RHBA-2012:0704 - Bug Fix Advisory

Topic

Updated logrotate packages that fix three bugs and add one enhancement are now
available for Red Hat Enterprise Linux 5.

Description

The logrotate utility simplifies the administration of multiple log files,
allowing the automatic rotation, compression, removal, and mailing of log files.

This update fixes the following bugs:

• Prior to this update, a conflict could occur when string arrays between the

popt library and a hand-coded method written in logrotate were allocated and
freed. As a consequence, the "compressoptions" directive in the logrotate
configuration file caused logrotate to abort unexpectedly. This update modifies
the underlying code to use the popt library instead. Now, logrotate works as
expected. (BZ#644741)

• Prior to this update, the ".rhn-cfg-tmp-" file exension was missing from the

the list of extensions to be skipped when loading the configuration files. As a
consequence, ".rhn-cfg-tmp-" files were loaded as normal configuration files
and the rotation process was interrupted. This update adds the ".rhn-cfg-tmp-"
extension to the list of extensions to be skipped. (BZ#795405)

• Prior to this update, the logrotate utility did not check whether brackets

were correctly matched in the configuration file. As a consequence, files were
removed because logrotate did not detect the incorrectly matched brackets and
did not stop the rotation process for the particular configuration file. This
update modifies the underlying code to check the presence of brackets whether
they are matched. Now, configuration files with bad syntax are skipped.
(BZ#736045)

This update also adds the following enhancement:

• With this update, logrotate can rotate logs defined in configuration files

that contain configuration errors. (BZ#510124)

All users of logrotate are advised to upgrade to these updated packages, which
fix these bugs and add this enhancement.

Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 644741 - logrotate: free(): invalid pointer
• BZ - 736045 - logrotate has insufficient configuration syntax checking

CVEs

(none)

References

(none)