RHBA-2012:1217 - Bug Fix Advisory

Topic

An updated logwatch package that fixes various bugs is now available.

Description

Logwatch is a customizable, pluggable log-monitoring system. It will go through
your logs for a given period of time and make a report in the areas that you
wish with the detail that you wish. Easy to use - works right out of the package
on many systems.

This updated logwatch package includes fixes for the following bugs:

• Due to an incorrect regular expression, positive changes in temperatures

reported by the smartd daemon were shown as unmatched entries in the logwatch
output. This update fixes the faulty regular expression and temperature log
information is now displayed correctly. (BZ#578806)

• Prior to this update, logwatch did not correctly parse the RSYSLOG_FileFormat

time stamps and displayed them as unmatched entries. With this update, parsing
of the rsyslog time stamps has been fixed and works as expected. (BZ#583607)

• Yum's "applydate" time ranges were not correctly parsed by logwatch and were

displayed as unmatched entries. This has been fixed and "applydate" time ranges
are no longer displayed as unmatched entries. (BZ#583721)

• Xen virtual console logins were not correctly parsed by logwatch and were

displayed as unmatched entries. This update fixes this bug. (BZ#595068)

• Logins initiated with the "su -" or "su -l" command were not correctly parsed

by logwatch and were displayed as unmatched entries. This update fixes this bug.
(BZ#668067)

• SSH Kerberos (GSS) logins were not correctly parsed by logwatch and were

displayed as unmatched entries. This update fixes this bug. (BZ#684577)

All users of logwatch are advised to upgrade to this updated package, which
fixes these bugs.

Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 578806 - does not properly parse temperature changes reported by smartd
• BZ - 583607 - logwatch must understand RSYSLOG_FileFormat timestamps
• BZ - 583721 - yum's applydate does not properly catch time ranges
• BZ - 595068 - Logins through xen virt console are under unmatched entries
• BZ - 668067 - logwatch shows unknown entries for su -
• BZ - 684577 - Logwatch does not recognise ssh Kerberos (GSS) logins.

CVEs

(none)

References

(none)