diff --git a/audit-3.0.1.tar.gz b/audit-3.0.1.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4be9e3466ba463e3bccc3ba475c5620d1e5390e5 Binary files /dev/null and b/audit-3.0.1.tar.gz differ diff --git a/audit-3.0.tar.gz b/audit-3.0.tar.gz deleted file mode 100644 index 7598a6f353456d4178a320127841f394c9daf099..0000000000000000000000000000000000000000 Binary files a/audit-3.0.tar.gz and /dev/null differ diff --git a/audit.spec b/audit.spec index 392bb26ddc02ded7410dea64275fd3566e0624a4..1ebdd1fae7c6fd3f73594a8ac78e8b116ab04edd 100644 --- a/audit.spec +++ b/audit.spec @@ -1,8 +1,8 @@ Summary: User space tools for kernel auditing Name: audit Epoch: 1 -Version: 3.0 -Release: 3 +Version: 3.0.1 +Release: 1 License: GPLv2+ and LGPLv2+ URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz @@ -16,23 +16,22 @@ Patch4: backport-Add-missing-call-to-free_interpretation_list.patch Patch5: backport-fix-2-more-issues-found-by-fuzzing.patch Patch6: backport-Fix-an-auparse-memory-leak-caused-in-recent-glibc.patch Patch7: backport-Fix-double-free-with-corrupted-logs.patch -Patch8: backport-Turn-libaucommon-into-a-libtool-convenience-library-.patch -Patch9: backport-Fix-the-closing-timing-of-audit_fd-166.patch -Patch10: backport-Fix-some-string-length-issues.patch -Patch11: backport-Move-the-free_config-to-success-path.patch -Patch12: backport-Check-for-fuzzer-induced-invalid-value.patch -Patch13: backport-error-out-if-log-is-mangled.patch -Patch14: backport-Dont-run-off-the-end-with-corrupt-logs.patch -Patch15: backport-Another-hardening-measure-for-corrupted-logs.patch -Patch16: backport-Fix-busy-loop-in-normalizer-when-logs-are-corrupt.patch -Patch17: backport-Better-fix-for-busy-loop-in-normalizer-when-logs-are.patch -Patch18: backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch -Patch19: backport-In-auditd-check-if-log_file-is-valid-before-closing-.patch -Patch20: backport-Check-ctime-return-code.patch -Patch21: backport-When-interpreting-if-val-is-NULL-return-an-empty-str.patch -Patch22: backport-auditd.service-Restart-on-failure-ignoring-some-exit.patch -Patch23: backport-0001-In-auditd-close-the-logging-file-descriptor-when-log.patch -Patch24: backport-0002-In-auditd-close-the-logging-file-descriptor-when-log.patch +Patch8: backport-Fix-the-closing-timing-of-audit_fd-166.patch +Patch9: backport-Fix-some-string-length-issues.patch +Patch10: backport-Move-the-free_config-to-success-path.patch +Patch11: backport-Check-for-fuzzer-induced-invalid-value.patch +Patch12: backport-error-out-if-log-is-mangled.patch +Patch13: backport-Dont-run-off-the-end-with-corrupt-logs.patch +Patch14: backport-Another-hardening-measure-for-corrupted-logs.patch +Patch15: backport-Fix-busy-loop-in-normalizer-when-logs-are-corrupt.patch +Patch16: backport-Better-fix-for-busy-loop-in-normalizer-when-logs-are.patch +Patch17: backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch +Patch18: backport-In-auditd-check-if-log_file-is-valid-before-closing-.patch +Patch19: backport-Check-ctime-return-code.patch +Patch20: backport-When-interpreting-if-val-is-NULL-return-an-empty-str.patch +Patch21: backport-auditd.service-Restart-on-failure-ignoring-some-exit.patch +Patch22: backport-0001-In-auditd-close-the-logging-file-descriptor-when-log.patch +Patch23: backport-0002-In-auditd-close-the-logging-file-descriptor-when-log.patch BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: openldap-devel krb5-devel libcap-ng-devel @@ -363,6 +362,9 @@ fi %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog +* Fri Dec 10 2021 yixiangzhike - 3.0.1-1 +- update to 3.0.1 + * Tue Nov 16 2021 yixiangzhike - 3.0-3 - backport some patches Add missing call to free_interpretation_list diff --git a/backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch b/backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch index 74ab9aea4a732d622b7011b6099cf09882a512fa..6836ea076389084a25b151d56977dca7a763c4bd 100644 --- a/backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch +++ b/backport-flush-uid-gid-caches-when-user-group-added-deleted-m.patch @@ -85,8 +85,8 @@ index cb29fee..3655726 100644 - int rc; + int rc, rtype; size_t mlen, len; - auparse_state_t *au; char *message; + // Do raw format to get event started @@ -427,6 +428,17 @@ static const char *format_enrich(const struct audit_reply *rep) // Loop over all fields while possible to add field @@ -120,9 +120,9 @@ index cb29fee..3655726 100644 + default: + break; + } - auparse_destroy_ext(au, AUPARSE_DESTROY_COMMON); free(message); } + return format_buf; -- 1.8.3.1 diff --git a/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch b/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch index 38f3aff6915dd2be385500f9f151d73171d6397e..23483cce6f04002d95df0a2e9af9e54efb107856 100644 --- a/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch +++ b/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch @@ -15,10 +15,10 @@ diff --git a/lib/aarch64_table.h b/lib/aarch64_table.h index c61aa91..ea634c1 100644 --- a/lib/aarch64_table.h +++ b/lib/aarch64_table.h -@@ -311,4 +311,47 @@ _S(432, "fsmount") - _S(433, "fspick") - _S(434, "pidfd_open") - _S(435, "clone3") +@@ -311,3 +311,46 @@ _S(438, "pidfd_getfd") + _S(439, "faccessat2") + _S(440, "process_madvise") + _S(441, "epoll_pwait2") +_S(1024, "open") +_S(1025, "link") +_S(1026, "unlink") @@ -62,7 +62,6 @@ index c61aa91..ea634c1 100644 +_S(1077, "uselib") +_S(1078, "sysctl") +_S(1079, "fork") - -- 1.8.5.6