Ubuntu
logwatch package

debian/changelog (+371/-0)
debian/control (+4/-2)
debian/patches/0011-postfix-Ignore-Resolved-loghost-to-127.0.0.1.patch (+42/-0)
debian/patches/0012-postfix-Handle-backwards-compatible-mode.patch (+74/-0)
debian/patches/0013-secure-Ignore-warnings-about-gnome-keyring-daemon-it.patch (+32/-0)
debian/patches/0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch (+52/-0)
debian/patches/0015-pam_unix-Ignore-issues-about-etc-securetty-being-mis.patch (+51/-0)
debian/patches/0017-audit-Apparmor-DENIED-entries-don-t-always-include-p.patch (+28/-0)
debian/patches/0018-audit-Treat-Denial-Errors-same-as-Denied.patch (+28/-0)
debian/patches/0019-exim-Handle-self-signed-certs-warnings.patch (+73/-0)
debian/patches/0020-dhcpd-Ignore-lease-age-under-threshold-messages.patch (+32/-0)
debian/patches/0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch (+69/-0)
debian/patches/series (+12/-0)

Related bugs:

Bug #1577948: unmatched entries for apparmor STATUS messages	High	Fix Released
Bug #1578001: unmatched entries for isc-dhcp-server	Medium	Fix Released
Bug #1890749: Missing perl 'Sys' module in system config summary on focal	Medium	Fix Released
Bug #1890751: unmatched entry for securetty on focal	Medium	Fix Released
Bug #1892269: Unmatched entry for exim with selfsigned certificate	Medium	Fix Released

Link a bug report

Reviewer	Date Requested	Status
Bryce Harrington (community)		Approve on 2020-11-06
Christian Ehrhardt  (community)	2020-11-05	Needs Fixing on 2020-11-06
Canonical Server	2020-11-05	Pending
Review via email: mp+393413@code.launchpad.net

Description of the change

Usual tags pushed.

Pretty straightforward merge from Debian. We had gone ahead of Debian, this just gets us back on top of their tree.

Since we did a lot of work on this package last cycle, the git ubuntu change history resulted in a messy changelog entry, so most of the work with this merge was just cleaning the git history.

Pretty much all the patches in our Ubuntu delta are already accepted upstream, but not yet available in a release - when 7.5.5 comes we should be able to drop almost all of it. There will still be a couple patches which weren't clear if they are upstreamable, however I think we can leave those to the next merge.

PPA is at:

https://launchpad.net/~bryce/+archive/ubuntu/logwatch-merge-v7.5.4-1

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2020-11-06:

I was suspicious at all the linked bugs here on the MP, but the CL LGTM with non-active bug references. Otherwise we'd ping all those bugs again which we do not want.

Ok, things look good from far away - checking out git to read things in detail.

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2020-11-06:

None of the Debian changes has influence on the Delta we had and as you pointed out we need 7.5.5 to be able to drop most of them.

Due to all the going ahead tags like bryce/logical/7.5.4-0ubuntu3 were not too helpful this time.
But I was able to break things apart and agree that all old delta was retained (which is what we wanted).

The old Debian base was actually 7.5.0-1 which is quite a while back.
All Delta we ahve is mentioned ack) but we miss a drop IMHO
7.5.4-0ubuntu2 added:
   * d/control: Update upstream's homepage
     (LP: #1891604)
That was done in 7.5.4-1
   * d/control: Update Homepage field (closes: #956666)
So we would need to mention that we dropped that Delta right?

Otherwise things LGTM, once you fixed that feel free to upload no need to re-review for this little change to d/changelog

review: Needs Fixing

Revision history for this message

Bryce Harrington (bryce) wrote on 2020-11-06:

Thanks, I've made the change and will proceed with the upload.

Revision history for this message

Bryce Harrington (bryce) wrote on 2020-11-06:

Uploaded:

$ git ubuntu tag --upload
$ git push pkg upload/7.5.4-1ubuntu1
Enumerating objects: 86, done.
Counting objects: 100% (86/86), done.
Delta compression using up to 12 threads
Compressing objects: 100% (80/80), done.
Writing objects: 100% (80/80), 20.67 KiB | 5.17 MiB/s, done.
Total 80 (delta 52), reused 7 (delta 0), pack-reused 0
To ssh://git.launchpad.net/ubuntu/+source/logwatch
* [new tag] upload/7.5.4-1ubuntu1 -> upload/7.5.4-1ubuntu1

$ dput ubuntu logwatch_7.5.4-1ubuntu1_source.changes
Checking signature on .changes
gpg: /home/bryce/pkg/Logwatch/merge-v7.5.4-1/logwatch_7.5.4-1ubuntu1_source.changes: Valid signature from E603B2578FB8F0FB
Checking signature on .dsc
gpg: /home/bryce/pkg/Logwatch/merge-v7.5.4-1/logwatch_7.5.4-1ubuntu1.dsc: Valid signature from E603B2578FB8F0FB
Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading logwatch_7.5.4-1ubuntu1.dsc: done.
  Uploading logwatch_7.5.4-1ubuntu1.debian.tar.xz: done.
  Uploading logwatch_7.5.4-1ubuntu1_source.buildinfo: done.
  Uploading logwatch_7.5.4-1ubuntu1_source.changes: done.
Successfully uploaded packages.

review: Approve

Revision history for this message

Bryce Harrington (bryce) wrote on 2020-11-09:

