Bug 81145
Summary: | Log message treated as a regexp??? | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Aleksey Nogin <aleksey> | ||||
Component: | logwatch | Assignee: | Elliot Lee <sopwith> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 8.0 | CC: | stephen.walton | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2003-07-10 13:43:16 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Aleksey Nogin
2003-01-06 04:41:40 UTC
Can you try the logwatch 4.3.1 in rawhide and see if it has this issue? I can't see any lines in 4.3.1 in the script mentioned that would fit the description. Created attachment 90521 [details]
Demonstrates problem in logwatch 'secure' script regexp
Running this script creates and executes a Perl program called 'bugdemo.pl' in
the current directory.
My comment to my demo got lost: the problem arises when a line in /var/log/secure contains the string ++, as it does for the original poster, and did for me, when an 'sudo' command is executed to manipulate a C++ library. My attachment demonstrates the problem but I'm not enough of a Perl hacker to figure out a patch. I don't think this should be marked CLOSED but I can't change the status. 4.3.2 has this problem fixed, and probably 4.3.1. Fair enough, but the original bug was against RH 8.0, and the latest version of logwatch released for 8.0 seems to be the one on the original release, 2.6-8. 4.3.1-2 is on my RH9 systems, though. I did "rpm -U --test" on an RH8.0 system against the logwatch 4.3.1-2 RPM shipped with RH9 and got no errors; would it be safe to install it? |