From 6b854d19cd7ca88df4422380fd488e72b08d41eb Mon Sep 17 00:00:00 2001
From: Jan Synacek <jsynacek@redhat.com>
Date: Mon, 14 Jan 2013 10:11:23 +0100
Subject: [PATCH] Add secure-username patch to properly ignore "password check
 failed for user" (rhbz#894272)

---
 logwatch-secure-username.patch | 18 ++++++++++++++++++
 logwatch.spec                  |  9 ++++++++-
 2 files changed, 26 insertions(+), 1 deletion(-)
 create mode 100644 logwatch-secure-username.patch

diff --git a/logwatch-secure-username.patch b/logwatch-secure-username.patch
new file mode 100644
index 0000000..6c9deb3
--- /dev/null
+++ b/logwatch-secure-username.patch
@@ -0,0 +1,18 @@
+Weaken username regexp restriction. Usernames can include more characters than
+just letters (e.g. _ or [0-9]).
+
+Author: Jan Synacek <jsynacek@redhat.com>
+Reported-By: Robert Scheck
+RH-Bugzilla: #894272
+
+--- logwatch-svn127-dist/scripts/services/secure	2013-01-11 10:38:15.778804473 +0100
++++ logwatch-svn127/scripts/services/secure	2013-01-11 10:49:13.381323119 +0100
+@@ -247,7 +247,7 @@ while (defined($ThisLine = <STDIN>)) {
+       ( $ThisLine =~ /userhelper\[\d+\]: running '([^ ]+)' with [^ ]+ context/) or
+       ( $ThisLine =~ /pam_timestamp\(.*:session\): updated timestamp file `\/var\/run\/sudo.*'/) or
+       ( $ThisLine =~ /[^ ]*: pam_keyinit(.*:.*): Unable to change GID to [0-9]* temporarily/) or
+-      ( $ThisLine =~ /password check failed for user \([a-zA-Z]*\)/) or
++      ( $ThisLine =~ /password check failed for user \(\S*\)/) or
+       ( $ThisLine =~ /PAM pam_set_item: attempt to set conv\(\) to NULL/) or
+       ( $ThisLine =~ /PAM pam_get_item: nowhere to place requested item/) or
+       ( $ThisLine =~ /pam_succeed_if\(.*:.*\): error retrieving information about user [a-zA-Z]*/ ) or
diff --git a/logwatch.spec b/logwatch.spec
index 48938e0..e537b26 100644
--- a/logwatch.spec
+++ b/logwatch.spec
@@ -1,7 +1,7 @@
 Summary: A log file analysis program
 Name: logwatch
 Version: 7.4.0
-Release: 21.20130102svn127%{?dist}
+Release: 22.20130102svn127%{?dist}
 License: MIT
 Group: Applications/System
 URL: http://www.logwatch.org/
@@ -26,6 +26,8 @@ Patch9: logwatch-rkhunter.patch
 Patch16: logwatch-secure-userhelper.patch
 # Modified version pending upstream acceptance
 Patch17: logwatch-http-error.patch
+# Not upstreamed yet
+Patch18: logwatch-secure-username.patch
 Requires: textutils sh-utils grep mailx
 Requires: perl(Date::Manip)
 Requires: perl(Sys::CPU)
@@ -48,6 +50,7 @@ of the package on many systems.
 %patch9 -p0
 %patch16 -p1
 %patch17 -p1
+%patch18 -p1
 rm -f scripts/services/*.orig
 
 %build
@@ -138,6 +141,10 @@ echo "# Configuration overrides for specific logfiles/services may be placed her
 %{_mandir}/man*/*
 
 %changelog
+* Fri Jan 11 2013 Jan Synáček <jsynacek@redhat.com> - 7.4.0-22.20130102svn127
+- Add secure-username patch to properly ignore "password check failed for user"
+  (rhbz#894272)
+
 * Wed Jan 09 2013 Jan Synáček <jsynacek@redhat.com> - 7.4.0-21.20130102svn127
 - Update to revision 127 and drop ustreamed patches
 - Update dovecot patch