diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2015-07-08 09:20:58 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-07-08 09:40:03 +0000 |
| commit | 822733ab307401a52d34dc491a0356e6a279d3a2 (patch) | |
| tree | 87923ac4e5dd1cd3151b16b618aa3612b110a210 | |
| parent | fd210c1dcd02231a4afb6921430389eb4baf0d94 (diff) | |
| download | alpine_aports-822733ab307401a52d34dc491a0356e6a279d3a2.tar.bz2 alpine_aports-822733ab307401a52d34dc491a0356e6a279d3a2.tar.xz alpine_aports-822733ab307401a52d34dc491a0356e6a279d3a2.zip | |
main/rsyslog: fix default permissions (CVE-2015-3243)
ref #4406
(cherry picked from commit 3cb5210cdac46fb8805d4028df16f5889f393a09)
| -rw-r--r-- | main/rsyslog/APKBUILD | 8 | ||||
| -rw-r--r-- | main/rsyslog/rsyslog.conf | 7 |
2 files changed, 11 insertions, 4 deletions
diff --git a/main/rsyslog/APKBUILD b/main/rsyslog/APKBUILD index d336a6864d..e934e30cd2 100644 --- a/main/rsyslog/APKBUILD +++ b/main/rsyslog/APKBUILD | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | # Contributor: cbanta@gmail.com | 3 | # Contributor: cbanta@gmail.com |
| 4 | pkgname=rsyslog | 4 | pkgname=rsyslog |
| 5 | pkgver=8.9.0 | 5 | pkgver=8.9.0 |
| 6 | pkgrel=1 | 6 | pkgrel=2 |
| 7 | pkgdesc="Enhanced multi-threaded syslogd with database support and more." | 7 | pkgdesc="Enhanced multi-threaded syslogd with database support and more." |
| 8 | url="http://www.rsyslog.com/" | 8 | url="http://www.rsyslog.com/" |
| 9 | arch="all" | 9 | arch="all" |
| @@ -100,20 +100,20 @@ md5sums="b9e10a3ea9d52b4fa9bbbf540d313970 rsyslog-8.9.0.tar.gz | |||
| 100 | 67b8afd572b4103b39b54a729b880b53 rsyslog.initd | 100 | 67b8afd572b4103b39b54a729b880b53 rsyslog.initd |
| 101 | 0a0aef98f677364e6178c34274df7723 rsyslog.confd | 101 | 0a0aef98f677364e6178c34274df7723 rsyslog.confd |
| 102 | bc43debc9ffdf66bc1409025fd3d1176 rsyslog.logrotate | 102 | bc43debc9ffdf66bc1409025fd3d1176 rsyslog.logrotate |
| 103 | 65fbf5a7a81a53a70974e3085e96cb41 rsyslog.conf | 103 | ea6f8af41d13c4278bb7788e715f2372 rsyslog.conf |
| 104 | 05a0995f5cbe241720aaf6b149860286 musl-fix.patch | 104 | 05a0995f5cbe241720aaf6b149860286 musl-fix.patch |
| 105 | aafafdf4502f5e4de5fcfebd21499700 gnutls-3.4.0.patch" | 105 | aafafdf4502f5e4de5fcfebd21499700 gnutls-3.4.0.patch" |
| 106 | sha256sums="eab00e8e758cd9dd33b3e2cf6af80297d1951dc7db37bd723a6488a35d577adc rsyslog-8.9.0.tar.gz | 106 | sha256sums="eab00e8e758cd9dd33b3e2cf6af80297d1951dc7db37bd723a6488a35d577adc rsyslog-8.9.0.tar.gz |
| 107 | 223d4bdb69760ef5a9a044d68434c805cd15e31fa190a86f5f283912d0baf6d6 rsyslog.initd | 107 | 223d4bdb69760ef5a9a044d68434c805cd15e31fa190a86f5f283912d0baf6d6 rsyslog.initd |
| 108 | c476c2180fcceaf581d26d2da6201fbe7a2b9fc89c58456fdb3bdaf18a4cbb56 rsyslog.confd | 108 | c476c2180fcceaf581d26d2da6201fbe7a2b9fc89c58456fdb3bdaf18a4cbb56 rsyslog.confd |
| 109 | f0effc19bd1f1bfa367d65d6516c73509cb34545157b9e91cf6e437685dd3fe5 rsyslog.logrotate | 109 | f0effc19bd1f1bfa367d65d6516c73509cb34545157b9e91cf6e437685dd3fe5 rsyslog.logrotate |
| 110 | 559a8221d2ef9376a77e08de05206f3d2214a81fa88649f5bca2a1207f8918c5 rsyslog.conf | 110 | 05bc12785e418db424d6b29133a2e44c3422953a5bc5850e4881baa5726fdbce rsyslog.conf |
| 111 | feda2d9ca6c788e375116b6c43b6c4ac5debe83dab0efcfc9a47216c9af36599 musl-fix.patch | 111 | feda2d9ca6c788e375116b6c43b6c4ac5debe83dab0efcfc9a47216c9af36599 musl-fix.patch |
