10 changed files with 565 additions and 100 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/v12.7.6.tar.gz
+SOURCES/v12.5.4.tar.gz
--- a/.sysstat.metadata
+++ b/.sysstat.metadata
@ -1 +1 @@
-b99740d71e9fe6c4bf20182f0c27dff4659f5ce2 SOURCES/v12.7.6.tar.gz
+597196f8f2be7a8960bec880c18eec875b27ff73 SOURCES/v12.5.4.tar.gz
--- a/SOURCES/colorsysstat.csh
+++ b/SOURCES/colorsysstat.csh
@ -0,0 +1,2 @@
 # Color sysstat output
 if ( "$?S_COLORS" == 0 ) setenv S_COLORS auto
--- a/SOURCES/colorsysstat.sh
+++ b/SOURCES/colorsysstat.sh
@ -0,0 +1,2 @@
 # Color sysstat output
 export S_COLORS=${S_COLORS-auto}
--- a/SOURCES/sysstat-12.5.4-CVE-2022-39377.patch
+++ b/SOURCES/sysstat-12.5.4-CVE-2022-39377.patch
@ -0,0 +1,85 @@
 From 9c4eaf150662ad40607923389d4519bc83b93540 Mon Sep 17 00:00:00 2001
 From: Sebastien <seb@fedora-2.home>
 Date: Sat, 15 Oct 2022 14:24:22 +0200
 Subject: [PATCH] Fix size_t overflow in sa_common.c (GHSL-2022-074)
 allocate_structures function located in sa_common.c insufficiently
 checks bounds before arithmetic multiplication allowing for an
 overflow in the size allocated for the buffer representing system
 activities.
 This patch checks that the post-multiplied value is not greater than
 UINT_MAX.
 Signed-off-by: Sebastien <seb@fedora-2.home>
 ---
 common.c    | 25 +++++++++++++++++++++++++
 common.h    |  2 ++
 sa_common.c |  6 ++++++
 3 files changed, 33 insertions(+)
 diff --git a/common.c b/common.c
 index 81c77624..1a84b052 100644
 --- a/common.c
 +++ b/common.c
@@ -1655,4 +1655,29 @@ int parse_values(char *strargv, unsigned char bitmap[], int max_val, const char
 	return 0;
 }
 +
 +/*
 + ***************************************************************************
 + * Check if the multiplication of the 3 values may be greater than UINT_MAX.
 + *
 + * IN:
 + * @val1	First value.
 + * @val2	Second value.
 + * @val3	Third value.
 + ***************************************************************************
 + */
 +void check_overflow(size_t val1, size_t val2, size_t val3)
 +{
 +	if ((unsigned long long) val1 *
 +	    (unsigned long long) val2 *
 +	    (unsigned long long) val3 > UINT_MAX) {
 +#ifdef DEBUG
 +		fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
 +			__FUNCTION__,
 +			(unsigned long long) val1 * (unsigned long long) val2 *	(unsigned long long) val3);
 +#endif
 +	exit(4);
 +	}
 +}
 +
 #endif /* SOURCE_SADC undefined */
 diff --git a/common.h b/common.h
 index 55b6657d..e8ab98ab 100644
 --- a/common.h
 +++ b/common.h
@@ -260,6 +260,8 @@ int check_dir
 	(char *);
 #ifndef SOURCE_SADC
 +void check_overflow
 +	(size_t, size_t, size_t);
 int count_bits
 	(void *, int);
 int count_csvalues
 diff --git a/sa_common.c b/sa_common.c
 index 3699a840..b2cec4ad 100644
 --- a/sa_common.c
 +++ b/sa_common.c
@@ -459,7 +459,13 @@ void allocate_structures(struct activity *act[])
 	int i, j;
 	for (i = 0; i < NR_ACT; i++) {
 +
 		if (act[i]->nr_ini > 0) {
 +
 +			/* Look for a possible overflow */
 +			check_overflow((size_t) act[i]->msize, (size_t) act[i]->nr_ini,
 +				       (size_t) act[i]->nr2);
 +
 			for (j = 0; j < 3; j++) {
 				SREALLOC(act[i]->buf[j], void,
