����libaudit1-3.0.6-150400.4.16.1���<>,���]ĉe�`�p���9�|�[8�'!�-�1��ox��B���%������4 f�b��G�$�cT���dۀ�[��"Ͷ��(�+��]���D��M"�$�]��$d�yc^���'N�ym��!��@�ϙ�F�7�@���47���e�2n��q8���|L��I�=�\i}�&�bC �c� LB�Yd ���L��e��d�50����bP�qP�?�����X}��UU>˘,�K���Ԋ�[|S��,|T�?�Z��;>Z�����D�\��D�f0 xn�$17��ҡ��–�x�F>�������CO?Od�� �� � X������������ � 6�G�o�u|� � � � p ������H | � (�8�9H:�>J�@J�BJ�FJ�GKHKIK$XK(YK<ZK�[K�\K�]K�^K�bLcL�dM-eM2fM5lM7uMHvMXwNhxNxyN�zN��N��N��N��OClibaudit13.0.6150400.4.16.1Library for interfacing with the kernel audit subsystemThe libaudit package contains the shared libraries needed for applications to use the audit framework.e�`�s390zl39ڠSUSE Linux Enterprise 15SUSE LLC LGPL-2.1-or-laterhttps://www.suse.com/System/Librarieshttps://people.redhat.com/sgrubb/audit/linuxs390x�׸)�����큤e�`�e�`�e�`�e�`�d48318c90620fde96cb6a8e6eb1eb64663b21200f9d1d053f9e3b4fce24a25430928d6d8032014a75ba962a5616e65211058e299a9c2de866f88fff24e2a126fb45065b6598339d91e74ded8b66e39b0452d379b26935948b3c8faa085817b23libaudit.so.1.0.0rootrootrootrootrootrootrootrootaudit-3.0.6-150400.4.16.1.src.rpm����������������audit-libsconfig(libaudit1)libaudit.so.1()(64bit)libaudit1libaudit1(s390-64)@@@@@@    /sbin/ldconfig/sbin/ldconfigconfig(libaudit1)libc.so.6()(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.8)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.6-150400.4.16.13.0.4-14.6.0-14.0-15.2-14.14.3dJ�bT@a���aC1�a��`�D�_ǁ�^���^[�\�|�[.6@[&M@Z���Zz�@Y���Yu�@Ym�@V��@V�b�V^�@U��Ts�ematsumiya@suse.dejengelh@inai.degmbr3@opensuse.orgematsumiya@suse.comematsumiya@suse.comematsumiya@suse.comabergmann@suse.comematsumiya@suse.comtonyj@suse.comjengelh@inai.deantoine.belvire@opensuse.organtoine.belvire@opensuse.orgtonyj@suse.comtchvatal@suse.comaavindraa@gmail.comjengelh@inai.detonyj@suse.comtchvatal@suse.comtchvatal@suse.comp.drouand@gmail.comtonyj@suse.commq@suse.cz- Enable livepatching on main library on x86_64.- Modernize specfile constructs.- Update to version 3.0.6: * fixes a segfault on some SELINUX_ERR records * makes IPX packet interpretation dependent on the ipx header file existing * adds b32/b64 support to ausyscall * adds support for armv8l * fixes auditctl list of syscalls on PPC * auditd.service now restarts auditd under some conditions- Update to version 3.0.5: * In auditd, flush uid/gid caches when user/group added/deleted/modified * Fixed various issues when dealing with corrupted logs * In auditd, check if log_file is valid before closing handle - Include fixed from 3.0.4: * Apply performance speedups to auparse library * Optimize rule loading in auditctl * Fix an auparse memory leak caused by glibc-2.33 by replacing realpath * Update syscall table to the 5.14 kernel * Fixed various issues when dealing with corrupted logs- Update to version 3.0.3: * Dont interpret audit netlink groups unless AUDIT_NLGRP_MAX is defined * Add support for AUDIT_RESP_ORIGIN_UNBLOCK_TIMED to ids * Change auparse_feed_has_data in auparse to include incomplete events * Auditd, stop linking against -lrt * Add ProtectHome and RestrictRealtime to auditd.service * In auditd, read up to 3 netlink packets in a row * In auditd, do not validate path to plugin unless active * In auparse, only emit config errors when AUPARSE_DEBUG env variable exists - use https source urls- Adjust audit.spec and audit-secondary.spec to support new version - Include fix for libev * add libev-werror.patch - Update to version 3.0.2 - In audispd-statsd pluging, use struct sockaddr_storage (Ville Heikkinen) - Optionally interpret auid in auditctl -l - Update some syscall argument interpretations - In auditd, do not allow spaces in the hostname name format - Big documentation cleanup (MIZUTA Takeshi) - Update syscall table to the 5.12 kernel - Update the auparse normalizer for new event types - Fix compiler warnings in ids subsystem - Block a couple signals from flush & reconfigure threads - In auditd, don't wait on flush thread when exiting - Output error message if the path of input files are too long ausearch/report Included fixes from 3.0.1 - Update syscall table to the 5.11 kernel - Add new --eoe-timeout option to ausearch and aureport (Burn