Skip to navigation

Bug Fix Advisory aide bug fix update

Advisory: RHBA-2012:1119-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2013-01-07
Last updated on: 2013-01-07
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

Updated aide packages that fix three bugs are now available for Red Hat
Enterprise Linux 5.

Advanced Intrusion Detection Environment (AIDE) is a program that creates a
database of files on a system, and then uses that database to ensure file
integrity and detect system intrusions.

This update fixes the following bugs:

* The help output of the aide executable did not mention the "-D" option which
is a shortcut for "--config-check". The option could only be found on the
aide(1) man page. With this update, the "-D" option is mentioned in both the
help output and on the man page. (BZ#547658)

* Previously, the aide utility incorrectly initialized the gcrypt library. This
consequently prevented aide to initialize its database if the system was running
in FIPS-compliant mode. The initialization routine has been corrected, and along
with an extension to the libgcrypt's API introduced in the RHEA-2012:0484
advisory, aide now initializes its database as expected if run in a
FIPS-compliant way. (BZ#553137)

* The compare_dbline() function returned an "int" value, even though the
function can operate with variables of size larger than "int" (for example,
DB_SELINUX, DB_XATTRS or DB_WHIRPOOL). As a consequence, aide could produce
incorrect results when checking a database for inconsistencies. The underlying
source code has been modified so that the compare_dbline() function now returns
an "unsigned long long" value, and aide correctly detects and reports database
inconsistencies. (BZ#580253)

All users of aide are advised to upgrade to these updated packages, which fix
these bugs.


Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
aide-0.13.1-8.el5.src.rpm     MD5: 3027bd3abb0248d34369fb841c8f3218
SHA-256: 0b392cb40522f6b9f3baf374f309a590456aceb11b2e2dfadaa61b6515242966
 
IA-32:
aide-0.13.1-8.el5.i386.rpm     MD5: cc0f6c2b721692ef651ebb523215036f
SHA-256: 8e6e537f39e890b2696548835c77f35e8abb8d6dcfda2eda6fcf33d29ae321a8
aide-debuginfo-0.13.1-8.el5.i386.rpm     MD5: a945f931d413ca088441eb4815c4fc16
SHA-256: 01036286a1d88b044efa8bed79ebfc1ea6218ba4fbe7526bbf867d8bb5cedc81
 
IA-64:
aide-0.13.1-8.el5.ia64.rpm     MD5: 7681f1ef74428842036382b2c00da175
SHA-256: 1e793bff258c62607875b27e7d2e1d0986a54c31814b95a3e67475b325198dcc
aide-debuginfo-0.13.1-8.el5.ia64.rpm     MD5: d554d539e1524e2d931d4e64a6e1ba9f
SHA-256: 7eddf82aab3b2ffa322220a028fb7f97ec91cb28fd89f4653195b21147848c31
 
PPC:
aide-0.13.1-8.el5.ppc.rpm     MD5: 9b8bf8e3232a45bfcdaed05956310662
SHA-256: fcfa8f4f410ce59e70e13e8ede53f4018d23d05186ec3ca2e1d4046bb4e8a259
aide-debuginfo-0.13.1-8.el5.ppc.rpm     MD5: 3be02f30dbd6615da7f858e8e7ed48dc
SHA-256: 553315e5c26711befba42ed2e9e773465ac3d08715b97609b0029ef59526c1bf
 
s390x:
aide-0.13.1-8.el5.s390x.rpm     MD5: 16c37e513660f30704536f3477924b46
SHA-256: 4c330e14f049641eae713723fcfd708c52d46d5e99bd8952f4b0367a065068bf
aide-debuginfo-0.13.1-8.el5.s390x.rpm     MD5: 9f80c3e0cca85db9f28c347978cf19bc
SHA-256: 5ac5c9a3c632a64ab85220efa35376985bc30cb79f61d513162f7294f7e01fac
 
x86_64:
aide-0.13.1-8.el5.x86_64.rpm     MD5: 865c5ffb858d74e462737296bf7c002c
SHA-256: 36feb69cb35cce1c3c468fba7aff9896086130055aeec13d0bc85c9474be4299
aide-debuginfo-0.13.1-8.el5.x86_64.rpm     MD5: 76ac425c72cb5f924a84a7c061606d64
SHA-256: 138700cf3332c36c1d1294c80eabb312170be236e00263ea3e4471f97f47f201
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
aide-0.13.1-8.el5.src.rpm     MD5: 3027bd3abb0248d34369fb841c8f3218
SHA-256: 0b392cb40522f6b9f3baf374f309a590456aceb11b2e2dfadaa61b6515242966
 
IA-32:
aide-0.13.1-8.el5.i386.rpm     MD5: cc0f6c2b721692ef651ebb523215036f
SHA-256: 8e6e537f39e890b2696548835c77f35e8abb8d6dcfda2eda6fcf33d29ae321a8
aide-debuginfo-0.13.1-8.el5.i386.rpm     MD5: a945f931d413ca088441eb4815c4fc16
SHA-256: 01036286a1d88b044efa8bed79ebfc1ea6218ba4fbe7526bbf867d8bb5cedc81
 
x86_64:
aide-0.13.1-8.el5.x86_64.rpm     MD5: 865c5ffb858d74e462737296bf7c002c
SHA-256: 36feb69cb35cce1c3c468fba7aff9896086130055aeec13d0bc85c9474be4299
aide-debuginfo-0.13.1-8.el5.x86_64.rpm     MD5: 76ac425c72cb5f924a84a7c061606d64
SHA-256: 138700cf3332c36c1d1294c80eabb312170be236e00263ea3e4471f97f47f201
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

547658 - aide executable doesn't mention -D option in "aide --help" usage page
553137 - Aide doesn't initialize its database when FIPS is enabled
580253 - AIDE compare_dbline function returns int



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/