions

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,11 @@
diff -up aide-0.16/src/commandconf.c.rhcase03736158 aide-0.16/src/commandconf.c
--- aide-0.16/src/commandconf.c.rhcase03736158 2024-03-01 11:06:35.305712992 +0100
+++ aide-0.16/src/commandconf.c 2024-03-01 11:08:07.726499878 +0100
@@ -306,6 +306,7 @@ int db_input_wrapper(char* buf, int max_
retval=0;
buf[0]='\0';
}else {
+ buf[0]='\0';
if((retval=gzread(*db_gzp,buf,max_size))<0){
error(0,_("gzread() failed: gzerr=%s!\n"),gzerror(*db_gzp,&err));
retval=0;

View File

@ -290,6 +290,7 @@ DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
/etc/usbguard CONTENT_EX
# Ignore some files
!/boot/grub2/grubenv$
!/etc/mtab$
!/etc/.*~

21
SOURCES/rootPrefix.patch Normal file
View File

@ -0,0 +1,21 @@
diff -Naur aide-0.16.orig/src/db_disk.c aide-0.16/src/db_disk.c
--- aide-0.16.orig/src/db_disk.c 2024-03-11 16:45:06.594013966 -0400
+++ aide-0.16/src/db_disk.c 2024-03-11 16:45:06.584013966 -0400
@@ -209,7 +209,7 @@
fullname=malloc((conf->root_prefix_length+2)*sizeof(char));
strcpy(fullname, conf->root_prefix);
strcat (fullname, "/");
- if (!get_file_status(&fullname[conf->root_prefix_length], &fs)) {
+ if (!get_file_status(fullname, &fs)) {
add = check_rxtree (&fullname[conf->root_prefix_length], conf->tree, &attr, fs.st_mode);
error (240, "%s match=%d, tree=%p, attr=%llu\n", &fullname[conf->root_prefix_length], add,
conf->tree, attr);
@@ -255,7 +255,7 @@
If not call, db_readline_disk again...
*/
- if (get_file_status(&fullname[conf->root_prefix_length], &fs)) {
+ if (get_file_status(fullname, &fs)) {
free (fullname);
goto recursion;
}

View File

@ -1,7 +1,7 @@
Summary: Intrusion detection environment
Name: aide
Version: 0.16
Release: 100%{?dist}
Release: 103%{?dist}.2
URL: http://sourceforge.net/projects/aide
License: GPLv2+
@ -38,8 +38,10 @@ Patch6: coverity.patch
Patch7: aide-0.16-crash-elf.patch
Patch8: aide-configure.patch
Patch9: aide-static-analysis.patch
Patch10: aide-0.16-CVE-2021-45417.patch
Patch11: aide-db-problem.patch
Patch12: rootPrefix.patch
Patch13: aide-0.16-CVE-2025-54389.patch
%description
AIDE (Advanced Intrusion Detection Environment) is a file integrity
@ -86,6 +88,23 @@ mkdir -p -m0700 %{buildroot}%{_localstatedir}/lib/aide
%dir %attr(0700,root,root) %{_localstatedir}/log/aide
%changelog
* Thu Aug 21 2025 Attila Lakatos <alakatos@redhat.com> - 0.16-103.2
RHEL 9.6.Z ERRATUM
- CVE-2025-54389 aide: improper output neutralization enables bypassing
Resolves: RHEL-109910
* Wed Jan 15 2025 Radovan Sroka <rsroka@redhat.com> - 0.16-103
RHEL 9.6.0 ERRATUM
- /boot/grub2/grubenv's timestamp is getting modified continuously due to "boot_success" implementation
Resolves: RHEL-4331
* Fri May 17 2024 Radovan Sroka <rsroka@redhat.com> - 0.16-102
RHEL 9.5.0 ERRATUM
- aide fails with "Not enough parameters in db:15384. Trying to continue." unexpectedly
Resolves: RHEL-27606
- AIDE fails when using root_prefix option
Resolves: RHEL-28882
* Mon Jan 24 2022 Radovan Sroka <rsroka@redhat.com> - 0.16-100
- backport fix for CVE-2021-45417
Resolves: rhbz#2041950