Alting) - Only enable periodic timers when listening on the network - Upgrade libev to 4.33 - Add auparse_new_buffer function to auparse library - Use the select libev backend unless aggregating events - Add sudoers to some base audit rules - Update the auparse normalizer for some new syscalls and event types Included fixes from 3.0 - Generate checkpoint file even when no results are returned (Burn Alting) - Fix log file creation when file logging is disabled entirely (Vlad Glagolev) - Convert auparse_test to run with python3 (Tomáš Chvátal) - Drop support for prelude - Adjust backlog_wait_time in rules to the kernel default (#1482848) - Remove ids key syntax checking of rules in auditctl - Use SIGCONT to dump auditd internal state (#1504251) - Fix parsing of virtual timestamp fields in ausearch_expression (#1515903) - Fix parsing of uid & success for ausearch - Add support for not equal operator in audit by executable (Ondrej Mosnacek) - Hide lru symbols in auparse - Add systemd process protections - Fix aureport summary time range reporting - Allow unlimited retries on startup for remote logging - Add queue_depth to remote logging stats and increase default queue_depth size - Fix segfault on shutdown - Merge auditd and audispd code - Close on execute init_pipe fd (#1587995) - Breakout audisp syslog plugin to be standalone program - Create a common internal library to reduce code - Move all audispd config files under /etc/audit/ - Move audispd.conf settings into auditd.conf - Add queue depth statistics to internal state dump report - Add network statistics to internal state dump report - SIGUSR now also restarts queue processing if its suspended - Update lookup tables for the 4.18 kernel - Add auparse_normalizer support for SOFTWARE_UPDATE event - Add 30-ospp-v42.rules to meet new Common Criteria requirements - Deprecate enable_krb and replace with transport config opt for remote logging - Mark netlabel events as simple events so that get processed quicker - When auditd is reconfiguring, only SIGHUP plugins with valid pid (#1614833) - In aureport, fix segfault in file report - Add auparse_normalizer support for labeled networking events - Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194) - In ausearch/auparse, event aging is off by a second - In ausearch/auparse, correct event ordering to process oldest first - Migrate auparse python test to python3 - auparse_reset was not clearing everything it should - Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events - In ausearch/report, lightly parse selinux portion of USER_AVC events - Add bpf syscall command argument interpretation to auparse - In ausearch/report, limit record size when malformed - Port af_unix plugin to libev - In auditd, fix extract_type function for network originating events - In auditd, calculate right size and location for network originating events - Make legacy script wait for auditd to terminate (#1643567) - Treat all network originating events as VER2 so dispatcher doesn't format it - If an event has a node name make it VER2 so dispatcher doesnt format it - In audisp-remote do an initial connection attempt (#1625156) - In auditd, allow expression of space left as a percentage (#1650670) - On PPC64LE systems, only allow 64 bit rules (#1462178) - Make some parts of auditd state report optional based on config - Update to libev-4.25 - Fix ausearch when checkpointing a single file (Burn Alting) - Fix scripting in 31-privileged.rules wrt filecap (#1662516) - In ausearch, do not checkpt if stdin is input source - In libev, remove __cold__ attribute for functions to allow proper hardening - Add tests to configure.ac for openldap support - Make systemd support files use /run rather than /var/run (Christian Hesse) - Fix minor memory leak in auditd kerberos credentials code - Allow exclude and user filter by executable name (Ondrej Mosnacek) - Fix auditd regression where keep_logs is limited by rotate_logs 2 file test - In ausearch/report fix --end to use midnight time instead of now (#1671338) - Add substitue functions for strndupa & rawmemchr - Fix memleak in auparse caused by corrected event ordering - Fix legacy