* Disable auditd network listener with --disable-listener (LP: #1026852)
- debian/rules: Reduce the risk of a remote attack on auditd, which
runs as root, by not building the code that listens for audit messages
over the network. This will prevent users from using auditd as a
centralized audit message aggregator, but this feature is rarely used.
* Don't build against libwrap since only auditd's network listener used it
- debian/control: Remove libwrap0-dev Build-Dependency
- debian/rules: Remove --with-libwrap from configure arguments
* Remove libev-dev Build-Dependency (LP: #1026852)
- debian/control: The upstream audit sources embed and build against their
own version of libev. This is not desirable, but there's no reason to
list libev-dev as a build dependency at this time.
-- Tyler Hicks <email address hidden> Wed, 06 Feb 2013 13:51:35 -0800
This bug was fixed in the package audit - 1:2.2.2-1ubuntu2
---------------
audit (1:2.2.2-1ubuntu2) raring; urgency=low
* Disable auditd network listener with --disable-listener (LP: #1026852)
- debian/rules: Reduce the risk of a remote attack on auditd, which
runs as root, by not building the code that listens for audit messages
over the network. This will prevent users from using auditd as a
centralized audit message aggregator, but this feature is rarely used.
* Don't build against libwrap since only auditd's network listener used it
- debian/control: Remove libwrap0-dev Build-Dependency
- debian/rules: Remove --with-libwrap from configure arguments
* Remove libev-dev Build-Dependency (LP: #1026852)
- debian/control: The upstream audit sources embed and build against their
own version of libev. This is not desirable, but there's no reason to
list libev-dev as a build dependency at this time.
-- Tyler Hicks <email address hidden> Wed, 06 Feb 2013 13:51:35 -0800