This is migrated

logwatch | 7.5.4-1ubuntu1 | hirsute | source

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Bryce Harrington

git-ubuntu developers

 diff --git a/debian/changelog b/debian/changelog
 index a70c0f5..39b0fd9 100644
 --- a/debian/changelog
 +++ b/debian/changelog
@@ -1,3 +1,42 @@
++logwatch (7.5.4-1ubuntu1) hirsute; urgency=medium
++
++  * Merge with Debian unstable. Remaining changes:
++    - Drop libsys-cpu-perl and libsys-meminfo-perl from Recommends to
++      Suggests as they are in universe.
++    - d/p/0011-postfix-Ignore-Resolved-loghost-to-127.0.0.1.patch:
++      postfix: Ignore Resolved loghost to 127.0.0.1.
++      (LP #1583705)
++    - d/p/0012-postfix-Handle-backwards-compatible-mode.patch:
++      postfix: Handle backwards-compatible mode.
++      (LP #1583705)
++    - d/p/0013-secure-Ignore-warnings-about-gnome-keyring-daemon-it.patch:
++      secure: Ignore warnings about gnome-keyring-daemon items already
++      registered.
++      (LP #1890752)
++    - d/p/0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch:
++      zz-sys: Suppress warnings if Sys::CPU or Sys::MemInfo are missing.
++      These are not installed by default in Ubuntu's logwatch packaging.
++      (LP #1890749)
++    - d/p/0015-pam_unix-Ignore-issues-about-etc-securetty-being-mis.patch:
++      pam_unix: Ignore issues about /etc/securetty being missing.
++      (LP #1890751)
++    - d/p/0017-audit-Apparmor-DENIED-entries-don-t-always-include-p.patch
++      audit: Don't handle "unconfined" profile changes distinct from ordinary loads
++    - d/p/0018-audit-Handle-apparmor-errors-on-DENIED-messages.patch:
++      audit: Treat Denial Errors same as Denied
++      (LP #1577948)
++    - d/p/0019-exim-Handle-self-signed-certs-warnings.patch:
++      exim: Handle self-signed certs warnings.
++      (LP #1892269)
++    - d/p/0020-dhcpd-Ignore-lease-age-under-threshold-messages.patch:
++      dhcpd: Ignore lease age under threshold messages
++      (LP #1578001)
++    - d/p/0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch:
++      audit: use the term ALLOWED instead of Grants
++      (LP #1577948)
++
++ -- Bryce Harrington <bryce@canonical.com>  Thu, 05 Nov 2020 04:28:07 +0000
++
  logwatch (7.5.4-1) unstable; urgency=medium
    * New upstream version 7.5.4 (closes: #970684)
@@ -7,6 +46,91 @@ logwatch (7.5.4-1) unstable; urgency=medium
   -- Willi Mann <willi@debian.org>  Sun, 04 Oct 2020 20:40:40 +0200
++logwatch (7.5.4-0ubuntu3) groovy; urgency=medium
++
++  * d/p/0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch:
++    Update DEP3 to indicate this patch does not need forwarded upstream
++    since it corrects a distro packaging issue.
++  * d/p/0018-audit-Treat-Denial-Errors-same-as-Denied.patch:
++    Update DEP3 to link to where this patch was forwarded upstream.
++  * d/p/0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch:
++    Fix typo in variable '$allawed'; refresh patch.
++
++ -- Bryce Harrington <bryce@canonical.com>  Fri, 04 Sep 2020 16:08:47 -0700
++
++logwatch (7.5.4-0ubuntu2) groovy; urgency=medium
++
++  [ Bryce Harrington ]
++  * d/p/0020-dhcpd-Ignore-lease-age-under-threshold-messages.patch:
++    dhcpd: Ignore lease age under threshold messages
++    (LP: #1578001)
++  * d/p/0019-exim-Handle-self-signed-certs-warnings.patch:
++    exim: Handle self-signed certs warnings.
++    (LP: #1892269)
++  * d/p/0018-audit-Treat-Denial-Errors-same-as-Denied.patch:
++    audit: Treat Denial-Errors same as Denied.
++    (LP: #1577948)
++  * d/p/0017-audit-Apparmor-DENIED-entries-don-t-always-include-p.patch:
++    audit: Apparmor DENIED entries don't always include parent=N.
++    (LP: #1577948)
++  * d/p/0015-pam_unix-Ignore-issues-about-etc-securetty-being-mis.patch:
++    pam_unix: Ignore issues about /etc/securetty being missing.
++    (LP: #1890751)
++  * d/p/0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch:
++    zz-sys: Suppress warnings if Sys::CPU or Sys::MemInfo are missing.
++    These are not installed by default in Ubuntu's logwatch packaging.
++    (LP: #1890749)
++  * d/p/0013-secure-Ignore-warnings-about-gnome-keyring-daemon-it.patch:
++    secure: Ignore warnings about gnome-keyring-daemon items already
++    registered.
++    (LP: #1890752)
++  * d/p/0012-postfix-Handle-backwards-compatible-mode.patch:
++    postfix: Handle backwards-compatible mode.
++    (LP: #1583705)
++  * d/p/0011-postfix-Ignore-Resolved-loghost-to-127.0.0.1.patch:
++    postfix: Ignore Resolved loghost to 127.0.0.1.
++    (LP: #1583705)
++  * d/control: Update upstream's homepage
++    (LP: #1891604)
++
++  [ Lucas Kanashiro ]
++  * d/p/0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch:
++    audit: use the term ALLOWED instead of Grants.
++
++ -- Bryce Harrington <bryce@canonical.com>  Fri, 21 Aug 2020 01:30:10 +0000
++
++logwatch (7.5.4-0ubuntu1) groovy; urgency=medium
++
++  * New upstream version 7.5.4.  Remaining changes:
++    - Drop libsys-cpu-perl and libsys-meminfo-perl from Recommends to
++      Suggests as they are in universe.
++  * Dropped:
++    - Drop 0005-Match-connection-shutdown-by-couriertls.patch
++      [Taken upstream in 7.5.4]
++    - Drop 0006-imapd-Handle-SSL3-connection-errors.patch
++      [Taken upstream in 7.5.4]
++
++ -- Bryce Harrington <bryce@canonical.com>  Mon, 03 Aug 2020 18:27:31 -0700
++
++logwatch (7.5.2-1ubuntu2) groovy; urgency=medium
++
++  * 0006-imapd-Handle-SSL3-connection-errors.patch: Handle SSL3
++    connection errors for couriertls in imapd.
++  * 0005-Match-connection-shutdown-by-couriertls.patch: Match connection
++    shutdown entries by couriertls.  These are likely just client errors
++    and do not represent real problems.
++    (LP: #1578004)
++
++ -- Bryce Harrington <bryce@canonical.com>  Fri, 05 Jun 2020 23:16:23 +0000
++
++logwatch (7.5.2-1ubuntu1) focal; urgency=medium
++
++  * Merge with Debian unstable. Remaining changes:
++    - Drop libsys-cpu-perl and libsys-meminfo-perl from Recommends to
++      Suggests as they are in universe.
++
++ -- Bryce Harrington <bryce@canonical.com>  Thu, 23 Jan 2020 11:53:10 -0800
++
  logwatch (7.5.2-1) unstable; urgency=medium
    * New upstream version 7.5.2
@@ -15,12 +139,40 @@ logwatch (7.5.2-1) unstable; urgency=medium
   -- Willi Mann <willi@debian.org>  Sun, 12 Jan 2020 12:25:08 +0100
++logwatch (7.5.0-2ubuntu1) eoan; urgency=medium
++
++  * Merge with Debian unstable. Remaining changes:
++    - Drop libsys-cpu-perl and libsys-meminfo-perl from Recommends to
++      Suggests as they are in universe.
++  * Dropped:
++    - debian/control: depend on postfix rather than exim4.
++      [default-mta is provided by postfix as of precise at least]
++    - debian/dist.conf/logfiles/maillog.conf: adjust for logrotation.
++      [While the file is no longer present, it'll just be silently