reload script to reload audit rules when daemon is reloaded - Support for unescaping in trusted messages (Dmitry Voronin) - In auditd, use standard template for DEAMON events (Richard Guy Briggs) - In aureport, fix segfault for malformed USER_CMD events - Add exe field to audit_log_user_command in libaudit - In auditctl support filter on socket address families (Richard Guy Briggs) - Deprecate support for Alpha & IA64 processors - If space_left_action is rotate, allow it every time (#1718444) - In auparse, drop standalone EOE events - Add milliseconds column for ausearch extra time csv format - Fix aureport first event reporting when no start given - In audisp-remote, add new config item for startup connection errors - Remove dependency on chkconfig - Install rules to /usr/share/audit/sample-rules/ - Split up ospp rules to make SCAP scanning easier (#1746018) - In audisp-syslog, support interpreting records (#1497279) - Audit USER events now sends msg as name value pair - Add support for AUDIT_BPF event - Auditd should not process AUDIT_REPLACE events - Update syscall tables to the 5.5 kernel - Improve personality interpretation by using PERS_MASK - Speedup ausearch/report parsing RAW logging format by caching uid/name lookup - Change auparse python bindings to shared object (Issue #121) - Add error messages for watch permissions - If audit rules file doesn't exist log error message instead of info message - Revise error message for unmatched options in auditctl - In audisp-remote, fixup remote endpoint disappearin in ascii format - Add backlog_wait_time_actual reporting / resetting to auditctl (Max Englander) - In auditctl, add support for sending a signal to auditd - Remove audit-fno-common.patch: fixed in upstream - Remove audit-python3.patch: fixed in upstream- Enable Aarch64 processor support. (bsc#1179515 bsc#1179806)- Fix specfile to require libauparse0 and libaudit1 after splitting audit-libs (bsc#1172295)- Update to version 2.8.5: * Fix segfault on shutdown * Fix hang on startup (#1587995) * Add sleep to script to dump state so file is ready when needed * Add auparse_normalizer support for SOFTWARE_UPDATE event * Mark netlabel events as simple events so that get processed quicker * When audispd is reconfiguring, only SIGHUP plugins with valid pid (#1614833) * Add 30-ospp-v42.rules to meet new Common Criteria requirements * Update lookup tables for the 4.18 kernel * In aureport, fix segfault in file report * Add auparse_normalizer support for labeled networking events * Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194) * Event aging is off by a second * In ausearch/auparse, correct event ordering to process oldest first * auparse_reset was not clearing everything it should * Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events * In ausearch/report, lightly parse selinux portion of USER_AVC events * In ausearch/report, limit record size when malformed * In auditd, fix extract_type function for network originating events * In auditd, calculate right size and location for network originating events * Treat all network originating events as VER2 so dispatcher doesn't format it * In audisp-remote do an initial connection attempt (#1625156) * In auditd, allow expression of space left as a percentage (#1650670) * On PPC64LE systems, only allow 64 bit rules (#1462178) * Make some parts of auditd state report optional based on config * Fix ausearch when checkpointing a single file (Burn Alting) * Fix scripting in 31-privileged.rules wrt filecap (#1662516) * In ausearch, do not checkpt if stdin is input source * In libev, remove __cold__ attribute for functions to allow proper hardening * Add tests to configure.ac for openldap support * Make systemd support files use /run rather than /var/run (Christian Hesse) * Fix minor memory leak in auditd kerberos credentials code * Fix auditd regression where keep_logs is limited by rotate_logs 2 file test * In ausearch/report fix --end to use midnight time instead of now (#1671338) - Remote zos building is now a configurable option. It should be disabled in audit (and left enabled in audit-secondary).- Make use of some %make_install.