diff --git a/.aide.metadata b/.aide.metadata
new file mode 100644
index 0000000..a8e59ce
--- /dev/null
+++ b/.aide.metadata
@@ -0,0 +1 @@
+b97f65bb12701a42baa2cce45b41ed6367a70734 SOURCES/aide-0.16.tar.gz
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f8be39e
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/aide-0.16.tar.gz
diff --git a/SOURCES/README.quickstart b/SOURCES/README.quickstart
new file mode 100644
index 0000000..87adc63
--- /dev/null
+++ b/SOURCES/README.quickstart
@@ -0,0 +1,40 @@
+1) Customize /etc/aide.conf to your liking. In particular, add
+ important directories and files which you would like to be
+ covered by integrity checks. Avoid files which are expected
+ to change frequently or which don't affect the safety of your
+ system.
+
+2) Run "/usr/sbin/aide --init" to build the initial database.
+ With the default setup, that creates /var/lib/aide/aide.db.new.gz
+
+3) Store /etc/aide.conf, /usr/sbin/aide and /var/lib/aide/aide.db.new.gz
+ in a secure location, e.g. on separate read-only media (such as
+ CD-ROM). Alternatively, keep MD5 fingerprints or GPG signatures
+ of those files in a secure location, so you have means to verify
+ that nobody modified those files.
+
+4) Copy /var/lib/aide/aide.db.new.gz to /var/lib/aide/aide.db.gz
+ which is the location of the input database.
+
+5) Run "/usr/sbin/aide --check" to check your system for inconsistencies
+ compared with the AIDE database. Prior to running a check manually,
+ ensure that the AIDE binary and database have not been modified
+ without your knowledge.
+
+ Caution!
+
+ With the default setup, an AIDE check is not run periodically as a
+ cron job. It cannot be guaranteed that the AIDE binaries, config
+ file and database are intact. It is not recommended that you run
+ automated AIDE checks without verifying AIDE yourself frequently.
+ In addition to that, AIDE does not implement any password or
+ encryption protection for its own files.
+
+ It is up to you how to put a file integrity checker to good effect
+ and how to set up automated checks if you think it adds a level of
+ safety (e.g. detecting failed/incomplete compromises or unauthorized
+ modification of special files). On a compromised system, the
+ intruder could disable the automated check. Or he could replace the
+ AIDE binary, config file and database easily when they are not
+ located on read-only media.
+
diff --git a/SOURCES/aide-0.15-syslog-format.patch b/SOURCES/aide-0.15-syslog-format.patch
new file mode 100644
index 0000000..0361434
--- /dev/null
+++ b/SOURCES/aide-0.15-syslog-format.patch
@@ -0,0 +1,496 @@
+diff -up ./doc/aide.conf.5.in.syslog_format ./doc/aide.conf.5.in
+--- ./doc/aide.conf.5.in.syslog_format 2016-07-25 22:58:12.000000000 +0200
++++ ./doc/aide.conf.5.in 2018-09-27 19:09:09.697371212 +0200
+@@ -57,6 +57,25 @@ inclusive. This parameter can only be gi
+ occurrence is used. If \-\-verbose or \-V is used then the value from that
+ is used. The default is 5. If verbosity is 20 then additional report
+ output is written when doing \-\-check, \-\-update or \-\-compare.
++.IP "syslog_format"
++Valid values are yes,true,no and false. This option enables new syslog format
++which is suitable for logging. Every change is logged as one simple line. This option
++changes verbose level to 0 and prints everything that was changed. It is suggested
++to use this option with "report_url=syslog:...". Default value is "false/no".
++Maximum size of message is 1KB which is limitation of syslog call. If message is
++greater than limit, message will be truncated.
++Option summarize_changes has no impact for this format.
++.nf
++.eo
++
++Output always starts with:
++"AIDE found differences between database and filesystem!!"
++And it is followed by summary:
++summary;total_number_of_files=1000;added_files=0;removed_files=0;changed_files=1
++And finally there are logs about changes:
++dir=/usr/sbin;Mtime_old=0000-00-00 00:00:00;Mtime_new=0000-00-00 00:00:00;...
++.ec
++.fi
+ .IP "report_url"
+ The url that the output is written to. There can be multiple instances
+ of this parameter. Output is written to all of them. The default is
+diff -up ./include/db_config.h.syslog_format ./include/db_config.h
+--- ./include/db_config.h.syslog_format 2016-07-25 22:56:55.000000000 +0200
++++ ./include/db_config.h 2018-09-27 19:09:09.697371212 +0200
+@@ -311,6 +311,7 @@ typedef struct db_config {
+ FILE* db_out;
+
+ int config_check;
++ int syslog_format;
+
+ struct md_container *mdc_in;
+ struct md_container *mdc_out;
+diff -up ./src/aide.c.syslog_format ./src/aide.c
+--- ./src/aide.c.syslog_format 2018-09-27 19:09:09.695371197 +0200
++++ ./src/aide.c 2018-09-27 19:09:09.698371220 +0200
+@@ -283,6 +283,7 @@ static void setdefaults_before_config()
+ }
+
+ /* Setting some defaults */
++ conf->syslog_format=0;
+ conf->report_db=0;
+ conf->tree=NULL;
+ conf->config_check=0;
+@@ -495,6 +496,10 @@ static void setdefaults_after_config()
+ if(conf->verbose_level==-1){
+ conf->verbose_level=5;
+ }
++ if(conf->syslog_format==1){
++ conf->verbose_level=0;
++ }
++
+ }
+
+
+diff -up ./src/compare_db.c.syslog_format ./src/compare_db.c
+--- ./src/compare_db.c.syslog_format 2016-07-25 22:56:55.000000000 +0200
++++ ./src/compare_db.c 2018-09-27 19:09:09.698371220 +0200
+@@ -110,7 +110,7 @@ const DB_ATTR_TYPE details_attributes[]
+ #endif
+ };
+
+-const char* details_string[] = { _("File type") , _("Lname"), _("Size"), _("Size (>)"), _("Bcount"), _("Perm"), _("Uid"), _("Gid"), _("Atime"), _("Mtime"), _("Ctime"), _("Inode"), _("Linkcount"), _("MD5"), _("SHA1"), _("RMD160"), _("TIGER"), _("SHA256"), _("SHA512")
++const char* details_string[] = { _("File type") , _("Lname"), _("Size"), _("Size"), _("Bcount"), _("Perm"), _("Uid"), _("Gid"), _("Atime"), _("Mtime"), _("Ctime"), _("Inode"), _("Linkcount"), _("MD5"), _("SHA1"), _("RMD160"), _("TIGER"), _("SHA256"), _("SHA512")
+ #ifdef WITH_MHASH
+ , _("CRC32"), _("HAVAL"), _("GOST"), _("CRC32B"), _("WHIRLPOOL")
+ #endif
+@@ -269,12 +269,19 @@ static int xattrs2array(xattrs_type* xat
+ if ((len == xattrs->ents[num - 1].vsz) || ((len == (xattrs->ents[num - 1].vsz - 1)) && !val[len])) {
+ length = 8 + width + strlen(xattrs->ents[num - 1].key) + strlen(val);
+ (*values)[num]=malloc(length *sizeof(char));
+- snprintf((*values)[num], length , "[%.*zd] %s = %s", width, num, xattrs->ents[num - 1].key, val);
++
++ char * fmt = "[%.*zd] %s = %s";
++ if (conf->syslog_format) fmt = "[%.*zd]%s=%s"; // its smaller so it has to be enough space allocated.
++ snprintf((*values)[num], length , fmt, width, num, xattrs->ents[num - 1].key, val);
++
+ } else {
+ val = encode_base64(xattrs->ents[num - 1].val, xattrs->ents[num - 1].vsz);
+ length = 10 + width + strlen(xattrs->ents[num - 1].key) + strlen(val);
+ (*values)[num]=malloc( length *sizeof(char));
+- snprintf((*values)[num], length , "[%.*zd] %s <=> %s", width, num, xattrs->ents[num - 1].key, val);
++
++ char * fmt = "[%.*zd] %s <=> %s";
++ if (conf->syslog_format) fmt = "[%.*zd]%s<=>%s"; // its smaller so it has to be enough space allocated.
++ snprintf((*values)[num], length , fmt, width, num, xattrs->ents[num - 1].key, val);
+ free(val);
+ }
+ }
+@@ -302,6 +309,26 @@ static int acl2array(acl_type* acl, char
+ }
+ if (acl->acl_a || acl->acl_d) {
+ int j, k, i;
++ if (conf->syslog_format) {
++ *values = malloc(2 * sizeof(char*));
++
++ char *A, *D = "<NONE>";
++
++ if (acl->acl_a) { A = acl->acl_a; }
++ if (acl->acl_d) { D = acl->acl_d; }
++
++ (*values)[0] = (char*) malloc(strlen(A) + 3); // "A:" and \0
++ snprintf((*values)[0], strlen(A) + 3, "A:%s", A);
++
++ (*values)[1] = (char*) malloc(strlen(D) + 3); // "D:" and \0
++ snprintf((*values)[1], strlen(D) + 3, "D:%s", D);
++
++ i = 0; while ( (*values)[0][i] ) { if ( (*values)[0][i]=='\n') { (*values)[0][i] = ' '; } i++; }
++ i = 0; while ( (*values)[1][i] ) { if ( (*values)[1][i]=='\n') { (*values)[1][i] = ' '; } i++; }
++
++ return 2;
++ }
++
+ if (acl->acl_a) { i = 0; while (acl->acl_a[i]) { if (acl->acl_a[i++]=='\n') { n++; } } }
+ if (acl->acl_d) { i = 0; while (acl->acl_d[i]) { if (acl->acl_d[i++]=='\n') { n++; } } }
+ *values = malloc(n * sizeof(char*));
+@@ -338,25 +365,25 @@ static char* e2fsattrs2string(unsigned l
+
+ static char* get_file_type_string(mode_t mode) {
+ switch (mode & S_IFMT) {
+- case S_IFREG: return _("File");
+- case S_IFDIR: return _("Directory");
++ case S_IFREG: return conf->syslog_format ? "file" : _("File");
++ case S_IFDIR: return conf->syslog_format ? "dir" : _("Directory");
+ #ifdef S_IFIFO
+- case S_IFIFO: return _("FIFO");
++ case S_IFIFO: return conf->syslog_format ? "fifo" : _("FIFO");
+ #endif
+- case S_IFLNK: return _("Link");
+- case S_IFBLK: return _("Block device");
+- case S_IFCHR: return _("Character device");
++ case S_IFLNK: return conf->syslog_format ? "link" : _("Link");
++ case S_IFBLK: return conf->syslog_format ? "blockd" : _("Block device");
++ case S_IFCHR: return conf->syslog_format ? "chard" : _("Character device");
+ #ifdef S_IFSOCK
+- case S_IFSOCK: return _("Socket");
++ case S_IFSOCK: return conf->syslog_format ? "socket" : _("Socket");
+ #endif
+ #ifdef S_IFDOOR
+- case S_IFDOOR: return _("Door");
++ case S_IFDOOR: return conf->syslog_format ? "door" : _("Door");
+ #endif
+ #ifdef S_IFPORT
+- case S_IFPORT: return _("Port");
++ case S_IFPORT: return conf->syslog_format ? "port" : _("Port");
+ #endif
+ case 0: return NULL;
+- default: return _("Unknown file type");
++ default: return conf->syslog_format ? "unknown" : _("Unknown file type");
+ }
+ }
+
+@@ -554,6 +581,51 @@ static void print_dbline_attributes(db_l
+ }
+ }
+
++