++       ignored if it's listed in the config file, so no need to maintain
++       a delta against debian for this.]
++
++ -- Bryce Harrington <bryce@canonical.com>  Thu, 23 May 2019 10:40:17 -0700
++
  logwatch (7.5.0-2) unstable; urgency=high
    * s/s/kernel: fix typo. closes: 917836
   -- Willi Mann <willi@debian.org>  Sat, 09 Mar 2019 18:14:03 +0100
++logwatch (7.5.0-1ubuntu1) disco; urgency=medium
++
++  * Merge with Debian unstable (LP: #1810928). Remaining changes:
++    - debian/control: depend on postfix rather than exim4.
++    - debian/dist.conf/logfiles/maillog.conf: adjust for logrotation
++    - Drop libsys-cpu-perl and libsys-meminfo-perl from Recommends to
++      Suggests as they are in universe.
++  * Dropped Changes:
++    - d/p/ssh-ignore-disconnected.patch: [sshd] ignore disconnected from user
++      [upstream]
++
++ -- Karl Stenerud <kstenerud@gmail.com>  Wed, 09 Jan 2019 10:55:11 +0100
++
  logwatch (7.5.0-1) unstable; urgency=medium
    * New upstream version
@@ -59,6 +211,23 @@ logwatch (7.4.3+git20180713-1) unstable; urgency=medium
   -- Willi Mann <willi@debian.org>  Tue, 02 Oct 2018 19:52:16 +0200
++logwatch (7.4.3+git20161207-2ubuntu2) cosmic; urgency=medium
++
++  * d/p/ssh-ignore-disconnected.patch: [sshd] ignore disconnected from user
++    USER (LP: 1644057)
++
++ -- Karl Stenerud <karl.stenerud@canonical.com>  Fri, 31 Aug 2018 09:44:50 -0700
++
++logwatch (7.4.3+git20161207-2ubuntu1) zesty; urgency=medium
++
++  * Merge from Debian testing. Remaining changes:
++    - debian/control: depend on postfix rather than exim4.
++    - debian/dist.conf/logfiles/maillog.conf: adjust for logrotation
++    - Drop libsys-cpu-perl and libsys-meminfo-perl from Recommends to
++      Suggests as they are in universe.
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 16 Feb 2017 09:08:52 +0100
++
  logwatch (7.4.3+git20161207-2) unstable; urgency=medium
    * Revert upstream's change of the declared mail charset.
@@ -78,6 +247,16 @@ logwatch (7.4.3+git20161207-1) unstable; urgency=medium
   -- Willi Mann <willi@debian.org>  Fri, 16 Dec 2016 20:15:26 +0100
++logwatch (7.4.3-2ubuntu1) zesty; urgency=medium
++
++  * Merge from Debian unstable. Remaining changes:
++    - debian/control: depend on postfix rather than exim4.
++    - debian/dist.conf/logfiles/maillog.conf: adjust for logrotation
++    - Drop libsys-cpu-perl and libsys-meminfo-perl from Recommends to
++      Suggests as they are in universe.
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 01 Dec 2016 16:46:22 +0100
++
  logwatch (7.4.3-2) unstable; urgency=medium
    * s/s/amavis: Fix perl warning "redundant argument in sprintf".
@@ -86,6 +265,16 @@ logwatch (7.4.3-2) unstable; urgency=medium
   -- Willi Mann <willi@debian.org>  Wed, 02 Nov 2016 19:32:35 +0100
++logwatch (7.4.3-1ubuntu1) yakkety; urgency=medium
++
++  * Merge from Debian unstable. Remaining changes:
++    - debian/control: depend on postfix rather than exim4.
++    - debian/dist.conf/logfiles/maillog.conf: adjust for logrotation
++    - Drop libsys-cpu-perl and libsys-meminfo-perl from Recommends to
++      Suggests as they are in universe.
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Tue, 26 Jul 2016 12:56:34 +0200
++
  logwatch (7.4.3-1) unstable; urgency=medium
    * Imported Upstream version 7.4.3
@@ -93,6 +282,16 @@ logwatch (7.4.3-1) unstable; urgency=medium
   -- Willi Mann <willi@debian.org>  Sat, 30 Apr 2016 14:40:57 +0200
++logwatch (7.4.2-1ubuntu1) xenial; urgency=medium
++
++  * Merge from Debian unstable (LP: #1552983). Remaining changes:
++    - debian/control: depend on postfix rather than exim4.
++    - debian/dist.conf/logfiles/maillog.conf: adjust for logrotation
++    - Drop libsys-cpu-perl and libsys-meminfo-perl from Recommends to
++      Suggests as they are in universe.
++
++ -- Nishanth Aravamudan <nish.aravamudan@canonical.com>  Fri, 04 Mar 2016 11:42:51 -0800
++
  logwatch (7.4.2-1) unstable; urgency=medium
    * Imported Upstream version 7.4.2
@@ -108,6 +307,18 @@ logwatch (7.4.1+svn20160106rev308-1) unstable; urgency=medium
   -- Willi Mann <willi@debian.org>  Sun, 24 Jan 2016 19:17:34 +0100
++logwatch (7.4.1+svn20151218rev302-1ubuntu1) xenial; urgency=medium
++
++  * Merge from Debian unstable (LP: #1531262). Remaining changes:
++    - debian/control: depend on postfix rather than exim4.
++    - debian/dist.conf/logfiles/maillog.conf: adjust for logrotation
++    - Drop libsys-cpu-perl from Recommends to Suggests as it is in
++      universe.
++  * Drop libsys-meminfo-perl from Recommends to Suggests as it is in
++    universe.
++
++ -- Nishanth Aravamudan <nish.aravamudan@canonical.com>  Thu, 07 Jan 2016 20:53:20 -0800
++
  logwatch (7.4.1+svn20151218rev302-1) unstable; urgency=medium
    * Imported Upstream version 7.4.1+svn20151218rev302
@@ -135,6 +346,21 @@ logwatch (7.4.1+svn20150731rev294-1) unstable; urgency=medium
   -- Willi Mann <willi@debian.org>  Wed, 02 Sep 2015 18:50:14 +0200
++logwatch (7.4.1-2ubuntu2) vivid; urgency=medium
++
++  * Drop libsys-cpu-perl from Recommends to Suggests as it is in
++    universe.
++
++ -- Robie Basak <robie.basak@ubuntu.com>  Fri, 06 Feb 2015 14:29:06 +0000
++
++logwatch (7.4.1-2ubuntu1) vivid; urgency=medium
++
++  * Merge from Debian unstable (LP: #1387817). Remaining changes:
++    - debian/control: depend on postfix rather than exim4.
++    - debian/dist.conf/logfiles/maillog.conf: adjust for logrotation
++
++ -- Robie Basak <robie.basak@ubuntu.com>  Mon, 02 Feb 2015 04:03:21 +0000
++
  logwatch (7.4.1-2) unstable; urgency=medium
    * Revert upstream change on fail2ban service config. This makes fail2ban
@@ -195,6 +421,15 @@ logwatch (7.4.0+svn20131108rev175-1) unstable; urgency=low
   -- Willi Mann <willi@debian.org>  Thu, 28 Nov 2013 20:10:09 +0100
++logwatch (7.4.0+svn20130529rev144-1ubuntu1) saucy; urgency=low
++
++  * Merge from Debian unstable. Remaining changes:
++    + debian/control:
++      - Depend on postfix rather than exim4.
++    + debian/dist.conf/logfiles/maillog.conf: adjust for logrotation
++
++ -- Robie Basak <robie.basak@ubuntu.com>  Tue, 09 Jul 2013 15:06:43 +0000
++
  logwatch (7.4.0+svn20130529rev144-1) unstable; urgency=low
    * Imported Upstream version 7.4.0+svn20130529rev144
@@ -207,6 +442,20 @@ logwatch (7.4.0+svn20130529rev144-1) unstable; urgency=low
   -- Willi Mann <willi@debian.org>  Sat, 01 Jun 2013 14:03:28 +0200
++logwatch (7.4.0+svn20120502rev103-1ubuntu1) raring; urgency=low
++
++  * Merge from Debian testing (LP: #1102414). Remaining changes:
++    + debian/control:
++      - Depend on postfix rather than exim4.
++    + debian/dist.conf/logfiles/maillog.conf: adjust for logrotation
++
++  * Dropped changes, merged in Debian:
++    + debian/dist.conf/services/cron.conf: this change already disappeared