 						(size_t) act[i]->msize * (size_t) act[i]->nr_ini * (size_t) act[i]->nr2);
--- a/SOURCES/sysstat-12.5.4-CVE-2023-33204.patch
+++ b/SOURCES/sysstat-12.5.4-CVE-2023-33204.patch
@ -0,0 +1,36 @@
 From commit 6f8dc568e6ab072bb8205b732f04e685bf9237c0
 From: Sebastien GODARD <sysstat@users.noreply.github.com>
 Date: Wed, May 17 21:10:31 2023 +0200
 Subject: Merge branch 'pkopylov-master'
 Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
 diff --git a/common.c b/common.c
 index 48493b5f..0efe7ee3 100644
 --- a/common.c
 +++ b/common.c
@@ -431,15 +431,17 @@ int check_dir(char *dirname)
 void check_overflow(unsigned int val1, unsigned int val2,
 		    unsigned int val3)
 {
 -	if ((unsigned long long) val1 * (unsigned long long) val2 *
 -	    (unsigned long long) val3 > UINT_MAX) {
 +	if ((val1 != 0) && (val2 != 0) && (val3 != 0) &&
 +	    (((unsigned long long) UINT_MAX / (unsigned long long) val1 <
 +	      (unsigned long long) val2) ||
 +	     ((unsigned long long) UINT_MAX / ((unsigned long long) val1 * (unsigned long long) val2) <
 +	      (unsigned long long) val3))) {
 #ifdef DEBUG
 -		fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
 -			__FUNCTION__, (unsigned long long) val1 * (unsigned long long) val2 *
 -			(unsigned long long) val3);
 +		fprintf(stderr, "%s: Overflow detected (%u,%u,%u). Aborting...\n",
 +			__FUNCTION__, val1, val2, val3);
 #endif
 -	exit(4);
 -		}
 +		exit(4);
 +	}
 }
 #ifndef SOURCE_SADC
--- a/SOURCES/sysstat-12.5.4-RHEL-35684.patch
+++ b/SOURCES/sysstat-12.5.4-RHEL-35684.patch
@ -0,0 +1,235 @@
 From c9a11d35df4aecfcf22aef827bac6cd57def9d4e Mon Sep 17 00:00:00 2001
 From: Sebastien GODARD <sysstat@users.noreply.github.com>
 Date: Sun, 23 Oct 2022 16:22:28 +0200
 Subject: [PATCH] Add more overflow checks
 Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
 ---
 common.c    | 45 +++++++++++++++++++++------------------------
 common.h    |  4 ++--
 sa_common.c |  9 +++++++--
 sadc.c      |  6 ++++++
 4 files changed, 36 insertions(+), 28 deletions(-)
 diff --git a/common.c b/common.c
 index 1a84b052..27249772 100644
 --- a/common.c
 +++ b/common.c
@@ -415,6 +415,27 @@ int check_dir(char *dirname)
 	return 0;
 }
 +/*
 + * **************************************************************************
 + * Check if the multiplication of the 3 values may be greater than UINT_MAX.
 + *
 + * IN:
 + * @val1	First value.
 + * @val2	Second value.
 + * @val3	Third value.
 + ***************************************************************************
 + */
 +void check_overflow(unsigned long long val1, unsigned long long val2,
 +		    unsigned long long val3)
 +{
 +	if (val1 * val2 * val3 > UINT_MAX) {
 +#ifdef DEBUG
 +		fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
 +			__FUNCTION__, val1 * val2 * val3);
 +#endif
 +	exit(4);
 +		}
 +}
 #ifndef SOURCE_SADC
 /*
@@ -1656,28 +1677,4 @@ int parse_values(char *strargv, unsigned char bitmap[], int max_val, const char
 	return 0;
 }
 -/*
 - ***************************************************************************
 - * Check if the multiplication of the 3 values may be greater than UINT_MAX.
 - *
 - * IN:
 - * @val1	First value.
 - * @val2	Second value.
 - * @val3	Third value.