++static void print_dbline_attributes_syslog(db_line* oline, db_line* nline, DB_ATTR_TYPE
++ changed_attrs, DB_ATTR_TYPE force_attrs) {
++ char **ovalue, **nvalue;
++ int onumber, nnumber, i, j;
++ int length = sizeof(details_attributes)/sizeof(DB_ATTR_TYPE);
++ DB_ATTR_TYPE attrs;
++ char *file_type = get_file_type_string((nline==NULL?oline:nline)->perm);
++ if (file_type) {
++ error(0,"%s=", file_type);
++ }
++ error(0,"%s", (nline==NULL?oline:nline)->filename);
++ attrs=force_attrs|(~(ignored_changed_attrs)&changed_attrs);
++ for (j=0; j < length; ++j) {
++ if (details_attributes[j]&attrs) {
++ onumber=get_attribute_values(details_attributes[j], oline, &ovalue);
++ nnumber=get_attribute_values(details_attributes[j], nline, &nvalue);
++
++ if (details_attributes[j] == DB_ACL || details_attributes[j] == DB_XATTRS) {
++
++ error(0, ";%s_old=|", details_string[j]);
++
++ for (i = 0 ; i < onumber ; i++) {
++ error(0, "%s|", ovalue[i]);
++ }
++
++ error(0, ";%s_new=|", details_string[j]);
++
++ for (i = 0 ; i < nnumber ; i++) {
++ error(0, "%s|", nvalue[i]);
++ }
++
++ } else {
++
++ error(0, ";%s_old=%s;%s_new=%s", details_string[j], *ovalue, details_string[j], *nvalue);
++
++ }
++
++ for(i=0; i < onumber; ++i) { free(ovalue[i]); ovalue[i]=NULL; } free(ovalue); ovalue=NULL;
++ for(i=0; i < nnumber; ++i) { free(nvalue[i]); nvalue[i]=NULL; } free(nvalue); nvalue=NULL;
++ }
++ }
++ error(0, "\n");
++}
++
+ static void print_attributes_added_node(db_line* line) {
+ print_dbline_attributes(NULL, line, 0, line->attr);
+ }
+@@ -562,6 +634,26 @@ static void print_attributes_removed_nod
+ print_dbline_attributes(line, NULL, 0, line->attr);
+ }
+
++static void print_attributes_added_node_syslog(db_line* line) {
++
++ char *file_type = get_file_type_string(line->perm);
++ if (file_type) {
++ error(0,"%s=", file_type);
++ }
++ error(0,"%s; added\n", line->filename);
++
++}
++
++static void print_attributes_removed_node_syslog(db_line* line) {
++
++ char *file_type = get_file_type_string(line->perm);
++ if (file_type) {
++ error(0,"%s=", file_type);
++ }
++ error(0,"%s; removed\n", line->filename);
++
++}
++
+ static void terse_report(seltree* node) {
+ list* r=NULL;
+ if ((node->checked&(DB_OLD|DB_NEW)) != 0) {
+@@ -626,6 +718,26 @@ static void print_report_details(seltree
+ }
+ }
+
++static void print_syslog_format(seltree* node) {
++ list* r=NULL;
++
++ if (node->checked&NODE_CHANGED) {
++ print_dbline_attributes_syslog(node->old_data, node->new_data, node->changed_attrs, forced_attrs);
++ }
++
++ if (node->checked&NODE_ADDED) {
++ print_attributes_added_node_syslog(node->new_data);
++ }
++
++ if (node->checked&NODE_REMOVED) {
++ print_attributes_removed_node_syslog(node->old_data);
++ }
++
++ for(r=node->childs;r;r=r->next){
++ print_syslog_format((seltree*)r->data);
++ }
++}
++
+ static void print_report_header() {
+ char *time;
+ int first = 1;
+@@ -747,39 +859,53 @@ int gen_report(seltree* node) {
+ send_audit_report();
+ #endif
+ if ((nadd|nrem|nchg) > 0 || conf->report_quiet == 0) {
+- print_report_header();
+- if(conf->action&(DO_COMPARE|DO_DIFF) || (conf->action&DO_INIT && conf->report_detailed_init) ) {
+- if (conf->grouped) {
+- if (nadd) {
+- error(2,(char*)report_top_format,_("Added entries"));
+- print_report_list(node, NODE_ADDED);
+- }
+- if (nrem) {
+- error(2,(char*)report_top_format,_("Removed entries"));
+- print_report_list(node, NODE_REMOVED);
+- }
+- if (nchg) {
+- error(2,(char*)report_top_format,_("Changed entries"));
+- print_report_list(node, NODE_CHANGED);
+- }
+- } else if (nadd || nrem || nchg) {
+- if (nadd && nrem && nchg) { error(2,(char*)report_top_format,_("Added, removed and changed entries")); }
+- else if (nadd && nrem) { error(2,(char*)report_top_format,_("Added and removed entries")); }
+- else if (nadd && nchg) { error(2,(char*)report_top_format,_("Added and changed entries")); }
+- else if (nrem && nchg) { error(2,(char*)report_top_format,_("Removed and changed entries")); }
+- else if (nadd) { error(2,(char*)report_top_format,_("Added entries")); }
+- else if (nrem) { error(2,(char*)report_top_format,_("Removed entries")); }
+- else if (nchg) { error(2,(char*)report_top_format,_("Changed entries")); }
+- print_report_list(node, NODE_ADDED|NODE_REMOVED|NODE_CHANGED);
+- }
+- if (nadd || nrem || nchg) {
+- error(nchg?5:7,(char*)report_top_format,_("Detailed information about changes"));
+- print_report_details(node);
+- }
+- }
+- print_report_databases();
+- conf->end_time=time(&(conf->end_time));
+- print_report_footer();
++
++ if (!conf->syslog_format) {
++ print_report_header();
++ }
++
++ if(conf->action&(DO_COMPARE|DO_DIFF) || (conf->action&DO_INIT && conf->report_detailed_init) ) {
++ if (!conf->syslog_format && conf->grouped) {
++ if (nadd) {
++ error(2,(char*)report_top_format,_("Added entries"));
++ print_report_list(node, NODE_ADDED);
++ }
++ if (nrem) {
++ error(2,(char*)report_top_format,_("Removed entries"));
++ print_report_list(node, NODE_REMOVED);
++ }
++ if (nchg) {
++ error(2,(char*)report_top_format,_("Changed entries"));
++ print_report_list(node, NODE_CHANGED);
++ }
++ } else if (!conf->syslog_format && ( nadd || nrem || nchg ) ) {
++ if (nadd && nrem && nchg) { error(2,(char*)report_top_format,_("Added, removed and changed entries")); }
++ else if (nadd && nrem) { error(2,(char*)report_top_format,_("Added and removed entries")); }
++ else if (nadd && nchg) { error(2,(char*)report_top_format,_("Added and changed entries")); }
++ else if (nrem && nchg) { error(2,(char*)report_top_format,_("Removed and changed entries")); }
++ else if (nadd) { error(2,(char*)report_top_format,_("Added entries")); }
++ else if (nrem) { error(2,(char*)report_top_format,_("Removed entries")); }
++ else if (nchg) { error(2,(char*)report_top_format,_("Changed entries")); }
++ print_report_list(node, NODE_ADDED|NODE_REMOVED|NODE_CHANGED);
++ }
++ if (nadd || nrem || nchg) {
++ if (!conf->syslog_format) {
++ error(nchg?5:7,(char*)report_top_format,_("Detailed information about changes"));
++ print_report_details(node);
++ } else {
++ /* Syslog Format */
++ error(0, "AIDE found differences between database and filesystem!!\n");
++ error(0, "summary;total_number_of_files=%ld;added_files=%ld;"
++ "removed_files=%ld;changed_files=%ld\n",ntotal,nadd,nrem,nchg);
++ print_syslog_format(node);
++ }
++ }
++ }
++ if (!conf->syslog_format) {
++ print_report_databases();
++ conf->end_time=time(&(conf->end_time));
++ print_report_footer();
++ }
+ }
+
+ return conf->action&(DO_COMPARE|DO_DIFF) ? (nadd!=0)*1+(nrem!=0)*2+(nchg!=0)*4 : 0;
+diff -up ./src/conf_lex.l.syslog_format ./src/conf_lex.l
+--- ./src/conf_lex.l.syslog_format 2016-07-25 22:56:55.000000000 +0200
++++ ./src/conf_lex.l 2018-09-27 19:09:09.698371220 +0200
+@@ -401,6 +401,12 @@ int var_in_conflval=0;
+ return (TROOT_PREFIX);
+ }
+
++^[\t\ ]*"syslog_format"{E} {
++ error(230,"%li:syslog_format =\n",conf_lineno);
++ BEGIN CONFVALHUNT;
++ return (SYSLOG_FORMAT);
++}
++
+ ^[\t\ ]*"recstop"{E} {
+ error(230,"%li:recstop =\n",conf_lineno);
+ BEGIN CONFVALHUNT;
+diff -up ./src/conf_yacc.y.syslog_format ./src/conf_yacc.y
+--- ./src/conf_yacc.y.syslog_format 2016-07-25 22:56:55.000000000 +0200
++++ ./src/conf_yacc.y 2018-09-27 19:09:09.699371228 +0200
+@@ -89,6 +89,7 @@ extern long conf_lineno;
+ %token TREPORT_URL
+ %token TGZIPDBOUT
+ %token TROOT_PREFIX
++%token SYSLOG_FORMAT
+ %token TUMASK
+ %token TTRUE
+ %token TFALSE
+@@ -160,7 +161,7 @@ line : rule | equrule | negrule | define
+ | ifdefstmt | ifndefstmt | ifhoststmt | ifnhoststmt
+ | groupdef | db_in | db_out | db_new | db_attrs | verbose | report_detailed_init | config_version
+ | database_add_metadata | report | gzipdbout | root_prefix | report_base16 | report_quiet
+- | report_ignore_e2fsattrs | recursion_stopper | warn_dead_symlinks | grouped
++ | report_ignore_e2fsattrs | syslogformat | recursion_stopper | warn_dead_symlinks | grouped
+ | summarize_changes | acl_no_symlink_follow | beginconfigstmt | endconfigstmt
+ | TEOF {
+ newlinelastinconfig=1;
+@@ -408,6 +409,15 @@ conf->gzip_dbout=0;
+ #endif
+ } ;
+
++syslogformat : SYSLOG_FORMAT TTRUE {
++conf->syslog_format=1;
++} |
++ SYSLOG_FORMAT TFALSE {
++conf->syslog_format=0;
++} ;
++
++
++
+ recursion_stopper : TRECSTOP TSTRING {
+ /* FIXME implement me */
+
+diff -up ./src/error.c.syslog_format ./src/error.c
+--- ./src/error.c.syslog_format 2016-07-25 22:56:55.000000000 +0200
++++ ./src/error.c 2018-09-27 19:13:40.312416750 +0200
+@@ -38,6 +38,9 @@
+ /*for locale support*/
+ #include "util.h"
+
++#define MAX_BUFFER_SIZE 1024
++static char syslog_buffer[MAX_BUFFER_SIZE+1];
++
+ int cmp_url(url_t* url1,url_t* url2){
+
+ return ((url1->type==url2->type)&&(strcmp(url1->value,url2->value)==0));
+@@ -48,7 +51,9 @@ int error_init(url_t* url,int initial)
+ {
+ list* r=NULL;
+ FILE* fh=NULL;
+- int sfac;
++ int sfac;
++
++ memset(syslog_buffer, 0, MAX_BUFFER_SIZE+1);
+
+ if (url->type==url_database) {
+ conf->report_db++;
+@@ -163,13 +168,24 @@ void error(int errorlevel,char* error_ms
+ }
+ #ifdef HAVE_SYSLOG
+ if(conf->initial_report_url->type==url_syslog){
+-#ifdef HAVE_VSYSLOG
+- vsyslog(SYSLOG_PRIORITY,error_msg,ap);
+-#else
+- char buf[1024];
+- vsnprintf(buf,1024,error_msg,ap);
+- syslog(SYSLOG_PRIORITY,"%s",buf);
+-#endif
++
++ char buff[MAX_BUFFER_SIZE+1];
++ vsnprintf(buff,MAX_BUFFER_SIZE,error_msg,ap);
++ size_t buff_len = strlen(buff);
++
++ char result_buff[MAX_BUFFER_SIZE+1];
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wformat-truncation"
++ snprintf(result_buff, MAX_BUFFER_SIZE, "%s%s", syslog_buffer, buff);
++#pragma GCC diagnostic pop
++
++ if(buff[buff_len-1] == '\n'){