++      previously, looks related to Debian bug 615006 which is already applied
++      and thus presumed no longer needed.
++
++ -- Robie Basak <robie.basak@canonical.com>  Mon, 21 Jan 2013 13:53:24 +0000
++
  logwatch (7.4.0+svn20120502rev103-1) unstable; urgency=low
    * Set VDate in logwatch.pl to svn date for svn snapshots
@@ -230,6 +479,17 @@ logwatch (7.4.0+svn20120227rev85-1) unstable; urgency=low
   -- Willi Mann <willi@wm1.at>  Fri, 06 Apr 2012 21:11:23 +0200
++logwatch (7.4.0+svn20111221rev79-1ubuntu1) precise; urgency=low
++
++  [ Chuck Short ]
++  * Merge from Debian testing.  Remaining changes:
++    + debian/conrol:
++      - Depend on postfix rather than exim4.
++    + debian/dist.conf/services_cron.conf,
++      debian/dist.conf/logfiles_maillog.conf: Adjust for logrotation
++
++ -- Chuck Short <zulcss@ubuntu.com>  Mon, 06 Feb 2012 08:59:12 -0500
++
  logwatch (7.4.0+svn20111221rev79-1) unstable; urgency=low
    * Imported Upstream version 7.4.0+svn20111221rev79
@@ -259,6 +519,19 @@ logwatch (7.4.0+svn20111018rev68-1) unstable; urgency=low
   -- Willi Mann <willi@wm1.at>  Sat, 05 Nov 2011 20:44:36 +0100
++logwatch (7.4.0+svn20110808rev66-1ubuntu1) precise; urgency=low
++
++  * Merged from Debian testing, remaining changes are:
++    + debian/conrol:
++      - Depend on postfix rather than exim4.
++    + debian/dist.conf/services_cron.conf, debian/dist.conf/logfiles_maillog.conf,
++      debian/dist.conf/logfiles_messages.conf: Adjust for logrotation.
++    + Dropped:
++      - debian/patches/lp-809753-comify: No longer needed.
++      - debian/rules: Dont use quilt anymore logwatch uses source 3.0
++
++ -- Chuck Short <zulcss@ubuntu.com>  Mon, 14 Nov 2011 09:39:15 -0500
++
  logwatch (7.4.0+svn20110808rev66-1) unstable; urgency=low
    * New Upstream snapshot 7.4.0+svn20110808rev66 (closes: #644053)
@@ -288,6 +561,57 @@ logwatch (7.3.6.cvs20090906-2) unstable; urgency=high
   -- Willi Mann <willi@wm1.at>  Wed, 02 Mar 2011 08:57:07 +0100
++logwatch (7.3.6.cvs20090906-1ubuntu5) oneiric; urgency=low
++
++  * debian/patches/lp-809753-commify:
++    - return undef is not defined, instead of error (LP: #809753)
++  * debian/control:
++    - build depend on quilt
++  * debian/rules:
++    - add dh_quilt_patch and dh_quilt_unpatch
++
++ -- Ante Karamatic <ivoks@ubuntu.com>  Wed, 17 Aug 2011 19:28:17 +0200
++
++logwatch (7.3.6.cvs20090906-1ubuntu4) natty; urgency=low
++
++  * SECURITY UPDATE: privileged code execution via badly named logfiles
++    - scripts/logwatch.pl: encapsulate logfiles in 's and ensure logfile
++      names don't contain '.
++    - http://logwatch.svn.sourceforge.net/viewvc/logwatch?view=revision&revision=26
++    - CVE-2011-1018
++  * debian/dist.conf/services/cron.conf: adjust to capture cron entries,
++    thanks to Oliver Brakmann (LP: #719898)
++  * scripts/services/named: update to upstream version to correctly
++    capture more information (LP: #584229)
++    - http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/services/named?revision=19
++  * logwatch.8: replace examples containing obsolete --print argument
++    with --output=stdout (LP: #564796)
++
++ -- Steve Beattie <sbeattie@ubuntu.com>  Wed, 02 Mar 2011 13:44:53 +0100
++
++logwatch (7.3.6.cvs20090906-1ubuntu3) maverick; urgency=low
++
++  * conf/logfiles/*, debian/dist.conf/logfiles/*:
++    Due to migration to rsyslog, the first rotation is now .1 and not .0
++    (fixes LP: #606715)
++
++ -- Thierry Carrez (ttx) <thierry.carrez@ubuntu.com>  Mon, 06 Sep 2010 14:57:14 +0200
++
++logwatch (7.3.6.cvs20090906-1ubuntu2) lucid; urgency=low
++
++  * conf/html/{footer.html,header.html} Re-add dropped from the
++    previous version of logtwatch. (LP: #481327)
++
++ -- Chuck Short <zulcss@ubuntu.com>  Tue, 17 Nov 2009 14:57:58 -0500
++
++logwatch (7.3.6.cvs20090906-1ubuntu1) karmic; urgency=low
++
++  * Merge from debian unstable (LP: #228917, #391077, #425206, #443252),
++    remaining changes:
++    - Use postfix rather than exim4.
++
++ -- Kees Cook <kees@ubuntu.com>  Mon, 05 Oct 2009 09:20:31 -0700
++
  logwatch (7.3.6.cvs20090906-1) unstable; urgency=low
    * New CVS snapshot + postfix-logwatch 1.38.01
@@ -311,6 +635,16 @@ logwatch (7.3.6.cvs20090906-1) unstable; urgency=low
   -- Willi Mann <willi@wm1.at>  Mon, 07 Sep 2009 17:04:43 +0200
++logwatch (7.3.6.cvs20080702-2ubuntu1) jaunty; urgency=low
++
++  [ Bhavani Shankar ]
++  * Merge from debian unstable, remaining changes: LP: #314620
++    - Use postfix rather than exim4.
++    - Fix logwatch.pl for servers that have the same hostname as a config
++      variable (ie: medium). Thanks for Nathan Crawford. (LP: #296349)
++
++ -- Mathias Gug <mathiaz@ubuntu.com>  Wed, 07 Jan 2009 19:23:58 -0500
++
  logwatch (7.3.6.cvs20080702-2) unstable; urgency=low
    * add Michael Tautschnig to changelog of former version, crediting
@@ -326,6 +660,33 @@ logwatch (7.3.6.cvs20080702-2) unstable; urgency=low
   -- Willi Mann <willi@wm1.at>  Sun, 07 Dec 2008 08:20:06 +0100
++logwatch (7.3.6.cvs20080702-1ubuntu4) jaunty; urgency=low
++
++  * Fix typo. (LP: #296349)
++
++ -- Chuck Short <zulcss@ubuntu.com>  Wed, 03 Dec 2008 15:22:33 +0000
++
++logwatch (7.3.6.cvs20080702-1ubuntu3) jaunty; urgency=low
++
++  * Fix logwatch.pl for servers that have the same hostname as a config
++    variable (ie: medium). Thanks for Nathan Crawford. (LP: #296349)
++
++ -- Chuck Short <zulcss@ubuntu.com>  Mon, 10 Nov 2008 16:46:59 +0000
++
++logwatch (7.3.6.cvs20080702-1ubuntu2) intrepid; urgency=low
++
++  * Corrected FTBFS from the merge by correcting arch from any to all
++
++ -- Michael Casadevall <sonicmctails@gmail.com>  Fri, 05 Sep 2008 19:20:30 -0400
++
++logwatch (7.3.6.cvs20080702-1ubuntu1) intrepid; urgency=low
++
++  * Merge from debian unstable, remaining changes:
++    - Use postfix rather than exim4.
++    - Update maintainers according to spec.
++
++ -- Chuck Short <zulcss@ubuntu.com>  Sat, 05 Jul 2008 11:49:54 +0100
++
  logwatch (7.3.6.cvs20080702-1) unstable; urgency=medium
    * New upstream CVS snapshot
@@ -345,6 +706,15 @@ logwatch (7.3.6.cvs20080702-1) unstable; urgency=medium
   -- Willi Mann <willi@wm1.at>  Fri, 04 Jul 2008 16:51:36 +0200
++logwatch (7.3.6-1ubuntu1) hardy; urgency=low
++
++  * Added patch from Paul Schulz to fix 'pam_unix unknown entries'
++    for authlog. (LP: #181690)
++  * Bumped starndards version to 3.7.3
++  * Use postfix rather than exim4.
++
++ -- Chuck Short <zulcss@ubuntu.com>  Thu, 21 Feb 2008 08:35:13 -0500
++
  logwatch (7.3.6-1) unstable; urgency=low
    * New upstream version:
@@ -770,3 +1140,4 @@ logwatch (5.0-1) unstable; urgency=low
      to the logfile(s). That's most likely the problem.
   -- Willi Mann <willi@wm1.at>  Wed, 12 Nov 2003 20:14:15 +0100
++
 diff --git a/debian/control b/debian/control
 index 764bd58..e39f936 100644
 --- a/debian/control
 +++ b/debian/control
