- Issued:
- 2007-06-11
- Updated:
- 2007-06-11
RHBA-2007:0459 - Bug Fix Advisory
Synopsis
laus bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated laus packages that fix several bugs are now available.
Description
The laus package contains the user-space utilities for storing and
searching the audit records generate by the audit subsystem.
An appropriately privileged user (CAP_SYS_ADMIN) could perform various
control actions on the audit system with an ioctl() on /dev/audit. One of
these was the ability to detach a process from the audit system. Such
control events were not audited.
Further, audbin failed with EFBIG if it attempted to open a file that was
2GB or greater in size.
Users are advised to upgrade to these updated packages, which resolve
these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
Affected Products
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux Desktop 3 x86_64
- Red Hat Enterprise Linux Desktop 3 i386
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 3 ppc
Fixes
- BZ - 213693 - audbin can't concatenate to a >= 2GB (2GiB, really) file
- BZ - 231914 - Laus doesn't audit detach event
CVEs
(none)
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.