diff --git a/logwatch.spec b/logwatch.spec index de72d1f..64058b9 100644 --- a/logwatch.spec +++ b/logwatch.spec @@ -1,7 +1,7 @@ Summary: A log file analysis program Name: logwatch Version: 7.4.3 -Release: 19%{?dist} +Release: 20%{?dist} License: MIT Group: Applications/System URL: http://www.logwatch.org/ @@ -32,6 +32,7 @@ Patch13: ignore-server-ready.patch Patch14: ras-correctable-errors.patch Patch15: deduplicate-sudo.patch Patch16: polkit-startup-messages.patch +Patch17: sshd-sort-by-count.patch BuildRequires: perl-generators Requires: grep mailx @@ -66,6 +67,7 @@ of the package on many systems. %patch14 -p1 %patch15 -p1 %patch16 -p1 +%patch17 -p1 rm -f scripts/services/*.orig %build @@ -165,6 +167,10 @@ echo "# Configuration overrides for specific logfiles/services may be placed her %{_mandir}/man*/* %changelog +* Wed Jun 28 2023 Pavel Šimovec - 7.4.3-20 +- sshd sort failed logins and illegal users by count, not IP address +- Resolves: rhbz#2044101 + * Wed Jun 28 2023 Pavel Šimovec - 7.4.3-19 - ignore harmless polkit startup messages - Resolves: rhbz#2043952 diff --git a/sshd-sort-by-count.patch b/sshd-sort-by-count.patch new file mode 100644 index 0000000..3da8e95 --- /dev/null +++ b/sshd-sort-by-count.patch @@ -0,0 +1,23 @@ +--- a/scripts/services/sshd ++++ b/scripts/services/sshd +@@ -566,7 +566,8 @@ + + if (keys %BadLogins) { + print "\nFailed logins from:\n"; +- foreach my $ip (sort SortIP keys %BadLogins) { ++ my $totalSort = TotalCountOrder(%BadLogins, \&SortIP); ++ foreach my $ip (sort $totalSort keys %BadLogins) { + my $name = LookupIP($ip); + my $totcount = 0; + foreach my $user (keys %{$BadLogins{$ip}}) { +@@ -587,7 +588,8 @@ + + if (keys %IllegalUsers) { + print "\nIllegal users from:\n"; +- foreach my $ip (sort SortIP keys %IllegalUsers) { ++ my $totalSort = TotalCountOrder(%IllegalUsers, \&SortIP); ++ foreach my $ip (sort $totalSort keys %IllegalUsers) { + my $name = LookupIP($ip); + my $totcount = 0; + foreach my $user (keys %{$IllegalUsers{$ip}}) { +