diff --git a/sysstat-12.5.4-bz2216805.patch b/sysstat-12.5.4-bz2216805.patch new file mode 100644 index 0000000..10915a3 --- /dev/null +++ b/sysstat-12.5.4-bz2216805.patch @@ -0,0 +1,34 @@ +From 370ad59826c2320288a1999ef9038e2a2655b8a0 Mon Sep 17 00:00:00 2001 +From: Sebastien GODARD +Date: Thu, 22 Jun 2023 17:47:59 +0200 +Subject: [PATCH] Add UMASK definition to sysstat(5) manual page (#362) + +Explain UMASK variable in sysstat(5) manual page. + +Signed-off-by: Sebastien GODARD +Cherry-picked-by: Lukáš Zaoral +Upstream-commit: 370ad59826c2320288a1999ef9038e2a2655b8a0 +--- + man/sysstat.in | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/man/sysstat.in b/man/sysstat.in +index 6ce6b473..89bdd3f4 100644 +--- a/man/sysstat.in ++++ b/man/sysstat.in +@@ -140,6 +140,15 @@ daily data files. + These options are used only when a new data file is created. They will be + ignored with an already existing one. + .TP ++.B UMASK ++.RB "The " "sa1" " and " "sa2" ++scripts generate system activity data and report files in the ++.IR /var/log/sa ++directory. By default the files are created with umask 0022 ++and are therefore readable for all users. Change this variable to restrict ++the permissions on the files (e.g. use 0027 to adhere to more strict ++security standards). ++.TP + .B YESTERDAY + .RB "By default " "sa2" + script generates yesterday's summary, since the diff --git a/sysstat.spec b/sysstat.spec index d5f5f24..c12475c 100644 --- a/sysstat.spec +++ b/sysstat.spec @@ -1,7 +1,7 @@ Summary: Collection of performance monitoring tools for Linux Name: sysstat Version: 12.5.4 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv2+ URL: http://sebastien.godard.pagesperso-orange.fr/ Source: https://github.com/sysstat/sysstat/archive/v%{version}.tar.gz @@ -14,7 +14,10 @@ Source2: colorsysstat.sh Patch1: sysstat-12.5.4-CVE-2022-39377.patch # {cifsio,io,mp,pid}stat --dec and sar --dec report values from single alphabet other than defined (bz2080650) Patch2: sysstat-12.5.4-bz2080650.patch +# check_overflow() function can work incorrectly that lead to an overflow (CVE-2023-33204) Patch3: sysstat-12.5.4-CVE-2023-33204.patch +# add description of UMASK to man/systat.in (bz2216805) +Patch4: sysstat-12.5.4-bz2216805.patch BuildRequires: make BuildRequires: gcc, gettext, lm_sensors-devel, pcp-libs-devel, systemd, git @@ -92,6 +95,9 @@ fi %{_localstatedir}/log/sa %changelog +* Thu Jul 27 2023 Lukáš Zaoral - 12.5.4-7 +- add description of UMASK to man/systat.in (rhbz#2216805) + * Fri Jun 30 2023 Pavel Šimovec - 12.5.4-6 - fix the arithmetic overflow in allocate_structures() that is still possible on some 32 bit systems (CVE-2023-33204)