++ syslog(SYSLOG_PRIORITY,"%s",result_buff);
++ memset(syslog_buffer, 0, MAX_BUFFER_SIZE+1);
++ } else {
++ memcpy(syslog_buffer, result_buff, MAX_BUFFER_SIZE);
++ }
++
+ va_end(ap);
+ return;
+ }
+@@ -181,17 +197,25 @@ void error(int errorlevel,char* error_ms
+
+ #ifdef HAVE_SYSLOG
+ if (conf->report_syslog!=0) {
+-#ifdef HAVE_VSYSLOG
+- va_start(ap,error_msg);
+- vsyslog(SYSLOG_PRIORITY,error_msg,ap);
+- va_end(ap);
+-#else
+- char buf[1024];
+- va_start(ap,error_msg);
+- vsnprintf(buf,1024,error_msg,ap);
++ va_start(ap, error_msg);
++
++ char buff[MAX_BUFFER_SIZE+1];
++ vsnprintf(buff,MAX_BUFFER_SIZE,error_msg,ap);
++ size_t buff_len = strlen(buff);
++
++ char result_buff[MAX_BUFFER_SIZE+1];
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wformat-truncation"
++ snprintf(result_buff, MAX_BUFFER_SIZE, "%s%s", syslog_buffer, buff);
++#pragma GCC diagnostic pop
++
++ if(buff[buff_len-1] == '\n'){
++ syslog(SYSLOG_PRIORITY,"%s",result_buff);
++ memset(syslog_buffer, 0, MAX_BUFFER_SIZE+1);
++ } else {
++ memcpy(syslog_buffer, result_buff, MAX_BUFFER_SIZE);
++ }
+ va_end(ap);
+- syslog(SYSLOG_PRIORITY,"%s",buf);
+-#endif
+ }
+ #endif
+
diff --git a/SOURCES/aide-0.16-Use-LDADD-for-adding-curl-library-to-the-linker-comm.patch b/SOURCES/aide-0.16-Use-LDADD-for-adding-curl-library-to-the-linker-comm.patch
new file mode 100644
index 0000000..0c4fc17
--- /dev/null
+++ b/SOURCES/aide-0.16-Use-LDADD-for-adding-curl-library-to-the-linker-comm.patch
@@ -0,0 +1,58 @@
+From c7caa6027c92b28aa11b8da74d56357e12f56d67 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20Kope=C4=8Dek?= <dkopecek@redhat.com>
+Date: Wed, 20 Feb 2019 12:00:56 +0100
+Subject: [PATCH] Use LDADD for adding curl library to the linker command
+
+---
+ Makefile.am | 2 +-
+ configure.ac | 5 +++--
+ 2 files changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 4b05d7a..1541d56 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -55,7 +55,7 @@ if USE_CURL
+ aide_SOURCES += include/fopen.h src/fopen.c
+ endif
+
+-aide_LDADD = -lm @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@
++aide_LDADD = -lm @PCRELIB@ @CRYPTLIB@ @ACLLIB@ @SELINUXLIB@ @AUDITLIB@ @ATTRLIB@ @E2FSATTRSLIB@ @ELFLIB@ @CURLLIB@
+ AM_CFLAGS = @AIDE_DEFS@ -W -Wall -g
+ AM_CPPFLAGS = -I$(top_srcdir) \
+ -I$(top_srcdir)/include \
+diff --git a/configure.ac b/configure.ac
+index 3598ebe..0418c59 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -702,24 +702,25 @@ if test x$with_zlib = xyes; then
+ compoptionstring="${compoptionstring}WITH_ZLIB\\n"
+ fi
+
++CURLLIB=
+ if test x$with_curl = xyes; then
+ AC_PATH_PROG(curlconfig, "curl-config")
+ if test "_$curlconfig" != _ ; then
+ CURL_CFLAGS=`$curlconfig --cflags`
+- CURL_LIBS=`$curlconfig --libs`
++ CURLLIB=`$curlconfig --libs`
+ else
+ AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])
+ fi
+ AC_CHECK_HEADERS(curl/curl.h,,
+ [AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])])
+ CFLAGS="$CFLAGS $CURL_CFLAGS"
+- LDFLAGS="$LDFLAGS $CURL_LIBS"
+ AC_CHECK_LIB(curl,curl_easy_init,havecurl=yes,
+ [AC_MSG_ERROR([You don't have curl properly installed. Install it or try --without-curl.])]
+ )
+ AC_DEFINE(WITH_CURL,1,[use curl])
+ compoptionstring="${compoptionstring}WITH_CURL\\n"
+ fi
++AC_SUBST(CURLLIB)
+ AM_CONDITIONAL(USE_CURL, test x$havecurl = xyes)
+
+ AC_ARG_WITH(mhash,
+--
+2.20.1
+
diff --git a/SOURCES/aide-0.16-crash-elf.patch b/SOURCES/aide-0.16-crash-elf.patch
new file mode 100644
index 0000000..5aa3472
--- /dev/null
+++ b/SOURCES/aide-0.16-crash-elf.patch
@@ -0,0 +1,17 @@
+--- ./src/do_md.c 2018-03-19 05:10:19.994957024 -0400
++++ ./src/do_md.c 2018-03-19 05:19:05.829957024 -0400
+@@ -135,8 +135,13 @@
+ continue;
+
+ while (!bingo && (data = elf_getdata (scn, data)) != NULL) {
+- int maxndx = data->d_size / shdr.sh_entsize;
++ int maxndx;
+ int ndx;
++
++ if (shdr.sh_entsize != 0)
++ maxndx = data->d_size / shdr.sh_entsize;
++ else
++ continue;
+
+ for (ndx = 0; ndx < maxndx; ++ndx) {
+ (void) gelf_getdyn (data, ndx, &dyn);
diff --git a/SOURCES/aide-0.16-crypto-disable-haval-and-others.patch b/SOURCES/aide-0.16-crypto-disable-haval-and-others.patch
new file mode 100644
index 0000000..a066fd9
--- /dev/null
+++ b/SOURCES/aide-0.16-crypto-disable-haval-and-others.patch
@@ -0,0 +1,153 @@
+diff -up ./include/md.h.crypto ./include/md.h
+--- ./include/md.h.crypto 2016-07-25 22:56:55.000000000 +0200
++++ ./include/md.h 2018-08-29 15:00:30.827491299 +0200
+@@ -149,6 +149,7 @@ int init_md(struct md_container*);
+ int update_md(struct md_container*,void*,ssize_t);
+ int close_md(struct md_container*);
+ void md2line(struct md_container*,struct db_line*);
++DB_ATTR_TYPE get_available_crypto();
+
+
+ #endif /*_MD_H_INCLUDED*/
+diff -up ./src/aide.c.crypto ./src/aide.c
+--- ./src/aide.c.crypto 2018-08-29 15:00:30.825491309 +0200
++++ ./src/aide.c 2018-08-29 15:00:30.827491299 +0200
+@@ -349,7 +349,7 @@ static void setdefaults_before_config()
+
+ conf->db_attrs = 0;
+ #if defined(WITH_MHASH) || defined(WITH_GCRYPT)
+- conf->db_attrs |= DB_MD5|DB_TIGER|DB_HAVAL|DB_CRC32|DB_SHA1|DB_RMD160|DB_SHA256|DB_SHA512;
++ conf->db_attrs |= get_available_crypto();
+ #ifdef WITH_MHASH
+ conf->db_attrs |= DB_GOST;
+ #ifdef HAVE_MHASH_WHIRLPOOL
+diff -up ./src/md.c.crypto ./src/md.c
+--- ./src/md.c.crypto 2018-08-29 15:00:30.823491319 +0200
++++ ./src/md.c 2018-08-29 15:02:28.013903479 +0200
+@@ -78,6 +78,49 @@ DB_ATTR_TYPE hash_gcrypt2attr(int i) {
+ return r;
+ }
+
++const char * hash_gcrypt2str(int i) {
++ char * r = "?";
++#ifdef WITH_GCRYPT
++ switch (i) {
++ case GCRY_MD_MD5: {
++ r = "MD5";
++ break;
++ }
++ case GCRY_MD_SHA1: {
++ r = "SHA1";
++ break;
++ }
++ case GCRY_MD_RMD160: {
++ r = "RMD160";
++ break;
++ }
++ case GCRY_MD_TIGER: {
++ r = "TIGER";
++ break;
++ }
++ case GCRY_MD_HAVAL: {
++ r = "HAVAL";
++ break;
++ }
++ case GCRY_MD_SHA256: {
++ r = "SHA256";
++ break;
++ }
++ case GCRY_MD_SHA512: {
++ r = "SHA512";
++ break;
++ }
++ case GCRY_MD_CRC32: {
++ r = "CRC32";
++ break;
++ }
++ default:
++ break;
++ }
++#endif
++ return r;
++}
++
+ DB_ATTR_TYPE hash_mhash2attr(int i) {
+ DB_ATTR_TYPE r=0;
+ #ifdef WITH_MHASH
+@@ -163,6 +206,44 @@ DB_ATTR_TYPE hash_mhash2attr(int i) {
+ Initialise md_container according it's todo_attr field
+ */
+
++DB_ATTR_TYPE get_available_crypto() {
++
++ DB_ATTR_TYPE ret = 0;
++
++/*
++ * This function is usually called before config processing
++ * and default verbose level is 5
++ */
++#define lvl 255
++
++ error(lvl, "get_available_crypto called\n");
++
++#ifdef WITH_GCRYPT
++
++ /*
++ * some initialization for FIPS
++ */
++ gcry_check_version(NULL);
++ error(lvl, "Found algos:");
++
++ for(int i=0;i<=HASH_GCRYPT_COUNT;i++) {
++
++ if ( (hash_gcrypt2attr(i) & HASH_USE_GCRYPT) == 0 )
++ continue;
++
++ if (gcry_md_algo_info(i, GCRYCTL_TEST_ALGO, NULL, NULL) == 0) {
++ ret |= hash_gcrypt2attr(i);
++ error(lvl, " %s", hash_gcrypt2str(i));
++ }
++ }
++ error(lvl, "\n");
++
++#endif
++
++ error(lvl, "get_available_crypto_returned with %lld\n", ret);
++ return ret;
++}
++
+ int init_md(struct md_container* md) {
+
+ int i;
+@@ -201,18 +282,27 @@ int init_md(struct md_container* md) {
+ }
+ #endif
+ #ifdef WITH_GCRYPT
+- if(gcry_md_open(&md->mdh,0,GCRY_MD_FLAG_SECURE)!=GPG_ERR_NO_ERROR){
++ if(gcry_md_open(&md->mdh,0,GCRY_MD_FLAG_SECURE)!=GPG_ERR_NO_ERROR){
+ error(0,"gcrypt_md_open failed\n");
+ exit(IO_ERROR);
+ }
+ for(i=0;i<=HASH_GCRYPT_COUNT;i++) {
++
++
+ if (((hash_gcrypt2attr(i)&HASH_USE_GCRYPT)&md->todo_attr)!=0) {
+- DB_ATTR_TYPE h=hash_gcrypt2attr(i);
+- error(255,"inserting %llu\n",h);
++
++ DB_ATTR_TYPE h=hash_gcrypt2attr(i);
++
++ if (gcry_md_algo_info(i, GCRYCTL_TEST_ALGO, NULL, NULL) != 0) {
++ error(0,"Algo %s is not available\n", hash_gcrypt2str(i));
++ exit(-1);
++ }
++
++ error(255,"inserting %llu\n",h);
+ if(gcry_md_enable(md->mdh,i)==GPG_ERR_NO_ERROR){
+ md->calc_attr|=h;
+ } else {
+- error(0,"gcry_md_enable %i failed",i);
++ error(0,"gcry_md_enable %i failed\n",i);
+ md->todo_attr&=~h;
+ }
+ }
diff --git a/SOURCES/aide-0.16b1-fipsfix.patch b/SOURCES/aide-0.16b1-fipsfix.patch
new file mode 100644
index 0000000..434d74e
--- /dev/null
+++ b/SOURCES/aide-0.16b1-fipsfix.patch
@@ -0,0 +1,103 @@
+diff -up ./src/aide.c.orig ./aide-0.16b1/src/aide.c
+--- ./src/aide.c.orig 2016-07-12 11:10:08.013158385 +0200
++++ ./src/aide.c 2016-07-12 11:30:54.867833064 +0200
+@@ -511,9 +511,28 @@ int main(int argc,char**argv)
+ #endif
+ umask(0177);
+ init_sighandler();
+-
+ setdefaults_before_config();
+
++#if WITH_GCRYPT
++ error(255,"Gcrypt library initialization\n");
++ /*
++ * Initialize libgcrypt as per
++ * http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
++ *
++ *
++ */
++ gcry_control(GCRYCTL_SET_ENFORCED_FIPS_FLAG, 0);
++ gcry_control(GCRYCTL_INIT_SECMEM, 1);
++
++ if(!gcry_check_version(GCRYPT_VERSION)) {
++ error(0,"libgcrypt version mismatch\n");
++ exit(VERSION_MISMATCH_ERROR);
++ }
++
++ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
++#endif /* WITH_GCRYPT */
++
++
+ if(read_param(argc,argv)==RETFAIL){
+ error(0, _("Invalid argument\n") );
+ exit(INVALID_ARGUMENT_ERROR);
+@@ -646,6 +665,9 @@ int main(int argc,char**argv)
+ }
+ #endif
+ }
++#ifdef WITH_GCRYPT
++ gcry_control(GCRYCTL_TERM_SECMEM, 0);
++#endif /* WITH_GCRYPT */
+ return RETOK;
+ }
+ const char* aide_key_3=CONFHMACKEY_03;
+diff -up ./src/md.c.orig ./aide-0.16b1/src/md.c
+--- ./src/md.c.orig 2016-04-15 23:30:16.000000000 +0200
++++ ./src/md.c 2016-07-12 11:35:04.007675329 +0200
+@@ -201,14 +201,7 @@ int init_md(struct md_container* md) {
+ }
+ #endif
+ #ifdef WITH_GCRYPT
+- error(255,"Gcrypt library initialization\n");
+- if(!gcry_check_version(GCRYPT_VERSION)) {
