FreeBSD Bugzilla – Attachment 220480 Details for
Bug 251778
security/logcheck: Fix runtime error with bsdgrep
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch file
security_logcheck.patch (text/plain), 11.87 KB, created by
Yasuhiro Kimura
on 2020-12-12 10:00:53 UTC
(
hide
)
Description:
Patch file
Filename:
MIME Type:
Creator:
Yasuhiro Kimura
Created:
2020-12-12 10:00:53 UTC
Size:
11.87 KB
patch
obsolete
>Index: security/logcheck/Makefile >=================================================================== >--- security/logcheck/Makefile (revision 557732) >+++ security/logcheck/Makefile (working copy) >@@ -3,6 +3,7 @@ > > PORTNAME= logcheck > PORTVERSION= 1.3.20 >+PORTREVISION= 1 > CATEGORIES= security > MASTER_SITES= DEBIAN_POOL > DISTNAME= ${PORTNAME}_${PORTVERSION} >Index: security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh >=================================================================== >--- security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh (revision 557732) >+++ security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh (working copy) >@@ -1,5 +1,14 @@ >---- rulefiles/linux/ignore.d.server/ssh.orig 2017-01-25 21:08:04 UTC >+--- rulefiles/linux/ignore.d.server/ssh.orig 2019-03-01 22:27:31 UTC > +++ rulefiles/linux/ignore.d.server/ssh >+@@ -14,7 +14,7 @@ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Postponed keyboard-interactive(/pam)? for (invalid user )?[^[:space:]]+ from [^[:space:]]+ port [[:digit:]]+( (ssh|ssh2)( \[preauth\])?)?$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+: [12]: Timeout, server not responding\.$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+(: | port [[:digit:]]+:)11: (disconnected by user|Closed due to user request\.)$ >+-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: .{0,256} \[preauth\]$ >++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: .{0,255} \[preauth\]$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: Client disconnect$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: Disconnect requested by Windows SSH Client\.$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnected from [:[:xdigit:].]+ port [[:digit:]]+$ > @@ -27,8 +27,8 @@ > ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\) check pass; user unknown$ > ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\) bad username \[[^]]+\]$ >Index: security/logcheck/files/patch-rulefiles_linux_ignore.d.paranoid_postfix >=================================================================== >--- security/logcheck/files/patch-rulefiles_linux_ignore.d.paranoid_postfix (nonexistent) >+++ security/logcheck/files/patch-rulefiles_linux_ignore.d.paranoid_postfix (working copy) >@@ -0,0 +1,10 @@ >+--- rulefiles/linux/ignore.d.paranoid/postfix.orig 2015-12-10 18:14:10 UTC >++++ rulefiles/linux/ignore.d.paranoid/postfix >+@@ -1,5 +1,5 @@ >+-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/(local|pipe|virtual)\[[[:digit:]]+\]: [[:alnum:]]+: to=[^[:space:]]+, (orig_to=[^[:space:]]+, |)relay=[^[:space:]]+, delay=[.[:digit:]]+, (delays=[.[:digit:]/]+, dsn=[.[:digit:]]+, )?status=[[:alnum:]]+ \(.*\)$ >+-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/cleanup\[[[:digit:]]+\]: [[:alnum:]]+: (resent-|)message-id=<[^[:space:]]+>$ >++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/(local|pipe|virtual)\[[[:digit:]]+\]: [[:alnum:]]+: to=[^[:space:]]+, (orig_to=[^[:space:]]+, )?relay=[^[:space:]]+, delay=[.[:digit:]]+, (delays=[.[:digit:]/]+, dsn=[.[:digit:]]+, )?status=[[:alnum:]]+ \(.