@@ -1,7 +1,8 @@
  Source: logwatch
  Section: admin
  Priority: optional
--Maintainer: Willi Mann <willi@debian.org>
++Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
++XSBC-Original-Maintainer: Willi Mann <willi@debian.org>
  Build-Depends: debhelper (>> 11.0.0~)
  Standards-Version: 4.5.0
  Homepage: https://sourceforge.net/projects/logwatch/
@@ -11,7 +12,8 @@ Vcs-Git: https://salsa.debian.org/debian/logwatch.git
  Package: logwatch
  Architecture: all
  Depends: ${perl:Depends}, ${misc:Depends}, default-mta | mail-transport-agent
--Recommends: libdate-manip-perl, libsys-cpu-perl, libsys-meminfo-perl
++Recommends: libdate-manip-perl
++Suggests: libsys-cpu-perl, libsys-meminfo-perl
  Description: log analyser with nice output written in Perl
   Logwatch is a modular log analyser that runs every night
   and mails you the results. It can also be run from command line.
 diff --git a/debian/patches/0011-postfix-Ignore-Resolved-loghost-to-127.0.0.1.patch b/debian/patches/0011-postfix-Ignore-Resolved-loghost-to-127.0.0.1.patch
 new file mode 100644
 index 0000000..3060a0b
 --- /dev/null
 +++ b/debian/patches/0011-postfix-Ignore-Resolved-loghost-to-127.0.0.1.patch
@@ -0,0 +1,42 @@
++From 6373191438fb8f4699aaeb8c53aaf7abcd4d8999 Mon Sep 17 00:00:00 2001
++From: Bryce Harrington <bryce@canonical.com>
++Date: Wed, 19 Aug 2020 03:29:42 +0000
++Subject: [PATCH 01/10] postfix: Ignore Resolved loghost to 127.0.0.1
++
++Ref: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1583705
++Signed-off-by: Bryce Harrington <bryce@canonical.com>
++---
++ scripts/services/postfix | 5 +++--
++ 1 file changed, 3 insertions(+), 2 deletions(-)
++
++Origin: vendor
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1583705
++Forwarded: https://sourceforge.net/p/logwatch/git/merge-requests/46/
++Last-Updated: 2020-08-20
++
++diff --git a/scripts/services/postfix b/scripts/services/postfix
++index b5cb2ec..6550e3d 100644
++--- a/scripts/services/postfix
+++++ b/scripts/services/postfix
++@@ -2286,7 +2286,7 @@ sub postfix_postgrey($) {
++       #TDpg unrecognized request type: ''
++       #TDpg rm /var/spool/postfix/postgrey/log.0000000002
++       #TDpg 2007/01/25-14:48:00 Pid_file already exists for running process (4775)... aborting    at line 232 in file /usr/lib/perl5/vendor_perl/5.8.7/Net/Server.pm
++-
+++      #TDpg Resolved [localhost]:10023 to [127.0.0.1]:10023, IPv4
++
++       $line =~ /^cleaning / or
++       $line =~ /^delayed / or
++@@ -2301,7 +2301,8 @@ sub postfix_postgrey($) {
++       # unanchored last
++       $line =~ /Pid_file already exists/ or
++       $line =~ /postgrey .* starting!/ or
++-      $line =~ /Server closing!/
+++      $line =~ /Server closing!/ or
+++      $line =~ /Resolved .*localhost.*IPv4/
++    );
++
++    my ($action,$reason,$delay,$host,$ip,$sender,$recip);
++--
++2.27.0
++
 diff --git a/debian/patches/0012-postfix-Handle-backwards-compatible-mode.patch b/debian/patches/0012-postfix-Handle-backwards-compatible-mode.patch
 new file mode 100644
 index 0000000..f4261e3
 --- /dev/null
 +++ b/debian/patches/0012-postfix-Handle-backwards-compatible-mode.patch
@@ -0,0 +1,74 @@
++From 44848e3237ddbdc593a938b543f897117049bb36 Mon Sep 17 00:00:00 2001
++From: Bryce Harrington <bryce@canonical.com>
++Date: Wed, 19 Aug 2020 04:01:24 +0000
++Subject: [PATCH 02/10] postfix: Handle backwards-compatible mode
++
++Fixes: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1583705
++Signed-off-by: Bryce Harrington <bryce@canonical.com>
++---
++ scripts/services/postfix | 23 +++++++++++++++++++++++
++ 1 file changed, 23 insertions(+)
++
++Origin: vendor
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1583705
++Forwarded: https://sourceforge.net/p/logwatch/git/merge-requests/46/
++Last-Updated: 2020-08-20
++
++diff --git a/scripts/services/postfix b/scripts/services/postfix
++index 6550e3d..253401c 100644
++--- a/scripts/services/postfix
+++++ b/scripts/services/postfix
++@@ -2609,6 +2609,7 @@ sub postfix_fatal;
++ sub postfix_error;
++ sub postfix_warning;
++ sub postfix_script;
+++sub backwards_compatible;
++ sub postfix_postsuper;
++ sub process_delivery_attempt;
++ sub cleanhostreply;
++@@ -2815,6 +2816,9 @@ sys     0m3.005s
++    if ($p1 =~ /^panic: +(.*)$/)             { postfix_panic($1);   next; }
++    if ($p1 =~ /^error: +(.*)$/)             { postfix_error($1);   next; }
++
+++   # Backwards compatibility mode
+++   if ($p1 =~ /compati/i)                   { backwards_compatible($p1); next; }    # backwards-compatible default settings
+++
++    # output by all services that use table lookups - process before specific messages
++    if ($p1 =~ /(?:lookup )?table (?:[^ ]+ )?has changed -- (?:restarting|exiting)$/) {
++       #TD table hash:/var/mailman/data/virtual-mailman(0,lock|fold_fix) has changed -- restarting
++@@ -4806,6 +4810,22 @@ sub postfix_script($) {
++    }
++ }
++
+++# Handles postfix backwards compatibility mode lines
+++#
+++sub backwards_compatible($) {
+++    my $line = shift;
+++
+++    if ($line =~ /^Postfix is running with backwards-compatible default settings/o) {
+++	$Totals{'backwardscompatible'}++;
+++    }
+++    elsif ($line =~ /^See http.*COMPATIBILITY_README.html for details/o) {
+++	$Totals{'backwardscompatible'}++;
+++    }
+++    elsif ($line =~ /^To disable backwards compatibility use.*/o) {
+++	$Totals{'backwardscompatible'}++;
+++    }
+++}
+++
++ # Clean up a server's reply, to give some uniformity to reports
++ #
++ sub cleanhostreply($ $ $ $) {
++@@ -5213,6 +5233,9 @@ sub build_sect_table() {
++    add_section ($S, 'postfixwaiting',              0, 'd', 'Postfix waiting to terminate');
++    end_section_group ($S, 'postfixstate');
++
+++   begin_section_group ($S, 'backwardscompatible', "\n");
+++   add_section ($S, 'backwardscompatible',         1, 'd', 'Running in backwards compatibile mode');
+++   end_section_group ($S, 'backwardscompatible');
++
++    if ($Opts{'debug'} & Logreporters::D_SECT) {
++       print "\tSection table\n";
++--
++2.27.0
++
 diff --git a/debian/patches/0013-secure-Ignore-warnings-about-gnome-keyring-daemon-it.patch b/debian/patches/0013-secure-Ignore-warnings-about-gnome-keyring-daemon-it.patch
 new file mode 100644
 index 0000000..49c5639
 --- /dev/null
 +++ b/debian/patches/0013-secure-Ignore-warnings-about-gnome-keyring-daemon-it.patch
@@ -0,0 +1,32 @@
++From f07ae467270712186b66ab7b670f0740c3b3bc0f Mon Sep 17 00:00:00 2001
++From: Bryce Harrington <bryce@canonical.com>
++Date: Wed, 19 Aug 2020 04:19:41 +0000
++Subject: [PATCH 03/10] secure: Ignore warnings about gnome-keyring-daemon
++ items already registered
++
++Fixes: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890752
++Signed-off-by: Bryce Harrington <bryce@canonical.com>
++---
++ scripts/services/secure | 1 +
++ 1 file changed, 1 insertion(+)
++
++Origin: vendor