+- error(0,"libgcrypt version mismatch\n");
+- exit(VERSION_MISMATCH_ERROR);
+- }
+- gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
+- gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+- if(gcry_md_open(&md->mdh,0,0)!=GPG_ERR_NO_ERROR){
++ if(gcry_md_open(&md->mdh,0,GCRY_MD_FLAG_SECURE)!=GPG_ERR_NO_ERROR){
+ error(0,"gcrypt_md_open failed\n");
+ exit(IO_ERROR);
+ }
+@@ -299,7 +292,7 @@ int close_md(struct md_container* md) {
+
+ /*. There might be more hashes in the library. Add those here.. */
+
+- gcry_md_reset(md->mdh);
++ gcry_md_close(md->mdh);
+ #endif
+
+ #ifdef WITH_MHASH
+diff -up ./src/util.c.orig ./aide-0.16b1/src/util.c
+--- ./src/util.c.orig 2016-07-12 11:39:17.023437355 +0200
++++ ./src/util.c 2016-07-12 11:39:51.618721157 +0200
+@@ -519,28 +519,5 @@ int syslog_facility_lookup(char *s)
+ return(AIDE_SYSLOG_FACILITY);
+ }
+
+-/* We need these dummy stubs to fool the linker into believing that
+- we do not need them at link time */
+-
+-void* dlopen(char*filename,int flag)
+-{
+- return NULL;
+-}
+-
+-void* dlsym(void*handle,char*symbol)
+-{
+- return NULL;
+-}
+-
+-void* dlclose(void*handle)
+-{
+- return NULL;
+-}
+-
+-const char* dlerror(void)
+-{
+- return NULL;
+-}
+-
+ const char* aide_key_2=CONFHMACKEY_02;
+ const char* db_key_2=DBHMACKEY_02;
diff --git a/SOURCES/aide-0.16rc1-man.patch b/SOURCES/aide-0.16rc1-man.patch
new file mode 100644
index 0000000..4715552
--- /dev/null
+++ b/SOURCES/aide-0.16rc1-man.patch
@@ -0,0 +1,15 @@
+diff -up ./doc/aide.1.in.orig ./doc/aide.1.in
+--- ./doc/aide.1.in.orig 2016-07-12 16:10:01.724595895 +0200
++++ ./doc/aide.1.in 2016-07-12 16:06:21.968639822 +0200
+@@ -103,9 +103,9 @@ echo <encoded_checksum> | base64 \-d | h
+ .SH FILES
+ .IP \fB@sysconfdir@/aide.conf\fR
+ Default aide configuration file.
+-.IP \fB@sysconfdir@/aide.db\fR
++.IP \fB@localstatedir@/lib/aide/aide.db\fR
+ Default aide database.
+-.IP \fB@sysconfdir@/aide.db.new\fR
++.IP \fB@localstatedir@/lib/aide/aide.db.new\fR
+ Default aide output database.
+ .SH SEE ALSO
+ .BR aide.conf (5)
diff --git a/SOURCES/aide-configure.patch b/SOURCES/aide-configure.patch
new file mode 100644
index 0000000..e9030eb
--- /dev/null
+++ b/SOURCES/aide-configure.patch
@@ -0,0 +1,51 @@
+diff --color -ru a/configure.ac b/configure.ac
+--- a/configure.ac 2021-05-20 09:31:11.686987129 +0200
++++ b/configure.ac 2021-05-20 09:39:43.369967457 +0200
+@@ -784,11 +784,11 @@
+ [if test "x$withval" = "xmd5" ;then
+ CONFIGHMACTYPE="MHASH_MD5"
+ else if test "x$withval" = "xsha1" ;then
+- CONFIGHMACTYPE="MHASH_SHA1"
++ CONFIGHMACTYPE="MHASH_SHA1"
+ else if test "x$withval" = "xsha256" ;then
+- CONFIGHMACTYPE="MHASH_SHA256"
++ CONFIGHMACTYPE="MHASH_SHA256"
+ else if test "x$withval" = "xsha512" ;then
+- CONFIGHMACTYPE="MHASH_SHA512"
++ CONFIGHMACTYPE="MHASH_SHA512"
+ else
+ echo "Valid parameters for --with-confighmactype are md5, sha1, sha256 and sha512"
+ exit 1
+@@ -799,7 +799,6 @@
+ AC_DEFINE_UNQUOTED(CONFIGHMACTYPE,$CONFIGHMACTYPE,[hash type for config file check])],
+ [
+ AC_DEFINE_UNQUOTED(CONFIGHMACTYPE,MHASH_MD5,[hash type for config file check])]
+-,
+ )
+
+ AC_ARG_WITH([confighmackey],
+@@ -846,18 +845,18 @@
+
+ AC_ARG_WITH([dbhmactype],
+ AC_HELP_STRING([--with-dbhmactype=TYPE],
+- [Hash type to use for checking db. Valid values are md5 and sha1.]),
++ [Hash type to use for checking db. Valid values are md5, sha1, sha256 and sha512.]),
+ [if test "x$withval" = "xmd5" ;then
+ DBHMACTYPE="MHASH_MD5"
+ else if test "x$withval" = "xsha1" ;then
+- DBHMACTYPE="MHASH_SHA1"
++ DBHMACTYPE="MHASH_SHA1"
+ else if test "x$withval" = "xsha256" ;then
+- CONFIGHMACTYPE="MHASH_SHA256"
++ DBHMACTYPE="MHASH_SHA256"
+ else if test "x$withval" = "xsha512" ;then
+- CONFIGHMACTYPE="MHASH_SHA512"
++ DBHMACTYPE="MHASH_SHA512"
+ else
+- echo "Valid parameters for --with-dbhmactype are md5, sha1, sha256 and sha512"
+- exit 1
++ echo "Valid parameters for --with-dbhmactype are md5, sha1, sha256 and sha512"
++ exit 1
+ fi
+ fi
+ fi
diff --git a/SOURCES/aide-static-analysis.patch b/SOURCES/aide-static-analysis.patch
new file mode 100644
index 0000000..78b79ce
--- /dev/null
+++ b/SOURCES/aide-static-analysis.patch
@@ -0,0 +1,171 @@
+Only in b: config.log
+diff --color -ru a/contrib/sshaide.sh b/contrib/sshaide.sh
+--- a/contrib/sshaide.sh 2016-07-25 22:56:55.000000000 +0200
++++ b/contrib/sshaide.sh 2021-05-20 11:11:24.112542472 +0200
+@@ -260,7 +260,7 @@
+ _randword=`grep -n . ${_wordlist} | grep "^${_linenum}:" | cut -d: -f2`
+
+ # If $_randword has anything other than lower-case chars, try again
+- (echo ${_randword} | LC_ALL=C grep '[^a-z]' 2>&1 >> /dev/null \
++ ({ echo ${_randword} | LC_ALL=C grep '[^a-z]' 2>&1; } >> /dev/null \
+ && gen_rand_word ) || \
+
+ # Return the word
+diff --color -ru a/src/commandconf.c b/src/commandconf.c
+--- a/src/commandconf.c 2021-05-20 10:37:53.842382143 +0200
++++ b/src/commandconf.c 2021-05-25 14:16:43.278526146 +0200
+@@ -313,7 +313,7 @@
+ } else {
+ /* gzread returns 0 even if uncompressed bytes were read*/
+ error(240,"nread=%d,strlen(buf)=%lu,errno=%s,gzerr=%s\n",
+- retval,(unsigned long)strnlen((char*)buf, max_size),
++ retval,(unsigned long)strnlen((char*)buf, retval),
+ strerror(errno),gzerror(*db_gzp,&err));
+ if(retval==0){
+ retval=strnlen((char*)buf, max_size);
+@@ -836,6 +836,11 @@
+ }
+ break;
+ }
++ default: {
++ error(0,"Unsupported dbtype.\n");
++ free(u);
++ break;
++ }
+ }
+ }
+ free(val);
+@@ -900,7 +905,7 @@
+ } else {
+ error_init(u,0);
+ }
+-
++ free(u->value);
+ free(u);
+ }
+
+diff --color -ru a/src/db_disk.c b/src/db_disk.c
+--- a/src/db_disk.c 2021-05-20 10:37:53.842382143 +0200
++++ b/src/db_disk.c 2021-05-20 12:37:00.081493364 +0200
+@@ -125,10 +125,10 @@
+
+ ret = (char *) malloc (len);
+ ret[0] = (char) 0;
+- strncpy(ret, conf->root_prefix, conf->root_prefix_length+1);
+- strncat (ret, r->path, len2);
++ strcpy(ret, conf->root_prefix);
++ strcat (ret, r->path);
+ if (r->path[len2 - 1] != '/') {
+- strncat (ret, "/", 1);
++ strcat (ret, "/");
+ }
+ strcat (ret, s);
+ return ret;
+@@ -207,8 +207,8 @@
+ if (!root_handled) {
+ root_handled = 1;
+ fullname=malloc((conf->root_prefix_length+2)*sizeof(char));
+- strncpy(fullname, conf->root_prefix, conf->root_prefix_length+1);
+- strncat (fullname, "/", 1);
++ strcpy(fullname, conf->root_prefix);
++ strcat (fullname, "/");
+ if (!get_file_status(&fullname[conf->root_prefix_length], &fs)) {
+ add = check_rxtree (&fullname[conf->root_prefix_length], conf->tree, &attr, fs.st_mode);
+ error (240, "%s match=%d, tree=%p, attr=%llu\n", &fullname[conf->root_prefix_length], add,
+@@ -346,8 +346,8 @@
+ error (255, "r->childs %p, r->parent %p,r->checked %i\n",
+ r->childs, r->parent, r->checked);
+ fullname=malloc((conf->root_prefix_length+strlen(r->path)+1)*sizeof(char));
+- strncpy(fullname, conf->root_prefix, conf->root_prefix_length+1);
+- strncat(fullname, r->path, strlen(r->path));
++ strcpy(fullname, conf->root_prefix);
++ strcat(fullname, r->path);
+ dirh=open_dir(fullname);
+ if (! dirh) {
+
+@@ -441,8 +441,8 @@
+
+
+ char* fullname=malloc((conf->root_prefix_length+2)*sizeof(char));
+- strncpy(fullname, conf->root_prefix, conf->root_prefix_length+1);
+- strncat (fullname, "/", 1);
++ strcpy(fullname, conf->root_prefix);
++ strcat (fullname, "/");
+ dirh=open_dir(fullname);
+ free(fullname);
+
+diff --color -ru a/src/error.c b/src/error.c
+--- a/src/error.c 2021-05-20 10:37:53.836382037 +0200
++++ b/src/error.c 2021-05-21 11:49:09.781313097 +0200
+@@ -125,7 +125,7 @@
+ fh=be_init(0,url,0);
+ if(fh!=NULL) {
+ conf->report_fd=list_append(conf->report_fd,(void*)fh);
+- conf->report_url=list_append(conf->report_url,(void*)url);
++ conf->report_url=list_append(conf->report_url,(void*)strdup(url));
+ return RETOK;
+ }
+
+diff --color -ru a/src/util.c b/src/util.c
+--- a/src/util.c 2021-05-20 10:37:53.843382160 +0200
++++ b/src/util.c 2021-05-25 11:04:39.507278771 +0200
+@@ -105,13 +105,15 @@
+ for(i=0;r[0]!='/'&&r[0]!='\0';r++,i++);
+ if(r[0]=='\0'){
+ error(0,"Invalid file-URL,no path after hostname: file:%s\n",t);
++ free(u);
++ free(val_copy);
+ free(hostname);
+ return NULL;
+ }
+ u->value=strdup(r);
+ r[0]='\0';
+ if(gethostname(hostname,MAXHOSTNAMELEN)==-1){
+- strncpy(hostname,"localhost", 10);
++ strncpy(hostname,"localhost",MAXHOSTNAMELEN);
+ }
+
+ if( (strcmp(t,"localhost")==0)||(strcmp(t,hostname)==0)){
+@@ -119,6 +121,9 @@
+ break;
+ } else {
+ error(0,"Invalid file-URL, cannot use hostname other than localhost or %s: file:%s\n",hostname,u->value);
++ free(u->value);
++ free(u);
++ free(val_copy);
+ free(hostname);
+ return NULL;
+ }
+@@ -229,6 +234,10 @@
+ int i=0;
+
+ pc=(char*)malloc(sizeof(char)*11);
++ if (!pc) {
++ error(0, "Memory allocation failed.\n");
++ return NULL;
++ }
+ for(i=0;i<10;i++){
+ pc[i]='-';
+ }
+@@ -369,14 +378,17 @@
+
+ if (path != NULL) {
+ if (path[0] == '~') {
+- if((homedir=getenv("HOME")) != NULL) {
++ if ((homedir=getenv("HOME")) != NULL) {
+ path_len = strlen(path+sizeof(char));
+ homedir_len = strlen(homedir);
+ full_len = homedir_len+path_len;
+ full = malloc(sizeof(char) * (full_len+1));
+- strncpy(full, homedir, homedir_len);
+- strncpy(full+homedir_len, path+sizeof(char), path_len);
+- full[full_len] = '\0';
++ if (!full) {
++ error(0, "Memory allocation failed.\n");
++ return path;
++ }
++ strcpy(full, homedir);
++ strcat(full, path+sizeof(char));
+ free(path);
+ /* Don't free(homedir); because it is not safe on some platforms */
+ path = full;
diff --git a/SOURCES/aide.conf b/SOURCES/aide.conf
new file mode 100644
index 0000000..5221380
--- /dev/null
+++ b/SOURCES/aide.conf
@@ -0,0 +1,303 @@
+# Example configuration file for AIDE.