- Update to version 2.8.4: * Generate checkpoint file even when not results are returned (Burn Alting). * Fix log file creation when file logging is disabled entirely (Vlad Glagolev). * Use SIGCONT to dump auditd internal state (rh#1504251). * Fix parsing of virtual timestamp fields in ausearch_expression (rh#1515903). * Fix parsing of uid & success for ausearch. * Hide lru symbols in auparse. * Fix aureport summary time range reporting. * Allow unlimited retries on startup for remote logging. * Add queue_depth to remote logging stats and increase default queue_depth size.- Update to version 2.8.3: * Correct msg function name in lru debug code. * Fix a segfault in auditd when dns resolution isn't available. * Make a reload legacy service for auditd. * In auparse python bindings, expose some new types that were missing. * In normalizer, pickup subject kind for user_login events. * Fix interpretation of unknown ioctcmds (rh#1540507). * Add ANOM_LOGIN_SERVICE, RESP_ORIGIN_BLOCK, & RESP_ORIGIN_BLOCK_TIMED events. * In auparse_normalize for USER_LOGIN events, map acct for subj_kind. * Fix logging of IPv6 addresses in DAEMON_ACCEPT events (rh#1534748). * Do not rotate auditd logs when num_logs < 2 (brozs).- Update header in audit-python3.patch - Update patch guidelines in README-BEFORE-ADDING-PATCHES- Add patch to fix test run without python2 interpreter: * audit-python3.patch - Update to 2.8.2 release: * Update tables for 4.14 kernel * Fixup ipv6 server side binding * AVC report from aureport was missing result column header (#1511606) * Add SOFTWARE_UPDATE event * In ausearch/report pickup any path and new-disk fields as a file * Fix value returned by auditctl --reset-lost (Richard Guy Briggs) * In auparse, fix expr_create_timestamp_comparison_ex to be numeric field * Fix building on old systems without linux/fanotify.h * Fix shell portability issues reported by shellcheck * Auditd validate_email should not use gethostbyname- Update to version 2.8.1 release (includes 2.8 and 2.7.8 changes) * many features added to auparse_normalize * cli option added to auditd and audispd for setting config dir * in auditd, restore the umask after creating a log file * option added to auditd for skipping email verification - Full changelog: http://people.redhat.com/sgrubb/audit/ChangeLog- Rectify RPM groups, diversify descriptions. - Remove mentions of static libraries because they are not built.- Update to version 2.7.7 release Changelog: https://people.redhat.com/sgrubb/audit/ChangeLog- Create folder for the m4 file from previous commit to avoid install failure- Version update to 2.5 release - Refresh two patches and README to contain SUSE and not SuSE * audit-allow-manual-stop.patch * audit-plugins-path.patch - Cleanup with spec-cleaner and do not use subshells but rather use - C parameter of make - Install m4 file to the devel package- Do not depend on insserv nor fillup; the package provides neither sysconfig nor sysvinit files- Update to version 2.4.4 (bsc#941922, CVE-2015-5186) - Remove patch 'audit-no_m4_dir.patch' (added Fri Apr 26 11:14:39 UTC 2013 by mmeister@suse.com) No idea what earlier 'automake' build error this was trying to fix but it broke the handling of "--without-libcap-ng". Anyways, no build error occurs now and m4 path is also needed in v2.4.4 to find ax_prog_cc_for_build - Require pkgconfig for build Changelog 2.4.4 - Fix linked list correctness in ausearch/report - Add more cross compile fixups (Clayton Shotwell) - Update auparse python bindings - Update libev to 4.20 - Fix CVE-2015-5186 Audit: log terminal emulator escape sequences handling Changelog 2.4.3 - Add python3 support for libaudit - Cleanup automake warnings - Add AuParser_search_add_timestamp_item_ex to python bindings - Add AuParser_get_type_name to python bindings - Correct processing of obj_gid in auditctl (Aleksander Zdyb) - Make plugin config file parsing more robust for long lines (#1235457) - Make auditctl status print lost field as unsigned number - Add interpretation mode for auditctl -s - Add python3 support to auparse library - Make --enable-zos-remote a build time configuration option (Clayton Shotwell) - Updates