Enhancement Advisory aide enhancement update

Advisory: RHEA-2009:1073-2
Type: Product Enhancement Advisory
Severity: N/A
Issued on: 2009-05-27
Last updated on: 2009-09-02
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
OVAL: N/A

Details

An enhanced aide package that contains minor adjustments to the aide.conf
configuration file to offer improved initial behavior is now available.

Advanced Intrusion Detection Environment (AIDE) is a program that creates a
database of files on a system, and then uses that database to ensure file
integrity and detect system intrusions.

This updated aide package adds the following enhancement:

* the /var/run/utmp configuration file is now correctly treated as a log
file, and the hidden files (also known as "dot files") located in the root
user's home directory are now checked for permission integrity only. These
enhancements to AIDE should cause systems to produce fewer false alarms
concerning files which have changed. (BZ#476542)

Users of aide are advised to upgrade to this updated package, which adds
this enhancement.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)
SRPMS:
aide-0.13.1-4.el5.src.rpm     40b826a20332cc5e3542df0643eb1c1b
 
IA-32:
aide-0.13.1-4.el5.i386.rpm     b18e1a9fe5bdf2f7a7f545989a3d1f0d
 
IA-64:
aide-0.13.1-4.el5.ia64.rpm     3cddfd57e9ac49b67ead257a26fcc13f
 
PPC:
aide-0.13.1-4.el5.ppc.rpm     9e8a97023bb5c3c51482743d0a549459
 
s390x:
aide-0.13.1-4.el5.s390x.rpm     22d17a88ee85962271760584d09f03ec
 
x86_64:
aide-0.13.1-4.el5.x86_64.rpm     0f7a1b87880374fcff31ddcfbb6dcb63
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
aide-0.13.1-4.el5.src.rpm     40b826a20332cc5e3542df0643eb1c1b
 
IA-32:
aide-0.13.1-4.el5.i386.rpm     b18e1a9fe5bdf2f7a7f545989a3d1f0d
 
x86_64:
aide-0.13.1-4.el5.x86_64.rpm     0f7a1b87880374fcff31ddcfbb6dcb63
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

476542 - aide.conf file enhancement for RHEL5.4


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/