+
+@@define DBDIR /var/lib/aide
+@@define LOGDIR /var/log/aide
+
+# The location of the database to be read.
+database=file:@@{DBDIR}/aide.db.gz
+
+# The location of the database to be written.
+#database_out=sql:host:port:database:login_name:passwd:table
+#database_out=file:aide.db.new
+database_out=file:@@{DBDIR}/aide.db.new.gz
+
+# Whether to gzip the output to database
+gzip_dbout=yes
+
+# Default.
+verbose=5
+
+report_url=file:@@{LOGDIR}/aide.log
+report_url=stdout
+#report_url=stderr
+#NOT IMPLEMENTED report_url=mailto:root@foo.com
+#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
+
+# These are the default rules.
+#
+#p: permissions
+#i: inode:
+#n: number of links
+#u: user
+#g: group
+#s: size
+#b: block count
+#m: mtime
+#a: atime
+#c: ctime
+#S: check for growing size
+#acl: Access Control Lists
+#selinux SELinux security context
+#xattrs: Extended file attributes
+#md5: md5 checksum
+#sha1: sha1 checksum
+#sha256: sha256 checksum
+#sha512: sha512 checksum
+#rmd160: rmd160 checksum
+#tiger: tiger checksum
+
+#haval: haval checksum (MHASH only)
+#gost: gost checksum (MHASH only)
+#crc32: crc32 checksum (MHASH only)
+#whirlpool: whirlpool checksum (MHASH only)
+
+#R: p+i+n+u+g+s+m+c+acl+selinux+xattrs+md5
+#L: p+i+n+u+g+acl+selinux+xattrs
+#E: Empty group
+#>: Growing logfile p+u+g+i+n+S+acl+selinux+xattrs
+
+# You can create custom rules like this.
+# With MHASH...
+# ALLXTRAHASHES = sha1+rmd160+sha256+sha512+whirlpool+tiger+haval+gost+crc32
+ALLXTRAHASHES = sha1+rmd160+sha256+sha512+tiger
+# Everything but access time (Ie. all changes)
+EVERYTHING = R+ALLXTRAHASHES
+
+# Sane
+# NORMAL = R+sha512
+NORMAL = p+i+n+u+g+s+m+c+acl+selinux+xattrs+sha512
+
+# For directories, don't bother doing hashes
+DIR = p+i+n+u+g+acl+selinux+xattrs
+
+# Access control only
+PERMS = p+u+g+acl+selinux+xattrs
+
+# Logfile are special, in that they often change
+LOG = p+u+g+n+S+acl+selinux+xattrs
+
+# Content + file type.
+CONTENT = sha512+ftype
+
+# Extended content + file type + access.
+CONTENT_EX = sha512+ftype+p+u+g+n+acl+selinux+xattrs
+
+# Some files get updated automatically, so the inode/ctime/mtime change
+# but we want to know when the data inside them changes
+DATAONLY = p+n+u+g+s+acl+selinux+xattrs+sha512
+
+# Next decide what directories/files you want in the database.
+
+/boot CONTENT_EX
+/opt CONTENT
+
+# Admins dot files constantly change, just check perms
+/root/\..* PERMS
+!/root/.xauth*
+# Otherwise get all of /root.
+/root CONTENT_EX
+
+# These are too volatile
+!/usr/src
+!/usr/tmp
+
+# Otherwise get all of /usr.
+/usr CONTENT_EX
+
+# trusted databases
+/etc/hosts$ CONTENT_EX
+/etc/host.conf$ CONTENT_EX
+/etc/hostname$ CONTENT_EX
+/etc/issue$ CONTENT_EX
+/etc/issue.net$ CONTENT_EX
+/etc/protocols$ CONTENT_EX
+/etc/services$ CONTENT_EX
+/etc/localtime$ CONTENT_EX
+/etc/alternatives CONTENT_EX
+/etc/sysconfig CONTENT_EX
+/etc/mime.types$ CONTENT_EX
+/etc/terminfo CONTENT_EX
+/etc/exports$ CONTENT_EX
+/etc/fstab$ CONTENT_EX
+/etc/passwd$ CONTENT_EX
+/etc/group$ CONTENT_EX
+/etc/gshadow$ CONTENT_EX
+/etc/shadow$ CONTENT_EX
+/etc/subgid$ CONTENT_EX
+/etc/subuid$ CONTENT_EX
+/etc/security/opasswd$ CONTENT_EX
+/etc/skel CONTENT_EX
+/etc/sssd CONTENT_EX
+/etc/machine-id$ CONTENT_EX
+/etc/swid CONTENT_EX
+/etc/system-release-cpe$ CONTENT_EX
+/etc/shells$ CONTENT_EX
+/etc/tmux.conf$ CONTENT_EX
+/etc/xattr.conf$ CONTENT_EX
+
+# networking
+/etc/firewalld CONTENT_EX
+!/etc/NetworkManager/system-connections
+/etc/NetworkManager CONTENT_EX
+/etc/networks$ CONTENT_EX
+/etc/dhcp CONTENT_EX
+/etc/wpa_supplicant CONTENT_EX
+/etc/resolv.conf$ DATAONLY
+/etc/nscd.conf$ CONTENT_EX
+
+# logins and accounts
+/etc/login.defs$ CONTENT_EX
+/etc/libuser.conf$ CONTENT_EX
+/var/log/faillog$ PERMS
+/var/log/lastlog$ PERMS
+/var/run/faillock PERMS
+/etc/pam.d CONTENT_EX
+/etc/security CONTENT_EX
+/etc/securetty$ CONTENT_EX
+/etc/polkit-1 CONTENT_EX
+/etc/sudo.conf$ CONTENT_EX
+/etc/sudoers$ CONTENT_EX
+/etc/sudoers.d CONTENT_EX
+
+# Shell/X startup files
+/etc/profile$ CONTENT_EX
+/etc/profile.d CONTENT_EX
+/etc/bashrc$ CONTENT_EX
+/etc/bash_completion.d CONTENT_EX
+/etc/zprofile$ CONTENT_EX
+/etc/zshrc$ CONTENT_EX
+/etc/zlogin$ CONTENT_EX
+/etc/zlogout$ CONTENT_EX
+/etc/X11 CONTENT_EX
+
+# Pkg manager
+/etc/dnf CONTENT_EX
+/etc/yum.conf$ CONTENT_EX
+/etc/yum CONTENT_EX
+/etc/yum.repos.d CONTENT_EX
+
+# This gets new/removes-old filenames daily
+!/var/log/sa
+# As we are checking it, we've truncated yesterdays size to zero.
+!/var/log/aide.log
+
+# auditing
+# AIDE produces an audit record, so this becomes perpetual motion.
+/var/log/audit PERMS
+/etc/audit CONTENT_EX
+/etc/libaudit.conf$ CONTENT_EX
+/etc/aide.conf$ CONTENT_EX
+
+# System logs
+/etc/rsyslog.conf$ CONTENT_EX
+/etc/rsyslog.d CONTENT_EX
+/etc/logrotate.conf$ CONTENT_EX
+/etc/logrotate.d CONTENT_EX
+/etc/systemd/journald.conf$ CONTENT_EX
+/var/log LOG+ANF+ARF
+/var/run/utmp LOG
+
+# secrets
+/etc/pkcs11 CONTENT_EX
+/etc/pki CONTENT_EX
+/etc/crypto-policies CONTENT_EX
+/etc/certmonger CONTENT_EX
+/var/lib/systemd/random-seed$ PERMS
+
+# init system
+/etc/systemd CONTENT_EX
+/etc/rc.d CONTENT_EX
+/etc/tmpfiles.d CONTENT_EX
+
+# boot config
+/etc/default CONTENT_EX
+/etc/grub.d CONTENT_EX
+/etc/dracut.conf$ CONTENT_EX
+/etc/dracut.conf.d CONTENT_EX
+
+# glibc linker
+/etc/ld.so.cache$ CONTENT_EX
+/etc/ld.so.conf$ CONTENT_EX
+/etc/ld.so.conf.d CONTENT_EX
+/etc/ld.so.preload$ CONTENT_EX
+
+# kernel config
+/etc/sysctl.conf$ CONTENT_EX
+/etc/sysctl.d CONTENT_EX
+/etc/modprobe.d CONTENT_EX
+/etc/modules-load.d CONTENT_EX
+/etc/depmod.d CONTENT_EX
+/etc/udev CONTENT_EX
+/etc/crypttab$ CONTENT_EX
+
+#### Daemons ####
+
+# cron jobs
+/etc/at.allow$ CONTENT
+/etc/at.deny$ CONTENT
+/etc/anacrontab$ CONTENT_EX
+/etc/cron.allow$ CONTENT_EX
+/etc/cron.deny$ CONTENT_EX
+/etc/cron.d CONTENT_EX
+/etc/cron.daily CONTENT_EX
+/etc/cron.hourly CONTENT_EX
+/etc/cron.monthly CONTENT_EX
+/etc/cron.weekly CONTENT_EX
+/etc/crontab$ CONTENT_EX
+/var/spool/cron/root CONTENT
+
+# time keeping
+/etc/chrony.conf$ CONTENT_EX
+/etc/chrony.keys$ CONTENT_EX
+
+# mail
+/etc/aliases$ CONTENT_EX
+/etc/aliases.db$ CONTENT_EX
+/etc/postfix CONTENT_EX
+
+# ssh
+/etc/ssh/sshd_config$ CONTENT_EX
+/etc/ssh/ssh_config$ CONTENT_EX
+
+# stunnel
+/etc/stunnel CONTENT_EX
+
+# printing
+/etc/cups CONTENT_EX
+/etc/cupshelpers CONTENT_EX
+/etc/avahi CONTENT_EX
+
+# web server
+/etc/httpd CONTENT_EX
+
+# dns
+/etc/named CONTENT_EX
+/etc/named.conf$ CONTENT_EX
+/etc/named.iscdlv.key$ CONTENT_EX
+/etc/named.rfc1912.zones$ CONTENT_EX
+/etc/named.root.key$ CONTENT_EX
+
+# xinetd
+/etc/xinetd.conf$ CONTENT_EX
+/etc/xinetd.d CONTENT_EX
+
+# IPsec
+/etc/ipsec.conf$ CONTENT_EX
+/etc/ipsec.secrets$ CONTENT_EX
+/etc/ipsec.d CONTENT_EX
+
+# USB guard
+/etc/usbguard CONTENT_EX
+
+# Ignore some files
+!/etc/mtab$
+!/etc/.*~
+
+# Now everything else
+/etc PERMS
+
+# With AIDE's default verbosity level of 5, these would give lots of
+# warnings upon tree traversal. It might change with future version.
