Hi Steve, nice to hear from you. I have some questions for you, if you don't mind.
1. Are you referred to as a Release Engineer? 2. What specifically is rawhide in the context of this email message? 3. Is Audit-3.0 going to be the standard for Red Hat 8 variants? Thank you for your time, -------------------------- Warron French On Fri, Mar 1, 2019 at 4:34 PM Steve Grubb <[email protected]> wrote: > Hello, > > I've just released a new version of the audit daemon. It can be > downloaded from http://people.redhat.com/sgrubb/audit. It will also be > in rawhide soon. The ChangeLog is: > > - Fix segfault on shutdown > - Fix hang on startup (#1587995) > - Add sleep to script to dump state so file is ready when needed > - Add auparse_normalizer support for SOFTWARE_UPDATE event > - Mark netlabel events as simple events so that get processed quicker > - When audispd is reconfiguring, only SIGHUP plugins with valid pid > (#1614833) > - Add 30-ospp-v42.rules to meet new Common Criteria requirements > - Update lookup tables for the 4.18 kernel > - In aureport, fix segfault in file report > - Add auparse_normalizer support for labeled networking events > - Fix memory leak in audisp-remote plugin when using krb5 transport. > (#1622194) > - Event aging is off by a second > - In ausearch/auparse, correct event ordering to process oldest first > - auparse_reset was not clearing everything it should > - Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events > - In ausearch/report, lightly parse selinux portion of USER_AVC events > - In ausearch/report, limit record size when malformed > - In auditd, fix extract_type function for network originating events > - In auditd, calculate right size and location for network originating > events > - Treat all network originating events as VER2 so dispatcher doesn't > format > it > - In audisp-remote do an initial connection attempt (#1625156) > - In auditd, allow expression of space left as a percentage (#1650670) > - On PPC64LE systems, only allow 64 bit rules (#1462178) > - Make some parts of auditd state report optional based on config > - Fix ausearch when checkpointing a single file (Burn Alting) > - Fix scripting in 31-privileged.rules wrt filecap (#1662516) > - In ausearch, do not checkpt if stdin is input source > - In libev, remove __cold__ attribute for functions to allow proper > hardening > - Add tests to configure.ac for openldap support > - Make systemd support files use /run rather than /var/run (Christian > Hesse) > - Fix minor memory leak in auditd kerberos credentials code > - Fix auditd regression where keep_logs is limited by rotate_logs 2 file > test > - In ausearch/report fix --end to use midnight time instead of now > (#1671338) > > This is a big update to the maintenance branch of the audit package. All > of > the fixes included here are cherry picked fixes from the audit-3.0 > development > branch. This might be the last release for the 2.8 code base. We'll just > have > to see. > > Work on the audit-3.0 release is waiting for the audit container work to > land > and then should be released soon thereafter. (Just in case people were > wonder > what is holding up an official audit-3.0 release.) > > SHA256: 0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7 > > Please let me know if you run across any problems with this release. > > -Steve > > > -- > Linux-audit mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/linux-audit >
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