for cross compiling (Clayton Shotwell) - Add MAC_CHECK audit event type - Add libauparse pkgconfig file (Aleksander Zdyb) Changelog 2.4.2 - Ausearch should parse exe field in SECCOMP events - Improve output for short mode interpretations in auparse - Add CRYPTO_IKE_SA and CRYPTO_IPSEC_SA events - If auditctl is reading rules from a file, send messages to syslog (#1144252) - Correct lookup of ppc64le when determining machine type - Increase time buffer for wide character numbers in ausearch/report (#1200314) - In aureport, add USER_TTY events to tty report - In audispd, limit reporting of queue full messages (#1203810) - In auditctl, don't segfault when invalid options passed (#1206516) - In autrace, remove some older unimplemented syscalls for aarch64 (#1185892) - In auditctl, correct lookup of aarch64 in arch field (#1186313) - Update lookup tables for 4.1 kernel- Update to version 2.4.1 Changelog 2.4.1 - Make python3 support easier - Add support for ppc64le (Tony Jones) - Add some translations for a1 of ioctl system calls - Add command & virtualization reports to aureport - Update aureport config report for new events - Add account modification summary report to aureport - Add GRP_MGMT and GRP_CHAUTHTOK event types - Correct aureport account change reports - Add integrity event report to aureport - Add config change summary report to aureport - Adjust some syslogging level settings in audispd - Improve parsing performance in everything - When ausearch outputs a line, use the previously parsed values (Burn Alting) - Improve searching and interpreting groups in events - Fully interpret the proctitle field in auparse - Correct libaudit and auditctl support for kernel features - Add support for backlog_time_wait setting via auditctl - Update syscall tables for the 3.18 kernel - Ignore DNS failure for email validation in auditd (#1138674) - Allow rotate as action for space_left and disk_full in auditd.conf - Correct login summary report of aureport - Auditctl syscalls can be comma separated list now - Update rules for new subsystems and capabilities - Drop patch audit-add-ppc64le-mach-support.patch (already upstream)/sbin/ldconfig/sbin/ldconfigaudit-libss390zl39 1707237566�3.0.63.0.6-150400.4.16.13.0.6-150400.4.16.13.0.6-150400.4.16.12.0.4libaudit.conflibaudit.so.1libaudit.so.1.0.0libaudit.conf.5.gz/etc//usr/lib64//usr/share/man/man5/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:32494/SUSE_SLE-15-SP4_Update/5914fb326afdfa97abffe978ce69973e-audit.SUSE_SLE-15-SP4_Updatedrpmxz5s390x-suse-linuxASCII textELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, BuildID[sha1]=4bf2763d6e4d765f4fc1fe843d9417998c842d7e, strippedtroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)PRRRRRR�,��#�g�鳏~��utf-887ade89e69221442c2f497a62d1128813e72b785577deec4d71562f0137bb573?�����7zXZ �� �!t/��o ]"�k�%�ʽd�n��HvK�srx�G�)�H�m*\�q��4�}�C�[��8�{A��Ώ� RD ��GBfi��L�&[ ����t���T�?�;���s_-N��"g�p1�5'Ԓ��t���bփ���u.K���N~�W9T���O�oo�֘��u�/X|�_�;���-�� �c M�p�/K��k�:)�Ʌ~1ns���F$�#s��H�Y�*���޼}��������jlQ�@�~AL9��#d .�p�D+ Z��ArND����I�0ns� �w�*���n�X�v��h�У�F��i�a ����� C�e�?��o~)�P`4k�}����Ex1� �ъ@L�zV�WL�>vT�f�5���dΙ"�xR�I@���q��Ӵ]L��Ǯ�5[r�@��������/fK�% 1d%��h�*��;�9'��)��N�T|o���>|�Uɟ#ڶX����!�� �e�8Z{�47��&n��c���Q��8���p�j��|�ɡC��� d��.~cQC������D}���!��5ͤ���۝� �� ��L!�?��i}�� +S�`ˤ?�,F���e� J���SB����8~>qd���h�@�I������%�!���)��:ŕi�:R�� a#��ѝQP+���&�z׮j��ϰ:��栛L��0�>��gh��a5n��$_�Z�ܺ>���X8^7������x��V: x�ѩk2�S� �g��FԦm�܃��{���g5s�u��q1�vs��0��%u�k������g���oF��r̀�t ��l�T�����ˍW��&�*]3��xW|�É�+��3�� ��m��A�Z�oi~���A(����;��>�6[o�y�Ң����4lU�0���R�9<�����b�OGdR���o��W��\��6�L\p% �}g�D��r�� l�O �����8f�_MÊ~]��_q.V��y�b?wh� ���$��∅J�~Ʈ�5j��#�(��>�s�<�~S��9�8��X^��%�v��T����e� �����S: KhuE�������&�һ��1��������<�S��NQ?:F�k���ō�7��N����2�*��i�l����%�U5w1|ٙ��&_�� J����a��e͊i K������%�L �0דf���}��DYo��Hsɯ�,���k�61�bI@����z`�����~�<[ c�%�֟U��$���V�A�C�`[���QА��E�ܑv���Y�x�`� ���<�݇�>�Zmw�V/H)O�$�&�M+�����gh�����H����v��AR���4o����#}�����&A�u�7�����n塛�:Ϩ�h�3���ף&a�������".z�eQ��n�m�d�{u>�ٛ���{�M�����h�~�,ˈ��=,l(5�M5p) `�$C����τ�=��U���H��=6^M��L���{z�����&_X�C�^�XR�VU�.�.mpf��q*�(Cjz6�Ucn5��*i��=P���6�W�@��� YZ