+#
+#=/lost\+found DIR
+#=/home DIR
diff --git a/SOURCES/aide.logrotate b/SOURCES/aide.logrotate
new file mode 100644
index 0000000..614c6a6
--- /dev/null
+++ b/SOURCES/aide.logrotate
@@ -0,0 +1,9 @@
+/var/log/aide/*.log {
+ weekly
+ missingok
+ rotate 4
+ compress
+ delaycompress
+ copytruncate
+ minsize 100k
+}
diff --git a/SOURCES/coverity.patch b/SOURCES/coverity.patch
new file mode 100644
index 0000000..9b981be
--- /dev/null
+++ b/SOURCES/coverity.patch
@@ -0,0 +1,642 @@
+diff -up ./include/be.h.coverity ./include/be.h
+--- ./include/be.h.coverity 2016-07-25 22:56:55.000000000 +0200
++++ ./include/be.h 2018-10-10 19:27:18.680632681 +0200
+@@ -22,6 +22,6 @@
+ #define _BE_H_INCLUDED
+ #include "db_config.h"
+
+-FILE* be_init(int inout,url_t* u,int iszipped);
++void* be_init(int inout,url_t* u,int iszipped);
+
+ #endif /* _BE_H_INCLUDED */
+diff -up ./include/db_config.h.coverity ./include/db_config.h
+--- ./include/db_config.h.coverity 2018-10-10 19:27:18.672632611 +0200
++++ ./include/db_config.h 2018-10-10 19:27:18.681632689 +0200
+@@ -376,7 +376,7 @@ typedef struct db_config {
+ #endif
+
+ url_t* initial_report_url;
+- FILE* initial_report_fd;
++ void* initial_report_fd;
+
+ /* report_url is a list of url_t*s */
+ list* report_url;
+diff -up ./src/aide.c.coverity ./src/aide.c
+--- ./src/aide.c.coverity 2018-10-10 19:27:18.678632663 +0200
++++ ./src/aide.c 2018-10-10 19:27:18.681632689 +0200
+@@ -278,7 +278,7 @@ static void setdefaults_before_config()
+ error(0,_("Couldn't get hostname"));
+ free(s);
+ } else {
+- s=(char*)realloc((void*)s,strlen(s)+1);
++ // s=(char*)realloc((void*)s,strlen(s)+1);
+ do_define("HOSTNAME",s);
+ }
+
+@@ -506,8 +506,6 @@ static void setdefaults_after_config()
+ int main(int argc,char**argv)
+ {
+ int errorno=0;
+- byte* dig=NULL;
+- char* digstr=NULL;
+
+ #ifdef USE_LOCALE
+ setlocale(LC_ALL,"");
+@@ -544,6 +542,10 @@ int main(int argc,char**argv)
+ }
+
+ errorno=commandconf('C',conf->config_file);
++ if (errorno==RETFAIL){
++ error(0,_("Configuration error\n"));
++ exit(INVALID_CONFIGURELINE_ERROR);
++ }
+
+ errorno=commandconf('D',"");
+ if (errorno==RETFAIL){
+@@ -594,6 +596,9 @@ int main(int argc,char**argv)
+ }
+ }
+ #ifdef WITH_MHASH
++ byte* dig=NULL;
++ char* digstr=NULL;
++
+ if(conf->config_check&&FORCECONFIGMD){
+ error(0,"Can't give config checksum when compiled with --enable-forced_configmd\n");
+ exit(INVALID_ARGUMENT_ERROR);
+diff -up ./src/base64.c.coverity ./src/base64.c
+--- ./src/base64.c.coverity 2016-07-25 22:56:55.000000000 +0200
++++ ./src/base64.c 2018-10-10 19:27:18.681632689 +0200
+@@ -209,6 +209,7 @@ byte* decode_base64(char* src,size_t ssi
+ case FAIL:
+ error(3, "decode_base64: Illegal character: %c\n", *inb);
+ error(230, "decode_base64: Illegal line:\n%s\n", src);
++ free(outbuf);
+ return NULL;
+ break;
+ case SKIP:
+@@ -260,7 +261,7 @@ size_t length_base64(char* src,size_t ss
+ int l;
+ int left;
+ size_t pos;
+- unsigned long triple;
++ //unsigned long triple;
+
+ error(235, "decode base64\n");
+ /* Exit on empty input */
+@@ -273,7 +274,7 @@ size_t length_base64(char* src,size_t ss
+ inb = src;
+
+ l = 0;
+- triple = 0;
++ //triple = 0;
+ pos=0;
+ left = ssize;
+ /*
+@@ -293,7 +294,7 @@ size_t length_base64(char* src,size_t ss
+ case SKIP:
+ break;
+ default:
+- triple = triple<<6 | (0x3f & i);
++ //triple = triple<<6 | (0x3f & i);
+ l++;
+ break;
+ }
+@@ -302,10 +303,10 @@ size_t length_base64(char* src,size_t ss
+ switch(l)
+ {
+ case 2:
+- triple = triple>>4;
++ //triple = triple>>4;
+ break;
+ case 3:
+- triple = triple>>2;
++ //triple = triple>>2;
+ break;
+ default:
+ break;
+@@ -314,7 +315,7 @@ size_t length_base64(char* src,size_t ss
+ {
+ pos++;
+ }
+- triple = 0;
++ //triple = 0;
+ l = 0;
+ }
+ inb++;
+diff -up ./src/be.c.coverity ./src/be.c
+--- ./src/be.c.coverity 2016-07-25 22:56:55.000000000 +0200
++++ ./src/be.c 2018-10-10 19:27:18.681632689 +0200
+@@ -117,9 +117,9 @@ static char* get_first_value(char** in){
+
+ #endif
+
+-FILE* be_init(int inout,url_t* u,int iszipped)
++void* be_init(int inout,url_t* u,int iszipped)
+ {
+- FILE* fh=NULL;
++ void* fh=NULL;
+ long a=0;
+ char* err=NULL;
+ int fd;
+diff -up ./src/commandconf.c.coverity ./src/commandconf.c
+--- ./src/commandconf.c.coverity 2016-07-25 22:56:55.000000000 +0200
++++ ./src/commandconf.c 2018-10-10 19:27:18.682632698 +0200
+@@ -106,7 +106,7 @@ int commandconf(const char mode,const ch
+ rv=0;
+ } else {
+
+- rv=access(config,R_OK);
++ if (config != NULL) rv=access(config,R_OK);
+ if(rv==-1){
+ error(0,_("Cannot access config file: %s: %s\n"),config,strerror(errno));
+ }
+@@ -166,14 +166,11 @@ int commandconf(const char mode,const ch
+ int conf_input_wrapper(char* buf, int max_size, FILE* in)
+ {
+ int retval=0;
+- int c=0;
+- char* tmp=NULL;
+- void* key=NULL;
+- int keylen=0;
+
+ /* FIXME Add support for gzipped config. :) */
+ #ifdef WITH_MHASH
+ /* Read a character at a time until we are doing md */
++ int c=0;
+ if(conf->do_configmd){
+ retval=fread(buf,1,max_size,in);
+ }else {
+@@ -185,6 +182,9 @@ int conf_input_wrapper(char* buf, int ma
+ #endif
+
+ #ifdef WITH_MHASH
++ char* tmp=NULL;
++ void* key=NULL;
++ int keylen=0;
+ if(conf->do_configmd||conf->config_check){
+ if(((conf->do_configmd==1)&&conf->config_check)||!conf->confmd){
+ if(conf->do_configmd==1){
+@@ -276,6 +276,9 @@ int db_input_wrapper(char* buf, int max_
+ #endif
+ break;
+ }
++ default: {
++ return 0;
++ }
+ }
+
+ #ifdef WITH_CURL
+@@ -651,7 +654,6 @@ int handle_endif(int doit,int allow_else
+ case 0 : {
+ conferror("@@endif or @@else expected");
+ return -1;
+- count=0;
+ }
+
+ default : {
+@@ -816,6 +818,7 @@ void do_dbdef(int dbtype,char* val)
+ if(u==NULL||u->type==url_unknown||u->type==url_stdout
+ ||u->type==url_stderr) {
+ error(0,_("Unsupported input URL-type:%s\n"),val);
++ free(u);
+ }
+ else {
+ *conf_db_url=u;
+@@ -825,6 +828,7 @@ void do_dbdef(int dbtype,char* val)
+ case DB_WRITE: {
+ if(u==NULL||u->type==url_unknown||u->type==url_stdin){
+ error(0,_("Unsupported output URL-type:%s\n"),val);
++ free(u);
+ }
+ else{
+ conf->db_out_url=u;
+@@ -848,6 +852,7 @@ void do_dbindef(char* val)
+ if(u==NULL||u->type==url_unknown||u->type==url_stdout
+ ||u->type==url_stderr) {
+ error(0,_("Unsupported input URL-type:%s\n"),val);
++ free(u);
+ }
+ else {
+ conf->db_in_url=u;
+@@ -869,6 +874,7 @@ void do_dboutdef(char* val)
+ * both input and output urls */
+ if(u==NULL||u->type==url_unknown||u->type==url_stdin){
+ error(0,_("Unsupported output URL-type:%s\n"),val);
++ free(u);
+ }
+ else{
+ conf->db_out_url=u;
+@@ -894,7 +900,8 @@ void do_repurldef(char* val)
+ } else {
+ error_init(u,0);
+ }
+-
++
++ free(u);
+ }
+
+ void do_verbdef(char* val)
+@@ -984,7 +991,7 @@ void do_report_ignore_e2fsattrs(char* va
+ break;
+ }
+ }
+- *val++;
++ val++;
+ }
+ }
+ #endif
+diff -up ./src/compare_db.c.coverity ./src/compare_db.c
+--- ./src/compare_db.c.coverity 2018-10-10 19:27:18.673632619 +0200
++++ ./src/compare_db.c 2018-10-10 19:27:18.682632698 +0200
+@@ -312,7 +312,7 @@ static int acl2array(acl_type* acl, char
+ if (conf->syslog_format) {
+ *values = malloc(2 * sizeof(char*));
+
+- char *A, *D = "<NONE>";
++ char *A= "<NONE>", *D = "<NONE>";
+
+ if (acl->acl_a) { A = acl->acl_a; }
+ if (acl->acl_d) { D = acl->acl_d; }
+diff -up ./src/conf_lex.l.coverity ./src/conf_lex.l
+--- ./src/conf_lex.l.coverity 2018-10-10 19:27:18.673632619 +0200
++++ ./src/conf_lex.l 2018-10-10 19:27:18.682632698 +0200
+@@ -133,7 +133,7 @@ int var_in_conflval=0;
+ <EXPR>[\ \t]*\n {
+ conf_lineno++;
+ return (TNEWLINE);
+- BEGIN 0;
++// BEGIN 0;
+ }
+
+ <EXPR>\+ {
+diff -up ./src/db.c.coverity ./src/db.c
+--- ./src/db.c.coverity 2016-07-25 22:56:55.000000000 +0200
++++ ./src/db.c 2018-10-10 19:27:18.683632707 +0200
+@@ -27,6 +27,7 @@
+ #include "db_file.h"
+ #include "db_disk.h"
+ #include "md.h"
++#include "fopen.h"
+
+ #ifdef WITH_PSQL
+ #include "db_sql.h"
+@@ -269,6 +270,9 @@ db_line* db_readline(int db){
+ db_order=&(conf->db_new_order);
+ break;
+ }
++ default: {
++ return NULL;
++ }
+ }
+
+ switch (db_url->type) {
+@@ -368,7 +372,7 @@ db_line* db_char2line(char** ss,int db){
+
+ int i;
+ db_line* line=(db_line*)malloc(sizeof(db_line)*1);
+- int* db_osize=0;
++ int* db_osize=NULL;
+ DB_FIELD** db_order=NULL;
+
+ switch (db) {
+@@ -382,6 +386,10 @@ db_line* db_char2line(char** ss,int db){
+ db_order=&(conf->db_new_order);
+ break;
+ }
++ default: {
++ free(line);
++ return NULL;
++ }
+ }
+
+
+@@ -601,7 +609,9 @@ db_line* db_char2line(char** ss,int db){
+ size_t vsz = 0;
+
+ tval = strtok(NULL, ",");
+- line->xattrs->ents[num].key = db_readchar(strdup(tval));
++ char * tmp = strdup(tval);
++ line->xattrs->ents[num].key = db_readchar(tmp);
++ free(tmp);
+ tval = strtok(NULL, ",");
+ val = base64tobyte(tval, strlen(tval), &vsz);
+ line->xattrs->ents[num].val = val;
+@@ -648,6 +658,8 @@ db_line* db_char2line(char** ss,int db){
+
+ default : {
+ error(0,_("Not implemented in db_char2line %i \n"),(*db_order)[i]);
++ free_db_line(line);
++ free(line);
+ return NULL;
+ }
+
+@@ -826,7 +838,7 @@ void db_close() {
+ case url_ftp:
+ {
+ if (conf->db_out!=NULL) {
+- url_fclose(conf->db_out);
++ url_fclose((URL_FILE*)conf->db_out);
+ }
+ break;
+ }
+diff -up ./src/db_disk.c.coverity ./src/db_disk.c
+--- ./src/db_disk.c.coverity 2016-07-25 22:56:55.000000000 +0200
++++ ./src/db_disk.c 2018-10-10 19:28:00.108995089 +0200
+@@ -79,9 +79,15 @@ static DIR *open_dir(char* path) {
+
+ static void next_in_dir (void)
+ {
++
+ #ifdef HAVE_READDIR_R
+- if (dirh != NULL)
++ if (dirh != NULL) {
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+ rdres = AIDE_READDIR_R_FUNC (dirh, entp, resp);
++#pragma GCC diagnostic pop
++ }
++
+ #else
+ #ifdef HAVE_READDIR
+ if (dirh != NULL) {
+diff -up ./src/db_file.c.coverity ./src/db_file.c
+--- ./src/db_file.c.coverity 2016-07-25 22:56:55.000000000 +0200
++++ ./src/db_file.c 2018-10-10 19:27:18.683632707 +0200
+@@ -171,7 +171,7 @@ int dofprintf( const char* s,...)
