- Issued:
- 2009-05-07
- Updated:
- 2009-05-07
RHBA-2009:0475 - audit bug fix and enhancement update
Synopsis
audit bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Topic
Updated audit packages that fix a bug and add an enhancement are now available.
Description
The audit packages contain user-space utilities for storing and searching the audit records generated by the audit subsystem in the Linux 2.6 kernel.
These updated audit packages fix the following bug:
- ausearch was unable to interpret tty audit records. tty records are specially-encoded, and the ausearch program could not decode them, which resulted in their being displayed in encoded form. These updated packages enable ausearch to interpret (i.e. decode correctly) TTY records, thus resolving the issue. (BZ#497518)
In addition, these updated audit packages provide the following enhancement:
- The aureport program was enhanced to add a '--tty' report option. This is a new report that was recently added to audit in order to aid in the review of TTY audit events. (BZ#497518)
Users are advised to upgrade to these updated audit packages, which resolve this issue and add this enhancement.
Solution
Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for x86_64 - Extended Update Support | 5.3 | x86_64 |
| Red Hat Enterprise Linux for x86_64 - Extended Update Support | 5.3 | ia64 |
| Red Hat Enterprise Linux for x86_64 - Extended Update Support | 5.3 | i386 |
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for Power, big endian - Extended Update Support | 5.3 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux for IBM z Systems - Extended Update Support | 5.3 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Server - AUS | 5.3 | x86_64 |
| Red Hat Enterprise Linux Server - AUS | 5.3 | ia64 |
| Red Hat Enterprise Linux Server - AUS | 5.3 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- audit-libs-devel-1.7.7-6.el5_3.3.i386.rpm
- audit-1.7.7-6.el5_3.3.src.rpm
- audit-libs-1.7.7-6.el5_3.3.x86_64.rpm
- audispd-plugins-1.7.7-6.el5_3.3.i386.rpm
- audit-libs-devel-1.7.7-6.el5_3.3.ia64.rpm
- audit-libs-python-1.7.7-6.el5_3.3.i386.rpm
- audit-1.7.7-6.el5_3.3.x86_64.rpm
- audit-libs-python-1.7.7-6.el5_3.3.x86_64.rpm
- audit-libs-1.7.7-6.el5_3.3.ia64.rpm
- audit-libs-python-1.7.7-6.el5_3.3.ppc.rpm
- audit-1.7.7-6.el5_3.3.ppc.rpm
- audit-libs-devel-1.7.7-6.el5_3.3.s390x.rpm
- audit-1.7.7-6.el5_3.3.ia64.rpm
- system-config-audit-0.4.8-7.el5_3.3.ppc.rpm
- audit-libs-python-1.7.7-6.el5_3.3.s390x.rpm
- audit-libs-devel-1.7.7-6.el5_3.3.s390.rpm
- audispd-plugins-1.7.7-6.el5_3.3.s390x.rpm
- audit-libs-1.7.7-6.el5_3.3.ppc.rpm
- audit-libs-devel-1.7.7-6.el5_3.3.ppc64.rpm
- audispd-plugins-1.7.7-6.el5_3.3.ppc.rpm
- audispd-plugins-1.7.7-6.el5_3.3.x86_64.rpm
- audit-1.7.7-6.el5_3.3.s390x.rpm
- audit-libs-1.7.7-6.el5_3.3.ppc64.rpm
- audit-libs-devel-1.7.7-6.el5_3.3.x86_64.rpm
- audispd-plugins-1.7.7-6.el5_3.3.ia64.rpm
- audit-libs-python-1.7.7-6.el5_3.3.ia64.rpm
- system-config-audit-0.4.8-7.el5_3.3.i386.rpm
- audit-libs-1.7.7-6.el5_3.3.s390x.rpm
- audit-1.7.7-6.el5_3.3.i386.rpm
- audit-libs-1.7.7-6.el5_3.3.s390.rpm
- audit-libs-1.7.7-6.el5_3.3.i386.rpm
- system-config-audit-0.4.8-7.el5_3.3.s390x.rpm
- audit-libs-devel-1.7.7-6.el5_3.3.ppc.rpm
- system-config-audit-0.4.8-7.el5_3.3.x86_64.rpm
- system-config-audit-0.4.8-7.el5_3.3.ia64.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.