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890752
++Forwarded: https://sourceforge.net/p/logwatch/git/merge-requests/46/
++Last-Updated: 2020-08-20
++
++diff --git a/scripts/services/secure b/scripts/services/secure
++index 769356a..25feace 100644
++--- a/scripts/services/secure
+++++ b/scripts/services/secure
++@@ -156,6 +156,7 @@ while (defined($ThisLine = <STDIN>)) {
++       ( $ThisLine =~ /sshguard\[\d+\]: (?:message repeated \d+ times: \[ )?\S+: not blocking /) or
++       ( $ThisLine =~ /sshguard\[\d+\]: Received EOF from stdin/) or
++       ( $ThisLine =~ /sshguard\[\d+\]: .*has already been blocked/) or
+++      ( $ThisLine =~ /gnome-keyring-daemon\[\d+\]: asked to register item.*already registered/) or
++       0 # This line prevents blame shifting as lines are added above
++    ) {
++       # Ignore these entries
++--
++2.27.0
++
 diff --git a/debian/patches/0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch b/debian/patches/0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch
 new file mode 100644
 index 0000000..9154652
 --- /dev/null
 +++ b/debian/patches/0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch
@@ -0,0 +1,52 @@
++From 488a232634c1d383f4ec356d776b4ee292e48b0a Mon Sep 17 00:00:00 2001
++From: Bryce Harrington <bryce@canonical.com>
++Date: Wed, 19 Aug 2020 04:39:22 +0000
++Subject: [PATCH 04/10] zz-sys: Suppress warnings if Sys::CPU or Sys::MemInfo
++ are missing
++
++Neither of these perl modules are installed by default with a logwatch
++installation, by intention, so the missing module warnings are
++inappropriate.  These modules only provide a minor amount of detail when
++installed, and their information is volatile which can trigger false
++test failures in some cases.
++
++Fixes: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890749
++Signed-off-by: Bryce Harrington <bryce@canonical.com>
++---
++ scripts/services/zz-sys | 8 ++++----
++ 1 file changed, 4 insertions(+), 4 deletions(-)
++
++Origin: vendor
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890749
++Forwarded: not-needed
++Last-Updated: 2020-08-20
++
++diff --git a/scripts/services/zz-sys b/scripts/services/zz-sys
++index 39f94ce..6bbf3fe 100644
++--- a/scripts/services/zz-sys
+++++ b/scripts/services/zz-sys
++@@ -35,8 +35,8 @@
++
++ eval "require Sys::CPU";
++ if ($@) {
++-   print STDERR "No Sys::CPU module installed.  To install, execute the command:\n";
++-   print STDERR "   perl -MCPAN -e 'install Sys::CPU' \n\n";
+++   # Sys::CPU (and Sys::MemInfo) are intentionally not installed on Ubuntu.
+++   # Silently skip this if not present.
++ } else {
++    import Sys::CPU;
++    print "   CPU:     " . Sys::CPU::cpu_count() . " " . Sys::CPU::cpu_type() . " at " . Sys::CPU::cpu_clock() . "MHz\n";
++@@ -52,8 +52,8 @@ print "   Release: $OStitle $release\n";
++
++ eval "require Sys::MemInfo";
++ if ($@) {
++-   print STDERR "No Sys::MemInfo module installed.  To install, execute the command:\n";
++-   print STDERR "   perl -MCPAN -e 'install Sys::MemInfo' \n\n";
+++   # Sys::CPU (and Sys::MemInfo) are intentionally not installed on Ubuntu.
+++   # Silently skip this if not present.
++ } else {
++    import Sys::MemInfo qw(totalmem freemem totalswap freeswap);
++    my $swapused = &totalswap - &freeswap;
++--
++2.27.0
++
 diff --git a/debian/patches/0015-pam_unix-Ignore-issues-about-etc-securetty-being-mis.patch b/debian/patches/0015-pam_unix-Ignore-issues-about-etc-securetty-being-mis.patch
 new file mode 100644
 index 0000000..f112ec7
 --- /dev/null
 +++ b/debian/patches/0015-pam_unix-Ignore-issues-about-etc-securetty-being-mis.patch
@@ -0,0 +1,51 @@
++From 1b471a45e1a0bb55302d65e3cffb72fa0ea66391 Mon Sep 17 00:00:00 2001
++From: Bryce Harrington <bryce@canonical.com>
++Date: Wed, 19 Aug 2020 04:43:25 +0000
++Subject: [PATCH 05/10] pam_unix: Ignore issues about /etc/securetty being
++ missing
++
++Fixes: https://bugs.launchpad.net/ubuntu/focal/+source/logwatch/+bug/1890751
++Signed-off-by: Bryce Harrington <bryce@canonical.com>
++---
++ scripts/services/pam_unix | 5 +++++
++ scripts/services/sudo     | 3 +++
++ 2 files changed, 8 insertions(+)
++
++Origin: vendor
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/focal/+source/logwatch/+bug/1890751
++Forwarded: https://sourceforge.net/p/logwatch/git/merge-requests/46/
++Last-Updated: 2020-08-20
++
++diff --git a/scripts/services/pam_unix b/scripts/services/pam_unix
++index dea1d15..80f7b32 100644
++--- a/scripts/services/pam_unix
+++++ b/scripts/services/pam_unix
++@@ -74,6 +74,11 @@ while ($line = <STDIN>) {
++       $data{"all"}{'Password Expiring'}{"$1 in $2 days"}++;
++       next;
++    }
+++   # handle all missing /etc/securetty warnings
+++   if ($line =~ /Couldn.t open \/etc\/securetty/) {
+++      # Ignore - see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674857#25
+++      next;
+++   }
++    #lowercase the service
++    $service = lc($service);
++    if ( grep $_ eq $service, qw/ssh sshd login ftp vsftpd proftpd rsh remote rlogin rexec systemd-user/) {
++diff --git a/scripts/services/sudo b/scripts/services/sudo
++index 6c0ff52..be3ffb2 100644
++--- a/scripts/services/sudo
+++++ b/scripts/services/sudo
++@@ -72,6 +72,9 @@ while (defined(my $ThisLine = <STDIN>)) {
++          or $ThisLine =~ /pam_systemd\(sudo:session\): Cannot create session: Already (running in|occupied by) a session/
++            ) {
++      # Ignore
+++   # handle all missing /etc/securetty warnings
+++   } elsif ($ThisLine =~ /pam_unix\(sudo:auth\): Couldn.t open \/etc\/securetty/) {
+++      # Ignore - see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674857#25
++    } elsif ($ThisLine =~ /(.+): conversation failed/) {
++      $ConFailed{$1}++;
++    } elsif ( ($user, $error, $tty, $dir, $euser, $egroup, $cmd, $args) = $ThisLine =~ m/^\s*(\S+) : (.*; )?TTY=(\S+) ; PWD=(.*?) ; USER=(\S+) ;(?: GROUP=(\S+) ;)? COMMAND=(\S+)( ?.*)/) {
++--
++2.27.0
++
 diff --git a/debian/patches/0017-audit-Apparmor-DENIED-entries-don-t-always-include-p.patch b/debian/patches/0017-audit-Apparmor-DENIED-entries-don-t-always-include-p.patch
 new file mode 100644
 index 0000000..cacf79e
 --- /dev/null
 +++ b/debian/patches/0017-audit-Apparmor-DENIED-entries-don-t-always-include-p.patch
@@ -0,0 +1,28 @@
++From: Bryce Harrington <bryce@canonical.com>
++Date: Thu, 20 Aug 2020 04:56:08 +0000
++Subject: [PATCH 07/10] audit: Apparmor DENIED entries don't always include
++ parent=N
++
++Ref: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1577948
++Signed-off-by: Bryce Harrington <bryce@canonical.com>
++---
++ scripts/services/audit | 1 +
++ 1 file changed, 1 insertion(+)
++
++Origin: vendor
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1577948
++Forwarded: https://sourceforge.net/p/logwatch/git/merge-requests/46/
++Last-Updated: 2020-08-20
++
