rpms/setroubleshoot-plugins/F-11 setroubleshoot-plugins-2.0.18-global_ssp.patch, NONE, 1.1 setroubleshoot-plugins.spec, 1.23, 1.24
Daniel J Walsh
dwalsh at fedoraproject.org
Sun Jul 19 11:13:21 UTC 2009
- Previous message (by thread): rpms/setroubleshoot-plugins/devel .cvsignore, 1.27, 1.28 setroubleshoot-plugins.spec, 1.31, 1.32 sources, 1.28, 1.29
- Next message (by thread): rpms/html-xml-utils/F-10 html-xml-utils.spec, 1.5, 1.6 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/setroubleshoot-plugins/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9273
Modified Files:
setroubleshoot-plugins.spec
Added Files:
setroubleshoot-plugins-2.0.18-global_ssp.patch
Log Message:
* Sun Jun 19 2009 <dwalsh at redhat.com> - 2.0.18-2
- Fix global_ssp to report correct boolean name
setroubleshoot-plugins-2.0.18-global_ssp.patch:
global_ssp.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- NEW FILE setroubleshoot-plugins-2.0.18-global_ssp.patch ---
diff -up setroubleshoot-plugins-2.0.18/src/global_ssp.py~ setroubleshoot-plugins-2.0.18/src/global_ssp.py
--- setroubleshoot-plugins-2.0.18/src/global_ssp.py~ 2009-07-19 07:09:13.000000000 -0400
+++ setroubleshoot-plugins-2.0.18/src/global_ssp.py 2009-07-19 07:09:39.000000000 -0400
@@ -35,8 +35,8 @@ class plugin(Plugin):
are situations where all applications require the access (for example,
when ProPolice/SSP stack smashing protection is used). Allowing this
access may allow malicious applications to drain the kernel entropy
- pool. This can compromising the ability of some software that is
- dependent on high quality random number (e.g., ssh-keygen) to operate
+ pool. This can compromise the ability of some software that is
+ dependent on high quality random numbers (e.g., ssh-keygen) to operate
effectively. The risk of this type of attack is relatively low.
''')
@@ -54,6 +54,7 @@ class plugin(Plugin):
avc.all_accesses_are_in(avc.r_file_perms) and \
avc.has_tclass_in(['chr_file']):
# MATCH
+ avc.set_template_substitutions(BOOLEAN="global_ssp")
return self.report(avc, None,
self.summary, self.problem_description,
self.fix_description, self.fix_cmd)
Index: setroubleshoot-plugins.spec
===================================================================
RCS file: /cvs/extras/rpms/setroubleshoot-plugins/F-11/setroubleshoot-plugins.spec,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -p -r1.23 -r1.24
--- setroubleshoot-plugins.spec 5 Jun 2009 15:10:17 -0000 1.23
+++ setroubleshoot-plugins.spec 19 Jul 2009 11:13:20 -0000 1.24
@@ -1,11 +1,12 @@
Summary: Analysis plugins for use with setroubleshoot
Name: setroubleshoot-plugins
Version: 2.0.18
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: Applications/System
URL: https://fedorahosted.org/setroubleshoot
Source0: %{name}-%{version}.tar.gz
+Patch: setroubleshoot-plugins-2.0.18-global_ssp.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
@@ -25,6 +26,7 @@ to interpret SELinux AVC denials.
%prep
%setup -q
+%patch -p1 -b .global_ssp
%build
%configure
@@ -52,6 +54,9 @@ rm -rf %{buildroot}
%{_datadir}/setroubleshoot/plugins
%changelog
+* Sun Jun 19 2009 <dwalsh at redhat.com> - 2.0.18-2
+- Fix global_ssp to report correct boolean name
+
* Fri Jun 5 2009 <dwalsh at redhat.com> - 2.0.18-1
- Execute catchall_boolean.py before allow_daemons_use_tty
- Fix chcon lines to match current policy
- Previous message (by thread): rpms/setroubleshoot-plugins/devel .cvsignore, 1.27, 1.28 setroubleshoot-plugins.spec, 1.31, 1.32 sources, 1.28, 1.29
- Next message (by thread): rpms/html-xml-utils/F-10 html-xml-utils.spec, 1.5, 1.6 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list