[Fedora Release Engineering] #819: update audit package for beta1 to 1.7.7

Fedora Release Engineering rel-eng at fedoraproject.org
Thu Sep 18 19:05:57 UTC 2008

#819: update audit package for beta1 to 1.7.7
 Reporter:  sgrubb at redhat.com  |       Owner:  rel-eng at lists.fedoraproject.org
     Type:  task               |      Status:  new                            
Milestone:  Fedora 10 Beta     |   Component:  koji                           
 Keywords:                     |  
 * Rationale for why the change is important enough to be allowed in after
 the feature freeze.

 The audit 1.7.6 package has 3 important fixes. 1) tcp_wrappers code had a
 typo in the define that caused it to not be compiled in for remote audit
 servers. 2) gssapi was not filtering the principals and might be usable in
 tmp file attack 3) and remote logging did not work on 64 bit machines

     * Impact of *not* accepting the feature at this point of the schedule.

 Might get bug reports of things fixed and no testing of remote logging on
 64 bit systems. Not to mention the security aspect for anyone doing remote

     * Information on what testing you've already done on the feature to
 help reduce the risk.

 I spent last 2 days working on it and testing until remote logging was
 verified working. gssapi code has been through 2 code reviews to make sure
 its up to par now.

Ticket URL: <https://fedorahosted.org/rel-eng/ticket/819>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project

More information about the rel-eng mailing list