Issued:

2009-05-27

Updated:

2009-09-02

RHEA-2009:1073 - aide enhancement update

Synopsis

aide enhancement update

Type/Severity

Product Enhancement Advisory (none)

Topic

An enhanced aide package that contains minor adjustments to the aide.conf configuration file to offer improved initial behavior is now available.

Description

Advanced Intrusion Detection Environment (AIDE) is a program that creates a database of files on a system, and then uses that database to ensure file integrity and detect system intrusions.

This updated aide package adds the following enhancement:

• the /var/run/utmp configuration file is now correctly treated as a log file, and the hidden files (also known as "dot files") located in the root user's home directory are now checked for permission integrity only. These enhancements to AIDE should cause systems to produce fewer false alarms concerning files which have changed. (BZ#476542)

Users of aide are advised to upgrade to this updated package, which adds this enhancement.

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Updated Packages

• aide-0.13.1-4.el5.src.rpm
• aide-0.13.1-4.el5.s390x.rpm
• aide-0.13.1-4.el5.ia64.rpm
• aide-0.13.1-4.el5.x86_64.rpm
• aide-0.13.1-4.el5.i386.rpm
• aide-0.13.1-4.el5.ppc.rpm

Fixes

• This content is not included.BZ - 476542

CVEs

(none)

References

(none)

Additional information

• The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
• Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.