++diff --git a/scripts/services/audit b/scripts/services/audit
++index b12f710..46e300e 100644
++--- a/scripts/services/audit
+++++ b/scripts/services/audit
++@@ -134,6 +134,7 @@ while ($ThisLine = <STDIN>) {
++         } elsif ( $ThisLine =~ /apparmor="DENIED" operation="([^"]+)" parent=\d+ profile="([^"]+)" name="([^"]+)" pid=\d+ comm="([^"]+)"/ ) {
++             # type=1400 audit(1314853822.672:33649): apparmor="DENIED" operation="mknod" parent=27250 profile="/usr/lib/apache2/mpm-prefork/apache2//example.com" name="/usr/share/wordpress/1114140474e5f13bea68a4.tmp" pid=27289 comm="apache2" requested_mask="c" denied_mask="c" fsuid=33 ouid=33
++             # type=1400 audit(1315353795.331:33657): apparmor="DENIED" operation="exec" parent=14952 profile="/usr/lib/apache2/mpm-prefork/apache2//example.com" name="/usr/lib/sm.bin/sendmail" pid=14953 comm="sh" requested_mask="x" denied_mask="x" fsuid=33 ouid=0
+++            # type=1400 audit(1597683992.796:8057): apparmor="DENIED" operation="exec" profile="/usr/bin/evince" name="/usr/lib/uim/uim-helper-server" pid=1687330 comm="evince" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0: 1 Time(s)
++             $denials{$1.' '.$3.' ('.$2.' via '.$4 . ')'}++;
++         } elsif ( $ThisLine =~ /apparmor="ALLOWED" operation="([^"]+)" (info="([^"]+)" )?(error=[+-]?\d+ )?(parent=\d+ )?profile="([^"]+)" (name="([^"]+)" )?pid=\d+ comm="([^"]+)"/ ) {
++             # type=1400 audit(1369519203.141:259049): apparmor="ALLOWED" operation="exec" parent=3733 profile="/usr/sbin/dovecot//null-1c//null-1d" name="/usr/lib/dovecot/pop3-login" pid=24634 comm="dovecot" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 target="/usr/sbin/dovecot//null-1c//null-1d//null-d12"
 diff --git a/debian/patches/0018-audit-Treat-Denial-Errors-same-as-Denied.patch b/debian/patches/0018-audit-Treat-Denial-Errors-same-as-Denied.patch
 new file mode 100644
 index 0000000..1d322d2
 --- /dev/null
 +++ b/debian/patches/0018-audit-Treat-Denial-Errors-same-as-Denied.patch
@@ -0,0 +1,28 @@
++From: Bryce Harrington <bryce@bryceharrington.org>
++Date: Tue, 25 Aug 2020 18:02:43 -0300
++Subject: audit: Treat Denial Errors same as Denied
++
++Ubuntu Security says, "I think this would be more useful as DENIED, as
++that's how we discuss these line events elsewhere."
++---
++ scripts/services/audit | 3 +++
++ 1 file changed, 3 insertions(+)
++
++Origin: vendor, https://sourceforge.net/p/logwatch/git/ci/c827d09423489fcdd840c670528a05573bd90278/
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1577948
++Last-Updated: 2020-08-25
++
++diff --git a/scripts/services/audit b/scripts/services/audit
++index 46e300e..a590c5e 100644
++--- a/scripts/services/audit
+++++ b/scripts/services/audit
++@@ -136,6 +136,9 @@ while ($ThisLine = <STDIN>) {
++             # type=1400 audit(1315353795.331:33657): apparmor="DENIED" operation="exec" parent=14952 profile="/usr/lib/apache2/mpm-prefork/apache2//example.com" name="/usr/lib/sm.bin/sendmail" pid=14953 comm="sh" requested_mask="x" denied_mask="x" fsuid=33 ouid=0
++             # type=1400 audit(1597683992.796:8057): apparmor="DENIED" operation="exec" profile="/usr/bin/evince" name="/usr/lib/uim/uim-helper-server" pid=1687330 comm="evince" requested_mask="x" denied_mask="x" fsuid=1000 ouid=0: 1 Time(s)
++             $denials{$1.' '.$3.' ('.$2.' via '.$4 . ')'}++;
+++        } elsif ( $ThisLine =~ /apparmor="DENIED" operation="([^"]+)" info="([^"]+)" error=-*[0-9]+ profile="([^"]+)" name="([^"]+)" pid=\d+ comm="([^"]+)"/ ) {
+++            # type=1400 audit(1597690743.153:8073): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxd-open-iscsi-review-mp389234-groovy_</var/snap/lxd/common/lxd>" name="/run/" pid=1694826 comm="mount" flags="rw, nosuid, nodev, remount": 1 Time(s)
+++            $denials{$1.' '.$4.' ('.$3.' via '.$5 .': '.$2. ')'}++;
++         } elsif ( $ThisLine =~ /apparmor="ALLOWED" operation="([^"]+)" (info="([^"]+)" )?(error=[+-]?\d+ )?(parent=\d+ )?profile="([^"]+)" (name="([^"]+)" )?pid=\d+ comm="([^"]+)"/ ) {
++             # type=1400 audit(1369519203.141:259049): apparmor="ALLOWED" operation="exec" parent=3733 profile="/usr/sbin/dovecot//null-1c//null-1d" name="/usr/lib/dovecot/pop3-login" pid=24634 comm="dovecot" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 target="/usr/sbin/dovecot//null-1c//null-1d//null-d12"
++             # type=1400 audit(1369627891.522:447576): apparmor="ALLOWED" operation="capable" parent=1 profile="/usr/sbin/dovecot//null-1c//null-1d" pid=3733 comm="dovecot" capability=5 capname="kill"
 diff --git a/debian/patches/0019-exim-Handle-self-signed-certs-warnings.patch b/debian/patches/0019-exim-Handle-self-signed-certs-warnings.patch
 new file mode 100644
 index 0000000..35847c3
 --- /dev/null
 +++ b/debian/patches/0019-exim-Handle-self-signed-certs-warnings.patch
@@ -0,0 +1,73 @@
++From 684b9ad38e41aab5a44fc2b8c2585015cef01245 Mon Sep 17 00:00:00 2001
++From: Bryce Harrington <bryce@canonical.com>
++Date: Thu, 20 Aug 2020 22:34:43 +0000
++Subject: [PATCH 09/10] exim: Handle self-signed certs warnings
++
++This generates a 2-line warning, so handle the second line as part of
++the warning message, not as "BAD FORMAT".
++
++Fixes: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1892269
++Signed-off-by: Bryce Harrington <bryce@canonical.com>
++---
++ scripts/services/exim | 19 +++++++++++++++++++
++ 1 file changed, 19 insertions(+)
++
++Origin: vendor
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1892269
++Forwarded: https://sourceforge.net/p/logwatch/git/merge-requests/46/
++Last-Updated: 2020-08-20
++
++diff --git a/scripts/services/exim b/scripts/services/exim
++index d2068a4..af1556a 100644
++--- a/scripts/services/exim
+++++ b/scripts/services/exim
++@@ -93,6 +93,10 @@ while (defined($ThisLine = <STDIN>)) {
++          $KeepEnv++ if $MatchedDate;
++          next;
++       }
+++      if ( $ThisLine =~ /^ Suggested action: either install a certificate or change tls_advertise_hosts option/ ) {
+++         push @SelfSignedH, $ThisLine;
+++         next;
+++      }
++       $BadFormat{$ThisLine}++;
++       next;
++    } unless ($year1,$month1,$day1,$h1,$m1,$s1) = ($ThisLine =~ /^(\d+)\-(\d+)\-(\d+)\s(\d+):(\d+):(\d+)\s.+/);
++@@ -266,6 +270,10 @@ while (defined($ThisLine = <STDIN>)) {
++       $Lookup++;
++       push @LookupH, $ThisLine;
++    }
+++   elsif ( $ThisLine =~ /No server certificate defined; will use a selfsigned one/ ) {
+++      $SelfSigned++;
+++      push @SelfSignedH, $ThisLine;
+++   }
++    elsif ( $ThisLine =~ /DKIM: .* \[verification succeeded\]/ ) {
++       # Ignore successful DKIM verification reports
++       # http://www.exim.org/exim-html-current/doc/html/spec_html/ch-support_for_dkim_domainkeys_identified_mail.html
++@@ -321,6 +329,16 @@ if ($Detail >= $LvlRuns) {
++    }
++ }
++
+++if (@SelfSignedH) {
