- Issued:
- 2013-01-07
- Updated:
- 2013-01-07
RHBA-2012:1119 - aide bug fix update
Synopsis
aide bug fix update
Type/Severity
Bug Fix Advisory (none)
Topic
Updated aide packages that fix three bugs are now available for Red Hat Enterprise Linux 5.
Description
Advanced Intrusion Detection Environment (AIDE) is a program that creates a database of files on a system, and then uses that database to ensure file integrity and detect system intrusions.
This update fixes the following bugs:
-
The help output of the aide executable did not mention the "-D" option which is a shortcut for "--config-check". The option could only be found on the aide(1) man page. With this update, the "-D" option is mentioned in both the help output and on the man page. (BZ#547658)
-
Previously, the aide utility incorrectly initialized the gcrypt library. This consequently prevented aide to initialize its database if the system was running in FIPS-compliant mode. The initialization routine has been corrected, and along with an extension to the libgcrypt's API introduced in the RHEA-2012:0484 advisory, aide now initializes its database as expected if run in a FIPS-compliant way. (BZ#553137)
-
The compare_dbline() function returned an "int" value, even though the function can operate with variables of size larger than "int" (for example, DB_SELINUX, DB_XATTRS or DB_WHIRPOOL). As a consequence, aide could produce incorrect results when checking a database for inconsistencies. The underlying source code has been modified so that the compare_dbline() function now returns an "unsigned long long" value, and aide correctly detects and reports database inconsistencies. (BZ#580253)
All users of aide are advised to upgrade to these updated packages, which fix these bugs.
Solution
Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- aide-debuginfo-0.13.1-8.el5.ppc.rpm
- aide-0.13.1-8.el5.src.rpm
- aide-debuginfo-0.13.1-8.el5.ia64.rpm
- aide-debuginfo-0.13.1-8.el5.s390x.rpm
- aide-0.13.1-8.el5.s390x.rpm
- aide-0.13.1-8.el5.x86_64.rpm
- aide-debuginfo-0.13.1-8.el5.i386.rpm
- aide-0.13.1-8.el5.i386.rpm
- aide-0.13.1-8.el5.ppc.rpm
- aide-0.13.1-8.el5.ia64.rpm
- aide-debuginfo-0.13.1-8.el5.x86_64.rpm
Fixes
- This content is not included.BZ - 547658
- This content is not included.BZ - 553137
- This content is not included.BZ - 580253
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.