From mboxrd@z Thu Jan  1 00:00:00 1970
From: Steve Grubb <sgrubb@redhat.com>
Subject: Re: audit-1.8 released
Date: Thu, 27 Oct 2011 11:33:18 -0400
Message-ID: <201110271133.19005.sgrubb@redhat.com>
References: <201110271035.55535.sgrubb@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
Received: from x2.localnet (vpn-239-214.phx2.redhat.com [10.3.239.214])
	by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id p9RFXx6Q015091
	for <linux-audit@redhat.com>; Thu, 27 Oct 2011 11:33:59 -0400
In-Reply-To: <201110271035.55535.sgrubb@redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On Thursday, October 27, 2011 10:35:55 AM Steve Grubb wrote:
> I've just released a new version of the (old) audit daemon. It can be
> downloaded from http://people.redhat.com/sgrubb/audit. The ChangeLog is:
> 
> - Performance improvements for ausearch/report
> - Fix debug output resolving numeric address
> - Fix spelling error in audit.rules (#667845)
> - Improve warning in auditctl regarding immutable mode (#654883)
> - In ausearch, allow searching for auid -1
> - Fix memory leak in aureport
> - Fix parsing state problem in libauparse
> - Update prelude support
> - Add new event types
> - Update syscall tables
> - On i386, audit rules do not work on inode's with a large number
> - Improve the robustness of libaudit field encoding functions
> - Add optional ARM processor support
> - Fix autrace to use correct syscalls on i386 systems (Peng Haitao)
> - In auparse, add ability to interpret session and capabilities
> - Add ability for audispd syslog plugin to choose facility local0-7
> - Report server issues to remote client
> - Update ausearch parsing
> - Update auparse to handle virt events
> - Make audisp-remote robust
> - Add 2 error returns to python bindings
> - Update the man pages a little
> - Add some debug info to audidp-remote startup and shutdown
> - In auditd, if disk_error_action is ignore, limit syslog messages to 5
> - Fix some memory leaks
> 
> This does not even really capture all the updates to this branch. This is
> intended to be the final release of the 1.x series. This release backports
> everything I possibly can from trunk to the old daemon. With all these
> fixes, its a big update. Please test it if you use the 1.x series.
> 
> Please let me know if you run across any problems with this release.

And promptly found a compile problem on old systems. You might need this patch:
https://fedorahosted.org/audit/changeset/601

 -Steve