+++   print "\n--- Self-Signed Certificate in use ($SelfSigned  Time(s))\n";
+++
+++   if ($Detail >= $LvlMsgs) {
+++      foreach $ThisOne (@SelfSignedH) {
+++         print "$ThisOne\n";
+++      }
+++   }
+++}
+++
++ if ($Detail >= $LvlVerify) {
++    if ((@SendVerify) and (@RecipVerify)) {
++       print "\n--- Address Verification ---\n";
++@@ -749,6 +767,7 @@ if ($Detail >= $LvlProtocol) {
++             }
++          }
++       }
+++
++    }
++ }
++
++--
++2.27.0
++
 diff --git a/debian/patches/0020-dhcpd-Ignore-lease-age-under-threshold-messages.patch b/debian/patches/0020-dhcpd-Ignore-lease-age-under-threshold-messages.patch
 new file mode 100644
 index 0000000..d73695a
 --- /dev/null
 +++ b/debian/patches/0020-dhcpd-Ignore-lease-age-under-threshold-messages.patch
@@ -0,0 +1,32 @@
++From b5ba9adac18b8b964f1bc8532ef6b9809656777c Mon Sep 17 00:00:00 2001
++From: Bryce Harrington <bryce@canonical.com>
++Date: Thu, 20 Aug 2020 22:53:30 +0000
++Subject: [PATCH 10/10] dhcpd: Ignore lease age under threshold messages
++
++Fixes: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1578001
++Signed-off-by: Bryce Harrington <bryce@canonical.com>
++---
++ scripts/services/dhcpd | 2 ++
++ 1 file changed, 2 insertions(+)
++
++Origin: vendor
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1578001
++Forwarded: https://sourceforge.net/p/logwatch/git/merge-requests/46/
++Last-Updated: 2020-08-20
++
++diff --git a/scripts/services/dhcpd b/scripts/services/dhcpd
++index 98e7fa7..87312f7 100644
++--- a/scripts/services/dhcpd
+++++ b/scripts/services/dhcpd
++@@ -119,6 +119,8 @@ while (my $line = <STDIN>) {
++       ($line =~ /^of the dhcpd.conf file\./)
++      ) {
++     # Do nothing
+++   } elsif ($line =~ /lease age \d+ \(secs\) under \d+% threshold, reply with unaltered, existing lease/) {
+++    # Do nothing
++
++    } elsif ($line =~ s/^exiting./DHCP server exiting./) {
++       $data{'Generic error'}{$line}++;
++--
++2.27.0
++
 diff --git a/debian/patches/0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch b/debian/patches/0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch
 new file mode 100644
 index 0000000..7a7f9c9
 --- /dev/null
 +++ b/debian/patches/0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch
@@ -0,0 +1,69 @@
++From 0f725a6b489860edb9d92a2254eb994d8606ea47 Mon Sep 17 00:00:00 2001
++From: Lucas Kanashiro <lucas.kanashiro@canonical.com>
++Date: Tue, 25 Aug 2020 17:48:56 -0300
++Subject: [PATCH] audit: use the term ALLOWED instead of Grants
++
++Grants as a term does not exist in the apparmor world, ALLOWED would be
++more meaningful in this case.
++---
++ scripts/services/audit | 16 ++++++++--------
++ 1 file changed, 8 insertions(+), 8 deletions(-)
++
++Origin: vendor
++Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1577948
++Forwarded: https://sourceforge.net/p/logwatch/git/merge-requests/48/
++Last-Updated: 2020-09-03
++
++--- a/scripts/services/audit
+++++ b/scripts/services/audit
++@@ -36,7 +36,7 @@
++ use strict;
++ use Logwatch ':all';
++
++-my (%denials, %grants, %loads);
+++my (%denials, %allowed, %loads);
++ my %OtherList;
++ my $othercount = 0;
++ my $Debug = ($ENV{'LOGWATCH_DEBUG'} || 0);
++@@ -153,7 +153,7 @@
++ 	if ( $ThisLine =~ /avc:\s*denied\s*{\s*([^}]+).*scontext=(\S+)\s*tcontext=(\S+)\s*tclass=(\S+)/ ) {
++ 	    $denials{$2.' '.$3.' ('.$1.$4 . ')'}++;
++ 	} elsif ( $ThisLine =~ /avc:\s*granted\s*{\s*([^}]+).*scontext=(\S+)\s*tcontext=(\S+)\s*tclass=(\S+)/ ) {
++-	    $grants{$2.' '.$3.' ('.$1.$4 . ')'}++;
+++	    $allowed{$2.' '.$3.' ('.$1.$4 . ')'}++;
++ 	} elsif ($ThisLine =~ /security_compute_sid:\s*invalid context\s*(\S+)\s*for\s*scontext=(\S+)\s*tcontext=(\S+)\s*tclass=(\S+)/ ) {
++ 	    $InvalidContext{$4." running as ".$2." acting on ".$3." \nshould transit to invalid ".$1}++;
++         } elsif ($ThisLine =~ /security_sid_mls_copy:\s*invalid context\s*(\S+)/) {
++@@ -166,7 +166,7 @@
++ 	if ( $ThisLine =~ /avc:\s*denied\s*{\s*[^}]+.*scontext=(\S+)\s*tcontext=(\S+)\s*tclass=(\S+)/ ) {
++ 	    $denials{$1.' '.$2.' ('.$3 . ')'}++;
++ 	} elsif ( $ThisLine =~ /avc:\s*granted\s*{\s*[^}]+}.*scontext=(\S+)\s*tcontext=(\S+)\s*tclass=(\S+)/ ) {
++-	    $grants{$1.' '.$2.' ('.$3 . ')'}++;
+++	    $allowed{$1.' '.$2.' ('.$3 . ')'}++;
++ 	} elsif ($ThisLine =~ /security_compute_sid:\s*invalid context\s*(\S+)\s*for\s*scontext=(\S+)\s*tcontext=\S+\s*tclass=(\S+)/ ) {
++ 	    $InvalidContext{$3." running as ".$2." should transit to invalid ".$1}++;
++         } elsif ($ThisLine =~ /security_sid_mls_copy:\s*invalid context\s*(\S+)/) {
++@@ -179,7 +179,7 @@
++ 	if ( $ThisLine =~ /avc:\s*denied\s*{\s*[^}]+.*scontext=([^:]+):[^:]+:\S+\s*tcontext=([^:]+):[^:]+:\S+\s*tclass=(\S+)/ ) {
++ 	    $denials{$1.' '.$2.' ('.$3 . ')'}++;
++ 	} elsif ( $ThisLine =~ /avc:\s*granted\s*{\s*[^}]+.*scontext=([^:]+):[^:]+:\S+\s*tcontext=([^:]+):[^:]+:\S+\s*tclass=(\S+)/ ) {
++-	    $grants{$1.' '.$2.' ('.$3 . ')'}++;
+++	    $allowed{$1.' '.$2.' ('.$3 . ')'}++;
++ 	} elsif ($ThisLine =~ /security_compute_sid:\s*invalid context\s*(\S+)\s*for\s*scontext=(\S+)\s*tcontext=\S+\s*tclass=(\S+)/ ) {
++    	    $InvalidContext{$3." running as ".$2." should transit to invalid ".$1}++;
++         } elsif ($ThisLine =~ /security_sid_mls_copy:\s*invalid context\s*(\S+)/) {
++@@ -204,10 +204,10 @@
++     }
++ }
++
++-if ( keys %grants ) {
++-    print "\n\n*** Grants ***\n";
++-    foreach my $key (sort keys %grants) {
++-    	print "   $key: ". $grants{$key} . " times\n";
+++if ( keys %allowed ) {
+++    print "\n\n*** Allowed ***\n";
+++    foreach my $key (sort keys %allowed) {
+++        print "   $key: ". $allowed{$key} . " times\n";
++     }
++ }
++
 diff --git a/debian/patches/series b/debian/patches/series
 index 98946bb..1a90206 100644
 --- a/debian/patches/series
 +++ b/debian/patches/series
@@ -2,3 +2,15 @@
 -logfiles-vsftpd.conf-Use-custom-pattern-for-applystd.patch
 -Ignore-ecryptfs-automounting-messages-in-cron.patch
 -scripts-mdadm-Fix-parsing-of-mdadm.conf-handle-ignor.patch
++
++# Ubuntu patches
++0011-postfix-Ignore-Resolved-loghost-to-127.0.0.1.patch
++0012-postfix-Handle-backwards-compatible-mode.patch
++0013-secure-Ignore-warnings-about-gnome-keyring-daemon-it.patch
++0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch
++0015-pam_unix-Ignore-issues-about-etc-securetty-being-mis.patch
++0017-audit-Apparmor-DENIED-entries-don-t-always-include-p.patch
++0018-audit-Treat-Denial-Errors-same-as-Denied.patch
++0019-exim-Handle-self-signed-certs-warnings.patch
++0020-dhcpd-Ignore-lease-age-under-threshold-messages.patch
++0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch

Ubuntulogwatch package

Merge ~bryce/ubuntu/+source/logwatch:logwatch-merge-v7.5.4-1-hirsute into ubuntu/+source/logwatch:debian/sid

Commit message

Description of the change

Preview Diff

Subscribers

Ubuntu
logwatch package