+ int db_file_read_spec(int db){
+
+ int i=0;
+- int* db_osize=0;
++ int* db_osize=NULL;
+ DB_FIELD** db_order=NULL;
+
+ switch (db) {
+@@ -187,6 +187,9 @@ int db_file_read_spec(int db){
+ db_lineno=&db_new_lineno;
+ break;
+ }
++ default: {
++ return RETFAIL;
++ }
+ }
+
+ *db_order=(DB_FIELD*) malloc(1*sizeof(DB_FIELD));
+@@ -198,13 +201,10 @@ int db_file_read_spec(int db){
+ int l;
+
+
+- /* Yes... we do not check if realloc returns nonnull */
+-
+- *db_order=(DB_FIELD*)
+- realloc((void*)*db_order,
++ void * tmp = realloc((void*)*db_order,
+ ((*db_osize)+1)*sizeof(DB_FIELD));
+-
+- if(*db_order==NULL){
++ if (tmp != NULL) *db_order=(DB_FIELD*) tmp;
++ else {
+ return RETFAIL;
+ }
+
+@@ -291,8 +291,8 @@ char** db_readline_file(int db){
+ int* domd=NULL;
+ #ifdef WITH_MHASH
+ MHASH* md=NULL;
+-#endif
+ char** oldmdstr=NULL;
++#endif
+ int* db_osize=0;
+ DB_FIELD** db_order=NULL;
+ FILE** db_filep=NULL;
+@@ -302,9 +302,9 @@ char** db_readline_file(int db){
+ case DB_OLD: {
+ #ifdef WITH_MHASH
+ md=&(conf->dboldmd);
++ oldmdstr=&(conf->old_dboldmdstr);
+ #endif
+ domd=&(conf->do_dboldmd);
+- oldmdstr=&(conf->old_dboldmdstr);
+
+ db_osize=&(conf->db_in_size);
+ db_order=&(conf->db_in_order);
+@@ -316,9 +316,9 @@ char** db_readline_file(int db){
+ case DB_NEW: {
+ #ifdef WITH_MHASH
+ md=&(conf->dbnewmd);
++ oldmdstr=&(conf->old_dbnewmdstr);
+ #endif
+ domd=&(conf->do_dbnewmd);
+- oldmdstr=&(conf->old_dbnewmdstr);
+
+ db_osize=&(conf->db_new_size);
+ db_order=&(conf->db_new_order);
+@@ -328,7 +328,9 @@ char** db_readline_file(int db){
+ break;
+ }
+ }
+-
++
++ if (db_osize == NULL) return NULL;
++
+ if (*db_osize==0) {
+ db_buff(db,*db_filep);
+
+@@ -737,8 +739,6 @@ int db_writespec_file(db_config* dbconf)
+ int i=0;
+ int j=0;
+ int retval=1;
+- void*key=NULL;
+- int keylen=0;
+ struct tm* st;
+ time_t tim=time(&tim);
+ st=localtime(&tim);
+@@ -750,6 +750,8 @@ int db_writespec_file(db_config* dbconf)
+
+ #ifdef WITH_MHASH
+ /* From hereon everything must MD'd before write to db */
++ void*key=NULL;
++ int keylen=0;
+ if((key=get_db_key())!=NULL){
+ keylen=get_db_key_len();
+ dbconf->do_dbnewmd=1;
+diff -up ./src/do_md.c.coverity ./src/do_md.c
+--- ./src/do_md.c.coverity 2016-07-25 22:56:55.000000000 +0200
++++ ./src/do_md.c 2018-10-10 19:27:18.683632707 +0200
+@@ -202,7 +202,6 @@ void calc_md(struct AIDE_STAT_TYPE* old_
+ and we don't read from a pipe :)
+ */
+ struct AIDE_STAT_TYPE fs;
+- int sres=0;
+ int stat_diff,filedes;
+ #ifdef WITH_PRELINK
+ pid_t pid;
+@@ -237,7 +236,7 @@ void calc_md(struct AIDE_STAT_TYPE* old_
+ return;
+ }
+
+- sres=AIDE_FSTAT_FUNC(filedes,&fs);
++ AIDE_FSTAT_FUNC(filedes,&fs);
+ if(!(line->attr&DB_RDEV))
+ fs.st_rdev=0;
+
+@@ -331,7 +330,7 @@ void calc_md(struct AIDE_STAT_TYPE* old_
+ }
+ #endif
+ #endif /* not HAVE_MMAP */
+- buf=malloc(READ_BLOCK_SIZE);
++// buf=malloc(READ_BLOCK_SIZE);
+ #if READ_BLOCK_SIZE>SSIZE_MAX
+ #error "READ_BLOCK_SIZE" is too large. Max value is SSIZE_MAX, and current is READ_BLOCK_SIZE
+ #endif
+diff -up ./src/gen_list.c.coverity ./src/gen_list.c
+--- ./src/gen_list.c.coverity 2016-07-25 22:56:55.000000000 +0200
++++ ./src/gen_list.c 2018-10-10 19:27:18.684632716 +0200
+@@ -843,15 +843,15 @@ static void add_file_to_tree(seltree* tr
+ DB_ATTR_TYPE localignorelist=0;
+ DB_ATTR_TYPE ignored_added_attrs, ignored_removed_attrs, ignored_changed_attrs;
+
++ if(file==NULL){
++ error(0, "add_file_to_tree was called with NULL db_line\n");
++ }
++
+ node=get_seltree_node(tree,file->filename);
+
+ if(!node){
+ node=new_seltree_node(tree,file->filename,0,NULL);
+ }
+-
+- if(file==NULL){
+- error(0, "add_file_to_tree was called with NULL db_line\n");
+- }
+
+ /* add note to this node which db has modified it */
+ node->checked|=db;
+diff -up ./src/md.c.coverity ./src/md.c
+--- ./src/md.c.coverity 2018-10-10 19:27:18.679632672 +0200
++++ ./src/md.c 2018-10-10 19:27:18.684632716 +0200
+@@ -36,8 +36,8 @@
+ */
+
+ DB_ATTR_TYPE hash_gcrypt2attr(int i) {
+- DB_ATTR_TYPE r=0;
+ #ifdef WITH_GCRYPT
++ DB_ATTR_TYPE r=0;
+ switch (i) {
+ case GCRY_MD_MD5: {
+ r=DB_MD5;
+@@ -74,13 +74,15 @@ DB_ATTR_TYPE hash_gcrypt2attr(int i) {
+ default:
+ break;
+ }
+-#endif
+ return r;
++#else /* !WITH_GCRYPT */
++ return 0;
++#endif
+ }
+
+ const char * hash_gcrypt2str(int i) {
+- char * r = "?";
+ #ifdef WITH_GCRYPT
++ char * r = "?";
+ switch (i) {
+ case GCRY_MD_MD5: {
+ r = "MD5";
+@@ -117,13 +119,17 @@ const char * hash_gcrypt2str(int i) {
+ default:
+ break;
+ }
+-#endif
+ return r;
++#else /* !WITH_GCRYPT */
++ return "?";
++#endif
+ }
+
++#pragma GCC diagnostic push
++#pragma GCC diagnostic ignored "-Wunused-parameter"
+ DB_ATTR_TYPE hash_mhash2attr(int i) {
+- DB_ATTR_TYPE r=0;
+ #ifdef WITH_MHASH
++ DB_ATTR_TYPE r=0;
+ switch (i) {
+ case MHASH_CRC32: {
+ r=DB_CRC32;
+@@ -198,10 +204,15 @@ DB_ATTR_TYPE hash_mhash2attr(int i) {
+ default:
+ break;
+ }
+-#endif
++
+ return r;
++#else /*!WITH_MHASH */
++ return 0;
++#endif
+ }
+
++#pragma GCC diagnostic pop
++
+ /*
+ Initialise md_container according it's todo_attr field
+ */
+@@ -317,7 +328,6 @@ int init_md(struct md_container* md) {
+ */
+
+ int update_md(struct md_container* md,void* data,ssize_t size) {
+- int i;
+
+ error(255,"update_md called\n");
+
+@@ -328,6 +338,7 @@ int update_md(struct md_container* md,vo
+ #endif
+
+ #ifdef WITH_MHASH
++ int i;
+
+ for(i=0;i<=HASH_MHASH_COUNT;i++) {
+ if (md->mhash_mdh[i]!=MHASH_FAILED) {
+@@ -348,7 +359,6 @@ int update_md(struct md_container* md,vo
+ */
+
+ int close_md(struct md_container* md) {
+- int i;
+ #ifdef _PARAMETER_CHECK_
+ if (md==NULL) {
+ return RETFAIL;
+@@ -356,6 +366,7 @@ int close_md(struct md_container* md) {
+ #endif
+ error(255,"close_md called \n");
+ #ifdef WITH_MHASH
++ int i;
+ for(i=0;i<=HASH_MHASH_COUNT;i++) {
+ if (md->mhash_mdh[i]!=MHASH_FAILED) {
+ mhash (md->mhash_mdh[i], NULL, 0);
+diff -up ./src/util.c.coverity ./src/util.c
+--- ./src/util.c.coverity 2018-10-10 19:27:18.670632593 +0200
++++ ./src/util.c 2018-10-10 19:27:18.684632716 +0200
+@@ -105,13 +105,15 @@ url_t* parse_url(char* val)
+ for(i=0;r[0]!='/'&&r[0]!='\0';r++,i++);
+ if(r[0]=='\0'){
+ error(0,"Invalid file-URL,no path after hostname: file:%s\n",t);
++ free(hostname);
+ return NULL;
+ }
+ u->value=strdup(r);
+ r[0]='\0';
+ if(gethostname(hostname,MAXHOSTNAMELEN)==-1){
+- strncpy(hostname,"localhost", 10);
++ strncpy(hostname,"localhost", 10);
+ }
++
+ if( (strcmp(t,"localhost")==0)||(strcmp(t,hostname)==0)){
+ free(hostname);
+ break;
+@@ -120,7 +122,7 @@ url_t* parse_url(char* val)
+ free(hostname);
+ return NULL;
+ }
+- free(hostname);
++
+ break;
+ }
+ u->value=strdup(r);
diff --git a/SPECS/aide.spec b/SPECS/aide.spec
new file mode 100644
index 0000000..5901c61
--- /dev/null
+++ b/SPECS/aide.spec
@@ -0,0 +1,351 @@
+Summary: Intrusion detection environment
+Name: aide
+Version: 0.16
+Release: 21%{?dist}
+URL: http://sourceforge.net/projects/aide
+License: GPLv2+
+
+
+Source0: %{url}/files/aide/%{version}/%{name}-%{version}.tar.gz
+Source1: aide.conf
+Source2: README.quickstart
+Source3: aide.logrotate
+
+BuildRequires: gcc
+BuildRequires: make
+BuildRequires: bison flex
+BuildRequires: pcre-devel
+BuildRequires: libgpg-error-devel libgcrypt-devel
+BuildRequires: zlib-devel
+BuildRequires: libcurl-devel
+BuildRequires: libacl-devel
+BuildRequires: pkgconfig(libselinux)
+BuildRequires: libattr-devel
+BuildRequires: e2fsprogs-devel
+BuildRequires: audit-libs-devel
+BuildRequires: autoconf automake libtool
+
+# Customize the database file location in the man page.