*\)$ >++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/cleanup\[[[:digit:]]+\]: [[:alnum:]]+: (resent-)?message-id=<[^[:space:]]+>$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/nqmgr\[[[:digit:]]+\]: [[:alnum:]]+: from=<[^[:space:]]*>, size=[[:digit:]]+, nrcpt=[[:digit:]]+ \(queue active\)$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/pickup\[[[:digit:]]+\]: [[:alnum:]]+: uid=[[:digit:]]+ from=[^[:space:]]+$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/qmgr\[[[:digit:]]+\]: [[:alnum:]]+: from=<[^[:space:]]*>, size=[[:digit:]]+, nrcpt=[[:digit:]]+ \(queue active\)$ >Index: security/logcheck/files/patch-rulefiles_linux_ignore.d.server_dhcp >=================================================================== >--- security/logcheck/files/patch-rulefiles_linux_ignore.d.server_dhcp (nonexistent) >+++ security/logcheck/files/patch-rulefiles_linux_ignore.d.server_dhcp (working copy) >@@ -0,0 +1,22 @@ >+--- rulefiles/linux/ignore.d.server/dhcp.orig 2017-01-14 11:42:45 UTC >++++ rulefiles/linux/ignore.d.server/dhcp >+@@ -10,13 +10,13 @@ >+ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPACK on [.0-9]{7,15} to [:[:alnum:]]+ (\([\(\)._[:alnum:]-]+\) )?via [._[:alnum:]-]+$ >+ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCP(NAK|RELEASE|INFORM) (on|from) ([.0-9]{7,15}|[:[:alnum:].]+)$ >+ #Added for dhcp 3 >+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPDISCOVER from [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+(: load balance to peer [._[:alnum:]-]+)?$ >+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPOFFER on [.0-9]{7,15} to [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+$ >+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPREQUEST for [.0-9]{7,15} (\([.0-9]{7,15}\) |)from [:[:alnum:]]+ (\([._[:alnum:]-]+\) )?via [._[:alnum:]-]+(: load balance to peer [._[:alnum:]-]+\.?|: lease owned by peer\.?|: wrong network\.?|: lease [.0-9]{7,15} unavailable\.?)?$ >+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPACK on [.0-9]{7,15} to [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+$ >+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPNAK on [.0-9]{7,15} to [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+$ >++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPDISCOVER from [:[:alnum:]]+ (\([._[:alnum:]-]+\) )?via [._[:alnum:]-]+(: load balance to peer [._[:alnum:]-]+)?$ >++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPOFFER on [.0-9]{7,15} to [:[:alnum:]]+ (\([._[:alnum:]-]+\) )?via [._[:alnum:]-]+$ >++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPREQUEST for [.0-9]{7,15} (\([.0-9]{7,15}\) )?from [:[:alnum:]]+ (\([._[:alnum:]-]+\) )?via [._[:alnum:]-]+(: load balance to peer [._[:alnum:]-]+\.?|: lease owned by peer\.?|: wrong network\.?|: lease [.0-9]{7,15} unavailable\.?)?$ >++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPACK on [.0-9]{7,15} to [:[:alnum:]]+ (\([._[:alnum:]-]+\) )?via [._[:alnum:]-]+$ >++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPNAK on [.0-9]{7,15} to [:[:alnum:]]+ (\([._[:alnum:]-]+\) )?via [._[:alnum:]-]+$ >+ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPINFORM from [.0-9]{7,15} via [._[:alnum:]-]+$ >+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPRELEASE of [.0-9]{7,15} from [:[:alnum:]]+ (\([._[:alnum:]-]+\) |)via [._[:alnum:]-]+ \((not |)found\)$ >++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPRELEASE of [.0-9]{7,15} from [:[:alnum:]]+ (\([._[:alnum:]-]+\) )?via [._[:alnum:]-]+ \((not )?found\)$ >+ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: DHCPACK to [.0-9]{7,15}( \(([:[:xdigit:]]+|<no client hardware address>)\) via [._[:alnum:]-]+)?$ >+ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: ((balancing|balanced) )?pool [0-9a-f]{6,7} [.0-9]{7,15}/[:[:alnum:]]+ ? total [:[:alnum:]]+ free [:[:alnum:]]+ backup [:[:alnum:]]+ lts [:[:alnum:]-]+.*( max-(own \(\+/-\)[[:digit:]]+|misbal [[:digit:]]+))?$ >+ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: ICMP Echo reply while lease [.[:digit:]]{7,15} valid\.$ >Index: security/logcheck/files/patch-rulefiles_linux_ignore.d.server_nfs >=================================================================== >--- security/logcheck/files/patch-rulefiles_linux_ignore.d.server_nfs (nonexistent) >+++ security/logcheck/files/patch-rulefiles_linux_ignore.d.server_nfs (working copy) >@@ -0,0 +1,7 @@ >+--- rulefiles/linux/ignore.d.server/nfs.orig 2015-12-10 18:14:10 UTC >++++ rulefiles/linux/ignore.d.server/nfs >+@@ -1,2 +1,2 @@ >+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rpc\.mountd: authenticated (un|)mount request from [._[:alnum:]-]+:[0-9]+ for (/[._[:alnum:]-]*)+ \((/[._[:alnum:]-]*)+\)$ >+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mountd\[[0-9]+\]: authenticated (un|)mount request from [._[:alnum:]-]+:[0-9]+ for (/[._[:alnum:]-]*)+ \((/[._[:alnum:]-]*)+\)$ >++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rpc\.mountd: authenticated (un)?mount request from [._[:alnum:]-]+:[0-9]+ for (/[._[:alnum:]-]*)+ \((/[._[:alnum:]-]*)+\)$ >++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mountd\[[0-9]+\]: authenticated (un)?mount request from [._[:alnum:]-]+:[0-9]+ for (/[._[:alnum:]-]*)+ \((/[._[:alnum:]-]*)+\)$ >Index: security/logcheck/files/patch-rulefiles_linux_ignore.d.server_postfix >=================================================================== >--- security/logcheck/files/patch-rulefiles_linux_ignore.d.server_postfix (revision 557732) >+++ security/logcheck/files/patch-rulefiles_linux_ignore.d.server_postfix (working copy) >@@ -1,5 +1,14 @@ > --- rulefiles/linux/ignore.d.server/postfix.orig 2019-03-01 15:22:43 UTC > +++ rulefiles/linux/ignore.d.server/postfix >+@@ -8,7 +8,7 @@ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/anvil\[[[:digit:]]+\]: statistics: max (message|recipient|connection) (count|rate) [/[:digit:]s]+ for \(([.:[:xdigit:]]+)?(smtp(s)?|25|submission|587):([.:[:xdigit:]]+|unknown)\) at \w{3} [ :[:digit:]]{11}$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/anvil\[[[:digit:]]+\]: statistics: max cache size [[:digit:]]+ at \w{3} [ :[:digit:]]{11}$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/bounce\[[[:digit:]]+\]: [[:xdigit:]]+: sender (delay|non-delivery|delivery status) notification: [[:xdigit:]]+$ >+-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/cleanup\[[[:digit:]]+\]: [[:alnum:]]+: (resent-|)message-id=<?[^>]+>?( \(added by [^[:space:]]+\))?$ >++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/cleanup\[[[:digit:]]+\]: [[:alnum:]]+: (resent-)?message-id=<?[^>]+>?( \(added by [^[:space:]]+\))?$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/cleanup\[[[:digit:]]+\]: [[:alnum:]]+: milter-discard: END-OF-MESSAGE from [-._[:alnum:]]+\[([.[:digit:]]+|[:[:xdigit:]]+)\]: milter triggers DISCARD action; from=<[^[:space:]]*> to=<[^[:space:]]*> proto=E?SMTP helo=<[^[:space:]]+>$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/cleanup\[[[:digit:]]+\]: [[:upper:][:digit:]]+: reject: header [^[:space:]]+:.+ from=<[^[:space:]]*>( to=<[^[:space:]]+>)? proto=E?SMTP helo=<[^[:space:]]+>: .+$ >+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/cleanup\[[[:digit:]]+\]: [[:xdigit:]]+: milter-reject: END-OF-MESSAGE from [-._[:alnum:]]+\[[.[:digit:]]+\]: [45]\.7\.1 (virus [-._/[:alnum:]]+ detected by ClamAV - http://www\.clamav\.net|Command rejected); from=<[^[:space:]]*> to=<[^[:space:]]+> proto=E?SMTP helo=<[^[:space:]]+>$ > @@ -60,7 +60,7 @@ > ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: warning: [^[:space:]]+ offered null AUTH mechanism list$ > ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ postfix/smtp\[[[:digit:]]+\]: warning: mailer loop: best MX for [^[:space:]]+ is local$ >Index: security/logcheck/files/patch-rulefiles_linux_violations.d_kernel >=================================================================== >--- security/logcheck/files/patch-rulefiles_linux_violations.d_kernel (nonexistent) >+++ security/logcheck/files/patch-rulefiles_linux_violations.d_kernel (working copy) >@@ -0,0 +1,6 @@ >+--- rulefiles/linux/violations.d/kernel.orig 2015-12-10 18:14:10 UTC >++++ rulefiles/linux/violations.d/kernel >+@@ -1,2 +1,2 @@ >+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? [[:alnum:]]+: media error \(bad sector\): status=0x[[:xdigit:]]+ { DriveReady SeekComplete Error }$ >++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? [[:alnum:]]+: media error \(bad sector\): status=0x[[:xdigit:]]+ \{ DriveReady SeekComplete Error \}$ >+ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel:( \[ *[[:digit:]]+\.[[:digit:]]+\])? end_request: I/O error, dev [[:alnum:]]+, sector [[:digit:]]+
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Flags:
yasu
:
maintainer-approval+
Actions:
View
|
Diff
Attachments on
bug 251778
: 220480