aide bug fix update
| Advisory: | RHBA-2012:1119-1 |
|---|---|
| Type: | Bug Fix Advisory |
| Severity: | N/A |
| Issued on: | 2013-01-07 |
| Last updated on: | 2013-01-07 |
| Affected Products: | Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) |
Details
Updated aide packages that fix three bugs are now available for Red Hat
Enterprise Linux 5.
Advanced Intrusion Detection Environment (AIDE) is a program that creates a
database of files on a system, and then uses that database to ensure file
integrity and detect system intrusions.
This update fixes the following bugs:
* The help output of the aide executable did not mention the "-D" option which
is a shortcut for "--config-check". The option could only be found on the
aide(1) man page. With this update, the "-D" option is mentioned in both the
help output and on the man page. (BZ#547658)
* Previously, the aide utility incorrectly initialized the gcrypt library. This
consequently prevented aide to initialize its database if the system was running
in FIPS-compliant mode. The initialization routine has been corrected, and along
with an extension to the libgcrypt's API introduced in the RHEA-2012:0484
advisory, aide now initializes its database as expected if run in a
FIPS-compliant way. (BZ#553137)
* The compare_dbline() function returned an "int" value, even though the
function can operate with variables of size larger than "int" (for example,
DB_SELINUX, DB_XATTRS or DB_WHIRPOOL). As a consequence, aide could produce
incorrect results when checking a database for inconsistencies. The underlying
source code has been modified so that the compare_dbline() function now returns
an "unsigned long long" value, and aide correctly detects and reports database
inconsistencies. (BZ#580253)
All users of aide are advised to upgrade to these updated packages, which fix
these bugs.
Solution
relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
Updated packages
| Red Hat Enterprise Linux (v. 5 server) | |
| SRPMS: | |
| aide-0.13.1-8.el5.src.rpm | MD5: 3027bd3abb0248d34369fb841c8f3218 SHA-256: 0b392cb40522f6b9f3baf374f309a590456aceb11b2e2dfadaa61b6515242966 |
| IA-32: | |
| aide-0.13.1-8.el5.i386.rpm | MD5: cc0f6c2b721692ef651ebb523215036f SHA-256: 8e6e537f39e890b2696548835c77f35e8abb8d6dcfda2eda6fcf33d29ae321a8 |
| aide-debuginfo-0.13.1-8.el5.i386.rpm | MD5: a945f931d413ca088441eb4815c4fc16 SHA-256: 01036286a1d88b044efa8bed79ebfc1ea6218ba4fbe7526bbf867d8bb5cedc81 |
| IA-64: | |
| aide-0.13.1-8.el5.ia64.rpm | MD5: 7681f1ef74428842036382b2c00da175 SHA-256: 1e793bff258c62607875b27e7d2e1d0986a54c31814b95a3e67475b325198dcc |
| aide-debuginfo-0.13.1-8.el5.ia64.rpm | MD5: d554d539e1524e2d931d4e64a6e1ba9f SHA-256: 7eddf82aab3b2ffa322220a028fb7f97ec91cb28fd89f4653195b21147848c31 |
| PPC: | |
| aide-0.13.1-8.el5.ppc.rpm | MD5: 9b8bf8e3232a45bfcdaed05956310662 SHA-256: fcfa8f4f410ce59e70e13e8ede53f4018d23d05186ec3ca2e1d4046bb4e8a259 |
| aide-debuginfo-0.13.1-8.el5.ppc.rpm | MD5: 3be02f30dbd6615da7f858e8e7ed48dc SHA-256: 553315e5c26711befba42ed2e9e773465ac3d08715b97609b0029ef59526c1bf |
| s390x: | |
| aide-0.13.1-8.el5.s390x.rpm | MD5: 16c37e513660f30704536f3477924b46 SHA-256: 4c330e14f049641eae713723fcfd708c52d46d5e99bd8952f4b0367a065068bf |
| aide-debuginfo-0.13.1-8.el5.s390x.rpm | MD5: 9f80c3e0cca85db9f28c347978cf19bc SHA-256: 5ac5c9a3c632a64ab85220efa35376985bc30cb79f61d513162f7294f7e01fac |
| x86_64: | |
| aide-0.13.1-8.el5.x86_64.rpm | MD5: 865c5ffb858d74e462737296bf7c002c SHA-256: 36feb69cb35cce1c3c468fba7aff9896086130055aeec13d0bc85c9474be4299 |
| aide-debuginfo-0.13.1-8.el5.x86_64.rpm | MD5: 76ac425c72cb5f924a84a7c061606d64 SHA-256: 138700cf3332c36c1d1294c80eabb312170be236e00263ea3e4471f97f47f201 |
| Red Hat Enterprise Linux Desktop (v. 5 client) | |
| SRPMS: | |
| aide-0.13.1-8.el5.src.rpm | MD5: 3027bd3abb0248d34369fb841c8f3218 SHA-256: 0b392cb40522f6b9f3baf374f309a590456aceb11b2e2dfadaa61b6515242966 |
| IA-32: | |
| aide-0.13.1-8.el5.i386.rpm | MD5: cc0f6c2b721692ef651ebb523215036f SHA-256: 8e6e537f39e890b2696548835c77f35e8abb8d6dcfda2eda6fcf33d29ae321a8 |
| aide-debuginfo-0.13.1-8.el5.i386.rpm | MD5: a945f931d413ca088441eb4815c4fc16 SHA-256: 01036286a1d88b044efa8bed79ebfc1ea6218ba4fbe7526bbf867d8bb5cedc81 |
| x86_64: | |
| aide-0.13.1-8.el5.x86_64.rpm | MD5: 865c5ffb858d74e462737296bf7c002c SHA-256: 36feb69cb35cce1c3c468fba7aff9896086130055aeec13d0bc85c9474be4299 |
| aide-debuginfo-0.13.1-8.el5.x86_64.rpm | MD5: 76ac425c72cb5f924a84a7c061606d64 SHA-256: 138700cf3332c36c1d1294c80eabb312170be236e00263ea3e4471f97f47f201 |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
547658 - aide executable doesn't mention -D option in "aide --help" usage page
553137 - Aide doesn't initialize its database when FIPS is enabled
580253 - AIDE compare_dbline function returns int
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