| 112 | 540530796fd535889ef1a1741ad06e3a0ab4441247396f89ebb06010ce9c102e gnutls-3.4.0.patch" | 112 | 540530796fd535889ef1a1741ad06e3a0ab4441247396f89ebb06010ce9c102e gnutls-3.4.0.patch" |
| 113 | sha512sums="942cccc2cbe147572cc2d346ac330d80c86915757b2b7a380829f0b40294d7e4afd4887d5066821af1e059cd78cdb38520fc9d28b55daa7afcd0e5b2e6bd9a5d rsyslog-8.9.0.tar.gz | 113 | sha512sums="942cccc2cbe147572cc2d346ac330d80c86915757b2b7a380829f0b40294d7e4afd4887d5066821af1e059cd78cdb38520fc9d28b55daa7afcd0e5b2e6bd9a5d rsyslog-8.9.0.tar.gz |
| 114 | 9a4b184076a82e0899da79ab3749e1c67eac03f36c4460d34ed0385f4a3ffad53681a1cc25dd514e835c9399a9abd01c235743535ad549d5be7f66d9e127b9dc rsyslog.initd | 114 | 9a4b184076a82e0899da79ab3749e1c67eac03f36c4460d34ed0385f4a3ffad53681a1cc25dd514e835c9399a9abd01c235743535ad549d5be7f66d9e127b9dc rsyslog.initd |
| 115 | c216674e6867d655c2c09b6205071591ae2b1611ad5dd0346e682733abafa8a1be261fdd9bb985bb5d05d5bfa708a68262b1a94e654a2c18d352fd02d6f950a3 rsyslog.confd | 115 | c216674e6867d655c2c09b6205071591ae2b1611ad5dd0346e682733abafa8a1be261fdd9bb985bb5d05d5bfa708a68262b1a94e654a2c18d352fd02d6f950a3 rsyslog.confd |
| 116 | d54377ddf39197656811a84272568ea761f984e19dd04fc54f372dd04a9244e66d02b26ab33073d0344d054f031660ec611f3c7a18c266e7b68cef5e2c47f06f rsyslog.logrotate | 116 | d54377ddf39197656811a84272568ea761f984e19dd04fc54f372dd04a9244e66d02b26ab33073d0344d054f031660ec611f3c7a18c266e7b68cef5e2c47f06f rsyslog.logrotate |
| 117 | 032ccce1850bc89fb37b4b23f1607ce73086ff2b057838a1b83e36751ee0412c537fc0c9cbc2c6e8098311e6a04569c7fc7f7dea80111e8c8623b3b0cc3cccd1 rsyslog.conf | 117 | 5163bdd7612c3c407a7d42106ef52ff64f2051afb683d6d7fda26a22591c8cc2e787c1d7baebd563fc48a7ff1fe5b6046952c1d32c28949059ded04b4ecd0bbb rsyslog.conf |
| 118 | d5f16d624b40fcd68f689bb65cfad8f537b35f3d7f9c4453c472b21437964442baf0846b3658a6cdd2e0d44b60085140deffc68cf9e3c460bcc5db40cf142ee1 musl-fix.patch | 118 | d5f16d624b40fcd68f689bb65cfad8f537b35f3d7f9c4453c472b21437964442baf0846b3658a6cdd2e0d44b60085140deffc68cf9e3c460bcc5db40cf142ee1 musl-fix.patch |
| 119 | b0e2fc464c840211acef0da481fed5eb594d5bee62672fbccf379efcf3f88c3acee5efd8c51671508feaf2edacd05426766577c94e733479a90a58f68f4fc8a4 gnutls-3.4.0.patch" | 119 | b0e2fc464c840211acef0da481fed5eb594d5bee62672fbccf379efcf3f88c3acee5efd8c51671508feaf2edacd05426766577c94e733479a90a58f68f4fc8a4 gnutls-3.4.0.patch" |
diff --git a/main/rsyslog/rsyslog.conf b/main/rsyslog/rsyslog.conf index 19187467b3..38d0e4b73a 100644 --- a/main/rsyslog/rsyslog.conf +++ b/main/rsyslog/rsyslog.conf | |||
| @@ -6,6 +6,13 @@ $ModLoad immark.so # provides --MARK-- message capability | |||
| 6 | $ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command) | 6 | $ModLoad imuxsock.so # provides support for local system logging (e.g. via logger command) |
| 7 | $ModLoad imklog.so # kernel logging (formerly provided by rklogd) | 7 | $ModLoad imklog.so # kernel logging (formerly provided by rklogd) |
| 8 | 8 | ||
| 9 | # default permissions for all log files. | ||
| 10 | $FileOwner root | ||
| 11 | $FileGroup adm | ||
| 12 | $FileCreateMode 0640 | ||
| 13 | $DirCreateMode 0755 | ||
| 14 | $Umask 0022 | ||
| 15 | |||
| 9 | # Include configuration files from directory | 16 | # Include configuration files from directory |
| 10 | $IncludeConfig /etc/rsyslog.d/* | 17 | $IncludeConfig /etc/rsyslog.d/* |
| 11 | 18 | ||