Red Hat has issued an update for aide. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions. The security issue is caused due to the improper checking of file checksums against stored checksums in the database. This can be exploited to bypass the file modification checks performed by aide. The security issue is reported in versions prior to 0.13.1. SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://rhn.redhat.com/errata/RHSA-2007-0539.html OTHER REFERENCES: https://bugzilla.redhat.com/show_bug.cgi?id=236923
setting status. forensics, please bump as necessary.
all forensics members are away at the moment, we have some bugs open for it...should I bump it?
yes, please.
(In reply to comment #3) > yes, please. I'll try to track it, but bug 126694 still has some issues...so wait some more.
0.13.1 in cvs. please test and mark stable.
thanks matsuu. Arches please test and mark stable app-forensics/aide-0.13.1. Target "alpha amd64 ppc sparc x86"
I get on sparc: sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT db_sql.o -MD -MP -MF .deps/db_sql.Tpo -c -o db_sql.o db_sql.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT gen_list.o -MD -MP -MF .deps/gen_list.Tpo -c -o gen_list.o gen_list.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT list.o -MD -MP -MF .deps/list.Tpo -c -o list.o list.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT do_md.o -MD -MP -MF .deps/do_md.Tpo -c -o do_md.o do_md.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT base64.o -MD -MP -MF .deps/base64.Tpo -c -o base64.o base64.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT symboltable.o -MD -MP -MF .deps/symboltable.Tpo -c -o symboltable.o symboltable.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT compare_db.o -MD -MP -MF .deps/compare_db.Tpo -c -o compare_db.o compare_db.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT be.o -MD -MP -MF .deps/be.Tpo -c -o be.o be.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT util.o -MD -MP -MF .deps/util.Tpo -c -o util.o util.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT snprintf.o -MD -MP -MF .deps/snprintf.Tpo -c -o snprintf.o snprintf.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT fopen.o -MD -MP -MF .deps/fopen.Tpo -c -o fopen.o fopen.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT aide.o -MD -MP -MF .deps/aide.Tpo -c -o aide.o aide.c sparc-unknown-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I../include -O2 -mcpu=ultrasparc -pipe -O2 -mcpu=ultrasparc -pipe -MT db_lex2.o -MD -MP -MF .deps/db_lex2.Tpo -c -o db_lex2.o db_lex2.c mv -f .deps/db_sql.Tpo .deps/db_sql.Po mv -f .deps/getopt.Tpo .deps/getopt.Po mv -f .deps/getopt1.Tpo .deps/getopt1.Po db_file.c:34:23: error: conf_yacc.h: No such file or directory db_disk.c:41:23: error: conf_yacc.h: No such file or directory mv -f .deps/fopen.Tpo .deps/fopen.Po mv -f .deps/snprintf.Tpo .deps/snprintf.Po make[2]: *** [db_disk.o] Error 1 make[2]: *** Waiting for unfinished jobs.... mv -f .deps/gnu_regex.Tpo .deps/gnu_regex.Po db_file.c: In function 'db_file_read_spec': db_file.c:198: error: 'TNEWLINE' undeclared (first use in this function) db_file.c:198: error: (Each undeclared identifier is reported only once db_file.c:198: error: for each function it appears in.) db_file.c:201: error: 'TID' undeclared (first use in this function) mv -f .deps/list.Tpo .deps/list.Po db_file.c:254: error: 'TDBSPEC' undeclared (first use in this function) commandconf.c: In function 'handle_endif': commandconf.c:608: error: 'TIFDEF' undeclared (first use in this function) commandconf.c:608: error: (Each undeclared identifier is reported only once commandconf.c:608: error: for each function it appears in.) commandconf.c:612: error: 'TIFNDEF' undeclared (first use in this function) commandconf.c:616: error: 'TENDIF' undeclared (first use in this function) commandconf.c:621: error: 'TIFHOST' undeclared (first use in this function) commandconf.c:626: error: 'TIFNHOST' undeclared (first use in this function) commandconf.c:631: error: 'TELSE' undeclared (first use in this function) db_file.c: In function 'db_readline_file': db_file.c:350: error: 'TDBSPEC' undeclared (first use in this function) db_file.c:353: error: 'TUNKNOWN' undeclared (first use in this function) db_file.c:357: error: 'TBEGIN_DB' undeclared (first use in this function) db_file.c:363: error: 'TNEWLINE' undeclared (first use in this function) db_file.c:369: error: 'TEOF' undeclared (first use in this function) db_file.c:373: error: 'TGZIPHEADER' undeclared (first use in this function) db_file.c:465: error: 'TNAME' undeclared (first use in this function) db_file.c:472: error: 'TID' undeclared (first use in this function) db_file.c:507: error: 'TEND_DB' undeclared (first use in this function) db_file.c:510: error: 'TSTRING' undeclared (first use in this function) db_file.c:546: error: 'TEND_DBNOMD' undeclared (first use in this function) db_file.c:570: error: 'TERROR' undeclared (first use in this function) mv -f .deps/symboltable.Tpo .deps/symboltable.Po make[2]: *** [commandconf.o] Error 1 make[2]: *** [db_file.o] Error 1 alpha/x86 stable
Re-adding x86 back, it needs sys-process/audit stable. Is this fine?
(In reply to comment #8) > Re-adding x86 back, it needs sys-process/audit stable. Is this fine? I just talked to robbat2 about this. audit-1.5* is no good anymore and 1.6 cannot go stable yet because it depends on >=sys-kernel/linux-headers-2.6.22-r2. His proposal is to move* the current aide-0.13.1 ebuild to -r1, remove USE=audit from -r0 and stable that one on x86. Matsuu, what do you think? * I guess since you're only moving it, it's ok not to drop already stable keywords.
I removed audit USE flag from -r0. (In reply to comment #7) > I get on sparc: >(snip) > db_file.c:34:23: error: conf_yacc.h: No such file or directory > db_disk.c:41:23: error: conf_yacc.h: No such file or directory > db_file.c: In function 'db_file_read_spec': > db_file.c:198: error: 'TNEWLINE' undeclared (first use in this function) I think its parallel make issue. Added -j1 to -r0. please retry.
With '-j1', it builds, tests, and installs as expected for me. Sparc done.
x86 stable
ppc stable
amd64 stable
Time for glsa decision. I vote NO.
I vote no.
clsing without glsa then.
(In reply to comment #17) > closing without glsa then. failed :/ this thime closing for good.