+Patch1: aide-0.16rc1-man.patch
+# fix aide in FIPS mode
+Patch2: aide-0.16b1-fipsfix.patch
+# Bug 1674637 - aide: FTBFS in Fedora rawhide/f30
+Patch3: aide-0.16-Use-LDADD-for-adding-curl-library-to-the-linker-comm.patch
+
+Patch4: aide-0.15-syslog-format.patch
+Patch5: aide-0.16-crypto-disable-haval-and-others.patch
+Patch6: coverity.patch
+Patch7: aide-0.16-crash-elf.patch
+Patch8: aide-configure.patch
+Patch9: aide-static-analysis.patch
+
+%description
+AIDE (Advanced Intrusion Detection Environment) is a file integrity
+checker and intrusion detection program.
+
+%prep
+%autosetup -p1
+cp -a %{S:2} .
+
+%build
+autoreconf -ivf
+%configure \
+ --disable-static \
+ --with-config_file=%{_sysconfdir}/aide.conf \
+ --with-gcrypt \
+ --with-zlib \
+ --with-curl \
+ --with-posix-acl \
+ --with-selinux \
+ --with-xattr \
+ --with-e2fsattrs \
+ --with-audit \
+ --with-confighmactype=sha512 \
+ --with-dbhmactype=sha512
+%make_build
+
+%install
+%make_install bindir=%{_sbindir}
+install -Dpm0644 -t %{buildroot}%{_sysconfdir} %{S:1}
+install -Dpm0644 %{S:3} %{buildroot}%{_sysconfdir}/logrotate.d/aide
+mkdir -p %{buildroot}%{_localstatedir}/log/aide
+mkdir -p -m0700 %{buildroot}%{_localstatedir}/lib/aide
+
+%files
+%license COPYING
+%doc AUTHORS ChangeLog NEWS README doc/manual.html contrib/
+%doc README.quickstart
+%{_sbindir}/aide
+%{_mandir}/man1/*.1*
+%{_mandir}/man5/*.5*
+%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/aide.conf
+%config(noreplace) %{_sysconfdir}/logrotate.d/aide
+%dir %attr(0700,root,root) %{_localstatedir}/lib/aide
+%dir %attr(0700,root,root) %{_localstatedir}/log/aide
+
+%changelog
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.16-21
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+ Related: rhbz#1991688
+
+* Thu May 27 2021 Zoltan Fridrich <zfridric@redhat.com> - 0.16-20
+- fix configuration option with-dbhmactype
+- do not use sha1 and md5 by default
+ Resolves: rhbz#1935457
+- fix important static analysis issues
+ Resolves: rhbz#1938676
+
+* Mon May 10 2021 Zoltan Fridrich <zfridric@redhat.com> - 0.16-19
+- use gating and config file from rhel-8.5
+- remove check of periodically changing files
+ Resolves: rhbz#1957656
+- config cleanup
+ Resolves: rhbz#1957654
+
+* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.16-18
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-17
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Fri Jul 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-16
+- Second attempt - Rebuilt for
+ https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jun 24 2020 Radovan Sroka <rsroka@redhat.com> 0.16-14
+- AIDE breaks when setting report_ignore_e2fsattrs
+ Resolves: rhbz#1850276
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Wed Jul 31 2019 Radovan Sroka <rsroka@redhat.com> - 0.16-12
+- backport some patches
+ Resolves: rhbz#1717140
+
+* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Wed Feb 20 2019 Daniel Kopecek <dkopecek@redhat.com> - 0.16-10
+- Fix building with curl
+ Resolves: rhbz#1674637
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Tue Jul 31 2018 Florian Weimer <fweimer@redhat.com> - 0.16-8
+- Rebuild with fixed binutils
+
+* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Feb 20 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.16-6
+- Rebuild
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Wed Apr 05 2017 Radovan Sroka <rsroka@redhat.com> - 0.16-2
+- fixed upstream link
+
+* Tue Apr 04 2017 Radovan Sroka <rsroka@redhat.com> - 0.16-1
+- rebase to stable v0.16
+- specfile cleanup
+- make doc readable
+ resolves: #1421355
+- make aide binary runable for any user
+ resolves: #1421351
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.16-0.3.rc1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Tue Jul 12 2016 Tomas Sykora <tosykora@redhat.com> - 0.16-0.2.rc1
+- New upstream devel version
+
+* Mon Jun 20 2016 Tomas Sykora <tosykora@redhat.com> - 0.16-0.1.b1
+- New upstream devel version
+
+* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.15.1-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Sat Jul 25 2015 Till Maas <opensource@till.name> - 0.15.1-11
+- Remove prelink dependency because prelink was retired
+
+* Tue Jun 16 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.15.1-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Fri Aug 15 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.15.1-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Fri Jul 18 2014 Yaakov Selkowitz <yselkowi@redhat.com> - 0.15.1-8
+- Fix FTBFS with -Werror=format-security (#1036983, #1105942)
+- Avoid prelink BR on aarch64, ppc64le (#924977, #1078476)
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.15.1-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.15.1-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.15.1-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Thu Nov 22 2012 Daniel Kopecek <dkopecek@redhat.com> - 0.15.1-4
+- added patch to fix aide in FIPS mode
+- use only FIPS approved digest algorithms in aide.conf so that
+ aide works by default in FIPS mode
+
+* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.15.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.15.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Thu Nov 11 2010 Steve Grubb <sgrubb@redhat.com> - 0.15.1-1
+- New upstream release
+
+* Tue May 18 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-5
+- Apply 2 upstream bug fixes
+
+* Tue May 18 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-4
+- Use upstream's patch to fix bz 590566
+
+* Sat May 15 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-3
+- Fix bz 590561 aide does not detect the change of SElinux context
+- Fix bz 590566 aide reports a changed file when it has not been changed
+
+* Wed Apr 28 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-2
+- Fix bz 574764 by replacing abort calls with exit
+- Apply libgcrypt init patch
+
+* Tue Mar 16 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-1
+- New upstream release final 0.14
+
+* Thu Feb 25 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-0.4.rc3
+- New upstream release
+
+* Thu Feb 25 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-0.3.rc2
+- New upstream release
+
+* Tue Feb 23 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-0.2.rc1
+- Fix dirent detection on 64bit systems
+
+* Mon Feb 22 2010 Steve Grubb <sgrubb@redhat.com> - 0.14-0.1.rc1
+- New upstream release
+
+* Fri Feb 19 2010 Steve Grubb <sgrubb@redhat.com> - 0.13.1-16
+- Add logrotate script and spec file cleanups
+
+* Fri Dec 11 2009 Steve Grubb <sgrubb@redhat.com> - 0.13.1-15
+- Get rid of .dedosify files
+
+* Wed Dec 09 2009 Steve Grubb <sgrubb@redhat.com> - 0.13.1-14
+- Revise patch for Initialize libgcrypt correctly (#530485)
+
+* Sat Nov 07 2009 Steve Grubb <sgrubb@redhat.com> - 0.13.1-13
+- Initialize libgcrypt correctly (#530485)
+
+* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 0.13.1-12
+- rebuilt with new audit
+
+* Wed Aug 19 2009 Steve Grubb <sgrubb@redhat.com> 0.13.1-11
+- rebuild for new audit-libs
+- Correct regex for root's dot files (#509370)
+
+* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.1-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Mon Jun 08 2009 Steve Grubb <sgrubb@redhat.com> - 0.13.1-9
+- Make aide smarter about prelinked files (Peter Vrabec)
+- Add /lib64 to default config
+
+* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.1-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Fri Jan 30 2009 Steve Grubb <sgrubb@redhat.com> - 0.13.1-6
+- enable xattr support and update config file
+
+* Fri Sep 26 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.13.1-5
+- fix selcon patch to apply without fuzz
+
+* Fri Feb 15 2008 Steve Conklin <sconklin@redhat.com>
+- rebuild for gcc4.3
+
+* Tue Aug 21 2007 Michael Schwendt <mschwendt[AT]users.sf.net>
+- rebuilt
+
+* Sun Jul 22 2007 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.13.1-2
+- Apply Steve Conklin's patch to increase displayed portion of
+ selinux context.
+
+* Sun Dec 17 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.13.1-1
+- Update to 0.13.1 release.
+
+* Sun Dec 10 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.13-1
+- Update to 0.13 release.
+- Include default aide.conf from RHEL5 as doc example file.
+
+* Sun Oct 29 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.12-3.20061027cvs
+- CAUTION! This changes the database format and results in a report of
+ false inconsistencies until an old database file is updated.
+- Check out CVS 20061027 which now contains Red Hat's
+ acl/xattr/selinux/audit patches.
+- Patches merged upstream.
+- Update manual page substitutions.
+
+* Mon Oct 23 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.12-2
+- Add "memory leaks and performance updates" patch as posted
+ to aide-devel by Steve Grubb.
+
+* Sat Oct 07 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.12-1
+- Update to 0.12 release.
+- now offers --disable-static, so -no-static patch is obsolete
+- fill last element of getopt struct array with zeroes
+
+* Mon Oct 02 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.11-3
+- rebuilt
+
+* Mon Sep 11 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.11-2
+- rebuilt
+
+* Sun Feb 19 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.11-1
+- Update to 0.11 release.
+- useless-includes patch merged upstream.
+- old Russian man pages not available anymore.
+- disable static linking.
+
+* Thu Apr 7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
+- rebuilt
+
+* Fri Nov 28 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.10-0.fdr.1
+- Update to 0.10 release.
+- memleaks patch merged upstream.
+- rootpath patch merged upstream.
+- fstat patch not needed anymore.
+- Updated URL.
+
+* Thu Nov 13 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.10-0.fdr.0.2.cvs20031104
+- Added buildreq m4 to work around incomplete deps of bison package.
+
+* Tue Nov 04 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.10-0.fdr.0.1.cvs20031104
+- Only tar.gz available upstream.
+- byacc not needed when bison -y is available.
+- Installed Russian manual pages.
+- Updated with changes from CVS (2003-11-04).
+- getopt patch merged upstream.
+- bison-1.35 patch incorporated upstream.
+
+* Tue Sep 09 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.9-0.fdr.0.2.20030902
+- Added fixes for further memleaks.
+
+* Sun Sep 07 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.9-0.fdr.0.1.20030902
+- Initial package version.