diff --git a/SOURCES/sysstat-12.5.4-CVE-2023-33204.patch b/SOURCES/sysstat-12.5.4-CVE-2023-33204.patch index c5afb4e..1f2f862 100644 --- a/SOURCES/sysstat-12.5.4-CVE-2023-33204.patch +++ b/SOURCES/sysstat-12.5.4-CVE-2023-33204.patch @@ -1,23 +1,36 @@ -From 954ff2e2673cef48f0ed44668c466eab041db387 Mon Sep 17 00:00:00 2001 -From: Pavel Kopylov -Date: Wed, 17 May 2023 11:33:45 +0200 -Subject: [PATCH] Fix an overflow which is still possible for some values. +From commit 6f8dc568e6ab072bb8205b732f04e685bf9237c0 +From: Sebastien GODARD +Date: Wed, May 17 21:10:31 2023 +0200 +Subject: Merge branch 'pkopylov-master' + +Signed-off-by: Sebastien GODARD + diff --git a/common.c b/common.c -index 583a0ca..6d73b1b 100644 +index 48493b5f..0efe7ee3 100644 --- a/common.c +++ b/common.c -@@ -1639,9 +1639,11 @@ int parse_values(char *strargv, unsigned char bitmap[], int max_val, const char - */ - void check_overflow(size_t val1, size_t val2, size_t val3) +@@ -431,15 +431,17 @@ int check_dir(char *dirname) + void check_overflow(unsigned int val1, unsigned int val2, + unsigned int val3) { -- if ((unsigned long long) val1 * -- (unsigned long long) val2 * +- if ((unsigned long long) val1 * (unsigned long long) val2 * - (unsigned long long) val3 > UINT_MAX) { -+if ((val1 != 0) && (val2 != 0) && (val3 != 0) && -+ (((unsigned long long)UINT_MAX / (unsigned long long)val1 < -+ (unsigned long long)val2) || -+ ((unsigned long long)UINT_MAX / ((unsigned long long)val1 * -+ (unsigned long long)val2) < (unsigned long long)val3))) { ++ if ((val1 != 0) && (val2 != 0) && (val3 != 0) && ++ (((unsigned long long) UINT_MAX / (unsigned long long) val1 < ++ (unsigned long long) val2) || ++ ((unsigned long long) UINT_MAX / ((unsigned long long) val1 * (unsigned long long) val2) < ++ (unsigned long long) val3))) { #ifdef DEBUG - fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n", - __FUNCTION__, +- fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n", +- __FUNCTION__, (unsigned long long) val1 * (unsigned long long) val2 * +- (unsigned long long) val3); ++ fprintf(stderr, "%s: Overflow detected (%u,%u,%u). Aborting...\n", ++ __FUNCTION__, val1, val2, val3); + #endif +- exit(4); +- } ++ exit(4); ++ } + } + + #ifndef SOURCE_SADC diff --git a/SOURCES/sysstat-12.5.4-RHEL-35684.patch b/SOURCES/sysstat-12.5.4-RHEL-35684.patch new file mode 100644 index 0000000..cd930ad --- /dev/null +++ b/SOURCES/sysstat-12.5.4-RHEL-35684.patch @@ -0,0 +1,235 @@ +From c9a11d35df4aecfcf22aef827bac6cd57def9d4e Mon Sep 17 00:00:00 2001 +From: Sebastien GODARD +Date: Sun, 23 Oct 2022 16:22:28 +0200 +Subject: [PATCH] Add more overflow checks + +Signed-off-by: Sebastien GODARD +--- + common.c | 45 +++++++++++++++++++++------------------------ + common.h | 4 ++-- + sa_common.c | 9 +++++++-- + sadc.c | 6 ++++++ + 4 files changed, 36 insertions(+), 28 deletions(-) + +diff --git a/common.c b/common.c +index 1a84b052..27249772 100644 +--- a/common.c ++++ b/common.c +@@ -415,6 +415,27 @@ int check_dir(char *dirname) + return 0; + } + ++/* ++ * ************************************************************************** ++ * Check if the multiplication of the 3 values may be greater than UINT_MAX. ++ * ++ * IN: ++ * @val1 First value. ++ * @val2 Second value. ++ * @val3 Third value. ++ *************************************************************************** ++ */ ++void check_overflow(unsigned long long val1, unsigned long long val2, ++ unsigned long long val3) ++{ ++ if (val1 * val2 * val3 > UINT_MAX) { ++#ifdef DEBUG ++ fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n", ++ __FUNCTION__, val1 * val2 * val3); ++#endif ++ exit(4); ++ } ++} + + #ifndef SOURCE_SADC + /* +@@ -1656,28 +1677,4 @@ int parse_values(char *strargv, unsigned char bitmap[], int max_val, const char + return 0; + } + +-/* +- *************************************************************************** +- * Check if the multiplication of the 3 values may be greater than UINT_MAX. +- * +- * IN: +- * @val1 First value. +- * @val2 Second value. +- * @val3 Third value. +- *************************************************************************** +- */ +-void check_overflow(size_t val1, size_t val2, size_t val3) +-{ +- if ((unsigned long long) val1 * +- (unsigned long long) val2 * +- (unsigned long long) val3 > UINT_MAX) { +-#ifdef DEBUG +- fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n", +- __FUNCTION__, +- (unsigned long long) val1 * (unsigned long long) val2 * (unsigned long long) val3); +-#endif +- exit(4); +- } +-} +- + #endif /* SOURCE_SADC undefined */ +diff --git a/common.h b/common.h +index e8ab98ab..715b2da2 100644 +--- a/common.h ++++ b/common.h +@@ -258,10 +258,10 @@ int get_wwnid_from_pretty + (char *, unsigned long long *, unsigned int *); + int check_dir + (char *); ++void check_overflow ++ (unsigned long long, unsigned long long, unsigned long long); + + #ifndef SOURCE_SADC +-void check_overflow +- (size_t, size_t, size_t); + int count_bits + (void *, int); + int count_csvalues +diff --git a/sa_common.c b/sa_common.c +index b2cec4ad..3460257a 100644 +--- a/sa_common.c ++++ b/sa_common.c +@@ -463,8 +463,9 @@ void allocate_structures(struct activity *act[]) + if (act[i]->nr_ini > 0) { + + /* Look for a possible overflow */ +- check_overflow((size_t) act[i]->msize, (size_t) act[i]->nr_ini, +- (size_t) act[i]->nr2); ++ check_overflow((unsigned long long) act[i]->msize, ++ (unsigned long long) act[i]->nr_ini, ++ (unsigned long long) act[i]->nr2); + + for (j = 0; j < 3; j++) { + SREALLOC(act[i]->buf[j], void, +@@ -529,6 +530,10 @@ void reallocate_all_buffers(struct activity *a, __nr_t nr_min) + while (nr_realloc < nr_min); + } + ++ /* Look for a possible overflow */ ++ check_overflow((unsigned long long) a->msize, nr_realloc, ++ (unsigned long long) a->nr2); ++ + for (j = 0; j < 3; j++) { + SREALLOC(a->buf[j], void, + (size_t) a->msize * nr_realloc * (size_t) a->nr2); +diff --git a/sadc.c b/sadc.c +index 3458d089..123bf8e0 100644 +--- a/sadc.c ++++ b/sadc.c +@@ -360,6 +360,12 @@ void sa_sys_init(void) + } + + if (IS_COLLECTED(act[i]->options) && (act[i]->nr_ini > 0)) { ++ ++ /* Look for a possible overflow */ ++ check_overflow((unsigned long long) act[i]->msize, ++ (unsigned long long) act[i]->nr_ini, ++ (unsigned long long) act[i]->nr2); ++ + /* Allocate structures for current activity (using nr_ini and nr2 results) */ + SREALLOC(act[i]->_buf0, void, + (size_t) act[i]->msize * (size_t) act[i]->nr_ini * (size_t) act[i]->nr2); + +From 44f1dc159242c1e434a3b836cda49f084c5a96cc Mon Sep 17 00:00:00 2001 +From: Sebastien GODARD +Date: Sun, 6 Nov 2022 15:48:16 +0100 +Subject: [PATCH] Make sure values to be compared are unsigned integers + +It seems safer to make sure that input values are unsigned int before +casting them to unsigned long long and making the comparison. + +Signed-off-by: Sebastien GODARD +--- + common.c | 10 ++++++---- + common.h | 2 +- + sa_common.c | 10 +++++----- + sadc.c | 6 +++--- + 4 files changed, 15 insertions(+), 13 deletions(-) + +diff --git a/common.c b/common.c +index 27249772..3b7fdcd5 100644 +--- a/common.c ++++ b/common.c +@@ -425,13 +425,15 @@ int check_dir(char *dirname) + * @val3 Third value. + *************************************************************************** + */ +-void check_overflow(unsigned long long val1, unsigned long long val2, +- unsigned long long val3) ++void check_overflow(unsigned int val1, unsigned int val2, ++ unsigned int val3) + { +- if (val1 * val2 * val3 > UINT_MAX) { ++ if ((unsigned long long) val1 * (unsigned long long) val2 * ++ (unsigned long long) val3 > UINT_MAX) { + #ifdef DEBUG + fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n", +- __FUNCTION__, val1 * val2 * val3); ++ __FUNCTION__, (unsigned long long) val1 * (unsigned long long) val2 * ++ (unsigned long long) val3); + #endif + exit(4); + } +diff --git a/common.h b/common.h +index 715b2da2..fc8a1a0d 100644 +--- a/common.h ++++ b/common.h +@@ -259,7 +259,7 @@ int get_wwnid_from_pretty + int check_dir + (char *); + void check_overflow +- (unsigned long long, unsigned long long, unsigned long long); ++ (unsigned int, unsigned int, unsigned int); + + #ifndef SOURCE_SADC + int count_bits +diff --git a/sa_common.c b/sa_common.c +index 3460257a..0ca8b039 100644 +--- a/sa_common.c ++++ b/sa_common.c +@@ -463,9 +463,9 @@ void allocate_structures(struct activity *act[]) + if (act[i]->nr_ini > 0) { + + /* Look for a possible overflow */ +- check_overflow((unsigned long long) act[i]->msize, +- (unsigned long long) act[i]->nr_ini, +- (unsigned long long) act[i]->nr2); ++ check_overflow((unsigned int) act[i]->msize, ++ (unsigned int) act[i]->nr_ini, ++ (unsigned int) act[i]->nr2); + + for (j = 0; j < 3; j++) { + SREALLOC(act[i]->buf[j], void, +@@ -531,8 +531,8 @@ void reallocate_all_buffers(struct activity *a, __nr_t nr_min) + } + + /* Look for a possible overflow */ +- check_overflow((unsigned long long) a->msize, nr_realloc, +- (unsigned long long) a->nr2); ++ check_overflow((unsigned int) a->msize, (unsigned int) nr_realloc, ++ (unsigned int) a->nr2); + + for (j = 0; j < 3; j++) { + SREALLOC(a->buf[j], void, +diff --git a/sadc.c b/sadc.c +index 123bf8e0..40a1e15b 100644 +--- a/sadc.c ++++ b/sadc.c +@@ -362,9 +362,9 @@ void sa_sys_init(void) + if (IS_COLLECTED(act[i]->options) && (act[i]->nr_ini > 0)) { + + /* Look for a possible overflow */ +- check_overflow((unsigned long long) act[i]->msize, +- (unsigned long long) act[i]->nr_ini, +- (unsigned long long) act[i]->nr2); ++ check_overflow((unsigned int) act[i]->msize, ++ (unsigned int) act[i]->nr_ini, ++ (unsigned int) act[i]->nr2); + + /* Allocate structures for current activity (using nr_ini and nr2 results) */ + SREALLOC(act[i]->_buf0, void, + diff --git a/SOURCES/sysstat-12.5.4-RHEL-39002.patch b/SOURCES/sysstat-12.5.4-RHEL-39002.patch new file mode 100644 index 0000000..feada5b --- /dev/null +++ b/SOURCES/sysstat-12.5.4-RHEL-39002.patch @@ -0,0 +1,218 @@ +From 808f2ef2fe7a92f8bb510ef872801e67cc600c36 Mon Sep 17 00:00:00 2001 +From: Sebastien GODARD +Date: Tue, 28 May 2024 10:36:27 +0200 +Subject: [PATCH] sadf: Don't cap SVG graph output at 100% (#388) + +Don't cap SVG graph output at 100% when values greater than 100% are +possible. Such a possibility exists for overcommited memory (displayed +as %commit with "sar -r"). + +Note: I don't think such other metrics exist. Tell me if I'm wrong. + +Signed-off-by: Sebastien GODARD + +Cherry-picked-by: Lukáš Zaoral +Upstream-commit: 808f2ef2fe7a92f8bb510ef872801e67cc600c36 +--- + svg_stats.c | 47 +++++++++++++++++++++++++---------------------- + 1 file changed, 25 insertions(+), 22 deletions(-) + +diff --git a/svg_stats.c b/svg_stats.c +index 821869d..7d136ad 100644 +--- a/svg_stats.c ++++ b/svg_stats.c +@@ -394,6 +394,7 @@ void lniappend(unsigned long long timetag, unsigned long long value, char **out, + * @outsize Size of array of chars for current graph definition. + * @dt Interval of time in seconds between current and previous + * sample. ++ * @hval TRUE if value may be greater than 100%. + * + * OUT: + * @out Pointer on array of chars for current graph definition that +@@ -403,7 +404,7 @@ void lniappend(unsigned long long timetag, unsigned long long value, char **out, + *************************************************************************** + */ + void brappend(unsigned long long timetag, double offset, double value, char **out, +- int *outsize, unsigned long long dt) ++ int *outsize, unsigned long long dt, int hval) + { + char data[128]; + unsigned long long t = 0; +@@ -413,15 +414,17 @@ void brappend(unsigned long long timetag, double offset, double value, char **ou + /* Don't draw a flat rectangle! */ + return; + if (dt < timetag) { +- t = timetag -dt; ++ t = timetag - dt; + } + + snprintf(data, 128, "", +- t, MINIMUM(offset, 100.0), MINIMUM(value, (100.0 - offset)), dt); ++ t, ++ hval ? offset : MINIMUM(offset, 100.0), ++ hval ? value : MINIMUM(value, (100.0 - offset)), ++ dt); + data[127] = '\0'; + + save_svg_data(data, out, outsize); +- + } + + /* +@@ -460,7 +463,7 @@ void cpuappend(unsigned long long timetag, double *offset, double value, char ** + *spmax = value; + } + /* Prepare additional graph definition data */ +- brappend(timetag, *offset, value, out, outsize, dt); ++ brappend(timetag, *offset, value, out, outsize, dt, FALSE); + + *offset += value; + } +@@ -1881,25 +1884,25 @@ __print_funct_t svg_print_memory_stats(struct activity *a, int curr, int action, + 0.0, + smc->tlmkb ? + SP_VALUE(nousedmem, smc->tlmkb, smc->tlmkb) : 0.0, +- out + 3, outsize + 3, svg_p->dt); ++ out + 3, outsize + 3, svg_p->dt, FALSE); + /* %commit */ + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, + (smc->tlmkb + smc->tlskb) ? + SP_VALUE(0, smc->comkb, smc->tlmkb + smc->tlskb) : 0.0, +- out + 7, outsize + 7, svg_p->dt); ++ out + 7, outsize + 7, svg_p->dt, TRUE); + /* %swpused */ + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, + smc->tlskb ? + SP_VALUE(smc->frskb, smc->tlskb, smc->tlskb) : 0.0, +- out + 19, outsize + 19, svg_p->dt); ++ out + 19, outsize + 19, svg_p->dt, FALSE); + /* %swpcad */ + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, + (smc->tlskb - smc->frskb) ? + SP_VALUE(0, smc->caskb, smc->tlskb - smc->frskb) : 0.0, +- out + 20, outsize + 20, svg_p->dt); ++ out + 20, outsize + 20, svg_p->dt, FALSE); + } + + if (action & F_END) { +@@ -2305,7 +2308,7 @@ __print_funct_t svg_print_disk_stats(struct activity *a, int curr, int action, s + /* %util */ + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, xds.util / 10.0, +- out + pos + 7, outsize + pos + 7, svg_p->dt); ++ out + pos + 7, outsize + pos + 7, svg_p->dt, FALSE); + } + + /* Mark devices not seen here as now unregistered */ +@@ -2514,7 +2517,7 @@ __print_funct_t svg_print_net_dev_stats(struct activity *a, int curr, int action + /* %ifutil */ + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, ifutil, +- out + pos + 7, outsize + pos + 7, svg_p->dt); ++ out + pos + 7, outsize + pos + 7, svg_p->dt, FALSE); + } + + /* Mark interfaces not seen here as now unregistered */ +@@ -4492,7 +4495,7 @@ __print_funct_t svg_print_pwr_temp_stats(struct activity *a, int curr, int actio + /* %temp */ + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, tval, +- out + TEMP_ARRAY_SZ * i + 1, outsize + TEMP_ARRAY_SZ * i + 1, svg_p->dt); ++ out + TEMP_ARRAY_SZ * i + 1, outsize + TEMP_ARRAY_SZ * i + 1, svg_p->dt, FALSE); + } + } + +@@ -4592,7 +4595,7 @@ __print_funct_t svg_print_pwr_in_stats(struct activity *a, int curr, int action, + /* %in */ + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, tval, +- out + IN_ARRAY_SZ * i + 1, outsize + IN_ARRAY_SZ * i + 1, svg_p->dt); ++ out + IN_ARRAY_SZ * i + 1, outsize + IN_ARRAY_SZ * i + 1, svg_p->dt, FALSE); + } + } + +@@ -4701,7 +4704,7 @@ __print_funct_t svg_print_huge_stats(struct activity *a, int curr, int action, s + /* %hugused */ + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, tval, +- out + 4, outsize + 4, svg_p->dt); ++ out + 4, outsize + 4, svg_p->dt, FALSE); + } + + if (action & F_END) { +@@ -4894,13 +4897,13 @@ __print_funct_t svg_print_filesystem_stats(struct activity *a, int curr, int act + 0.0, + sfc->f_blocks ? + SP_VALUE(sfc->f_bavail, sfc->f_blocks, sfc->f_blocks) : 0.0, +- out + pos + 2, outsize + pos + 2, svg_p->dt); ++ out + pos + 2, outsize + pos + 2, svg_p->dt, FALSE); + /* %fsused */ + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, + sfc->f_blocks ? + SP_VALUE(sfc->f_bfree, sfc->f_blocks, sfc->f_blocks) : 0.0, +- out + pos + 3, outsize + pos + 3, svg_p->dt); ++ out + pos + 3, outsize + pos + 3, svg_p->dt, FALSE); + /* Ifree */ + lnappend(record_hdr->ust_time - svg_p->ust_time_ref, + ((double) sfc->f_ffree) / 1000, +@@ -4914,7 +4917,7 @@ __print_funct_t svg_print_filesystem_stats(struct activity *a, int curr, int act + 0.0, + sfc->f_files ? + SP_VALUE(sfc->f_ffree, sfc->f_files, sfc->f_files) : 0.0, +- out + pos + 6, outsize + pos + 6, svg_p->dt); ++ out + pos + 6, outsize + pos + 6, svg_p->dt, FALSE); + } + } + +@@ -5364,7 +5367,7 @@ __print_funct_t svg_print_psicpu_stats(struct activity *a, int curr, int action, + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, + ((double) psic->some_cpu_total - psip->some_cpu_total) / (100 * itv), +- out + 3, outsize + 3, svg_p->dt); ++ out + 3, outsize + 3, svg_p->dt, FALSE); + } + + if (action & F_END) { +@@ -5494,7 +5497,7 @@ __print_funct_t svg_print_psiio_stats(struct activity *a, int curr, int action, + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, + ((double) psic->some_io_total - psip->some_io_total) / (100 * itv), +- out + 3, outsize + 3, svg_p->dt); ++ out + 3, outsize + 3, svg_p->dt, FALSE); + + /* %fio-10 */ + lnappend(record_hdr->ust_time - svg_p->ust_time_ref, +@@ -5512,7 +5515,7 @@ __print_funct_t svg_print_psiio_stats(struct activity *a, int curr, int action, + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, + ((double) psic->full_io_total - psip->full_io_total) / (100 * itv), +- out + 7, outsize + 7, svg_p->dt); ++ out + 7, outsize + 7, svg_p->dt, FALSE); + } + + if (action & F_END) { +@@ -5646,7 +5649,7 @@ __print_funct_t svg_print_psimem_stats(struct activity *a, int curr, int action, + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, + ((double) psic->some_mem_total - psip->some_mem_total) / (100 * itv), +- out + 3, outsize + 3, svg_p->dt); ++ out + 3, outsize + 3, svg_p->dt, FALSE); + + /* %fmem-10 */ + lnappend(record_hdr->ust_time - svg_p->ust_time_ref, +@@ -5664,7 +5667,7 @@ __print_funct_t svg_print_psimem_stats(struct activity *a, int curr, int action, + brappend(record_hdr->ust_time - svg_p->ust_time_ref, + 0.0, + ((double) psic->full_mem_total - psip->full_mem_total) / (100 * itv), +- out + 7, outsize + 7, svg_p->dt); ++ out + 7, outsize + 7, svg_p->dt, FALSE); + } + + if (action & F_END) { +-- +2.45.2 + diff --git a/SPECS/sysstat.spec b/SPECS/sysstat.spec index 3c1a4c0..4332b75 100644 --- a/SPECS/sysstat.spec +++ b/SPECS/sysstat.spec @@ -1,7 +1,7 @@ Summary: Collection of performance monitoring tools for Linux Name: sysstat Version: 12.5.4 -Release: 7%{?dist} +Release: 9%{?dist} License: GPLv2+ URL: http://sebastien.godard.pagesperso-orange.fr/ Source: https://github.com/sysstat/sysstat/archive/v%{version}.tar.gz @@ -14,10 +14,18 @@ Source2: colorsysstat.sh Patch1: sysstat-12.5.4-CVE-2022-39377.patch # {cifsio,io,mp,pid}stat --dec and sar --dec report values from single alphabet other than defined (bz2080650) Patch2: sysstat-12.5.4-bz2080650.patch +# fix allocation errors with malformed sa files (RHEL-35684) +# https://github.com/sysstat/sysstat/commit/c9a11d35df4aecfcf22aef827bac6cd57def9d4e +# https://github.com/sysstat/sysstat/commit/44f1dc159242c1e434a3b836cda49f084c5a96cc +Patch3: sysstat-12.5.4-RHEL-35684.patch # check_overflow() function can work incorrectly that lead to an overflow (CVE-2023-33204) -Patch3: sysstat-12.5.4-CVE-2023-33204.patch +# https://github.com/sysstat/sysstat/commit/6f8dc568e6ab072bb8205b732f04e685bf9237c0 +Patch4: sysstat-12.5.4-CVE-2023-33204.patch # add description of UMASK to man/systat.in (bz2216805) -Patch4: sysstat-12.5.4-bz2216805.patch +Patch5: sysstat-12.5.4-bz2216805.patch +# don't cap SVG graph output at 100% (RHEL-39002) +# https://github.com/sysstat/sysstat/commit/808f2ef2fe7a92f8bb510ef872801e67cc600c36 +Patch6: sysstat-12.5.4-RHEL-39002.patch BuildRequires: make BuildRequires: gcc, gettext, lm_sensors-devel, pcp-libs-devel, systemd, git @@ -95,6 +103,13 @@ fi %{_localstatedir}/log/sa %changelog +* Tue Jul 30 2024 Lukáš Zaoral - 12.5.4-9 +- don't cap SVG graph output at 100% (RHEL-39002) + +* Tue May 07 2024 Lukáš Zaoral - 12.5.4-8 +- fix allocation errors with malformed sa files (RHEL-35684) +- reorder patches to prevent errors during their application + * Thu Jul 27 2023 Lukáš Zaoral - 12.5.4-7 - add description of UMASK to man/systat.in (rhbz#2216805)