 - ***************************************************************************
 - */
 -void check_overflow(size_t val1, size_t val2, size_t val3)
 -{
 -	if ((unsigned long long) val1 *
 -	    (unsigned long long) val2 *
 -	    (unsigned long long) val3 > UINT_MAX) {
 -#ifdef DEBUG
 -		fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
 -			__FUNCTION__,
 -			(unsigned long long) val1 * (unsigned long long) val2 *	(unsigned long long) val3);
 -#endif
 -	exit(4);
 -	}
 -}
 -
 #endif /* SOURCE_SADC undefined */
 diff --git a/common.h b/common.h
 index e8ab98ab..715b2da2 100644
 --- a/common.h
 +++ b/common.h
@@ -258,10 +258,10 @@ int get_wwnid_from_pretty
 	(char *, unsigned long long *, unsigned int *);
 int check_dir
 	(char *);
 +void check_overflow
 +	(unsigned long long, unsigned long long, unsigned long long);
 #ifndef SOURCE_SADC
 -void check_overflow
 -	(size_t, size_t, size_t);
 int count_bits
 	(void *, int);
 int count_csvalues
 diff --git a/sa_common.c b/sa_common.c
 index b2cec4ad..3460257a 100644
 --- a/sa_common.c
 +++ b/sa_common.c
@@ -463,8 +463,9 @@ void allocate_structures(struct activity *act[])
 		if (act[i]->nr_ini > 0) {
 			/* Look for a possible overflow */
 -			check_overflow((size_t) act[i]->msize, (size_t) act[i]->nr_ini,
 -				       (size_t) act[i]->nr2);
 +			check_overflow((unsigned long long) act[i]->msize,
 +				       (unsigned long long) act[i]->nr_ini,
 +				       (unsigned long long) act[i]->nr2);
 			for (j = 0; j < 3; j++) {
 				SREALLOC(act[i]->buf[j], void,
@@ -529,6 +530,10 @@ void reallocate_all_buffers(struct activity *a, __nr_t nr_min)
 		while (nr_realloc < nr_min);
 	}
 +	/* Look for a possible overflow */
 +	check_overflow((unsigned long long) a->msize, nr_realloc,
 +		       (unsigned long long) a->nr2);
 +
 	for (j = 0; j < 3; j++) {
 		SREALLOC(a->buf[j], void,
 			(size_t) a->msize * nr_realloc * (size_t) a->nr2);
 diff --git a/sadc.c b/sadc.c
 index 3458d089..123bf8e0 100644
 --- a/sadc.c
 +++ b/sadc.c
@@ -360,6 +360,12 @@ void sa_sys_init(void)
 		}
 		if (IS_COLLECTED(act[i]->options) && (act[i]->nr_ini > 0)) {
 +
 +			/* Look for a possible overflow */
 +			check_overflow((unsigned long long) act[i]->msize,
 +				       (unsigned long long) act[i]->nr_ini,
 +				       (unsigned long long) act[i]->nr2);
 +
 			/* Allocate structures for current activity (using nr_ini and nr2 results) */
 			SREALLOC(act[i]->_buf0, void,
 				 (size_t) act[i]->msize * (size_t) act[i]->nr_ini * (size_t) act[i]->nr2);
 From 44f1dc159242c1e434a3b836cda49f084c5a96cc Mon Sep 17 00:00:00 2001
 From: Sebastien GODARD <sysstat@users.noreply.github.com>
 Date: Sun, 6 Nov 2022 15:48:16 +0100
 Subject: [PATCH] Make sure values to be compared are unsigned integers
 It seems safer to make sure that input values are unsigned int before
 casting them to unsigned long long and making the comparison.
 Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
 ---
 common.c    | 10 ++++++----
 common.h    |  2 +-
 sa_common.c | 10 +++++-----
 sadc.c      |  6 +++---
 4 files changed, 15 insertions(+), 13 deletions(-)
 diff --git a/common.c b/common.c
 index 27249772..3b7fdcd5 100644
 --- a/common.c
 +++ b/common.c
@@ -425,13 +425,15 @@ int check_dir(char *dirname)
  * @val3	Third value.
  ***************************************************************************
  */
 -void check_overflow(unsigned long long val1, unsigned long long val2,
 -		    unsigned long long val3)
 +void check_overflow(unsigned int val1, unsigned int val2,
 +		    unsigned int val3)
 {
 -	if (val1 * val2 * val3 > UINT_MAX) {
 +	if ((unsigned long long) val1 * (unsigned long long) val2 *
 +	    (unsigned long long) val3 > UINT_MAX) {
 #ifdef DEBUG
 		fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
 -			__FUNCTION__, val1 * val2 * val3);
 +			__FUNCTION__, (unsigned long long) val1 * (unsigned long long) val2 *
 +			(unsigned long long) val3);
 #endif
 	exit(4);
 		}
 diff --git a/common.h b/common.h
 index 715b2da2..fc8a1a0d 100644
 --- a/common.h
 +++ b/common.h
@@ -259,7 +259,7 @@ int get_wwnid_from_pretty
 int check_dir
 	(char *);
 void check_overflow
 -	(unsigned long long, unsigned long long, unsigned long long);
 +	(unsigned int, unsigned int, unsigned int);
 #ifndef SOURCE_SADC
 int count_bits
 diff --git a/sa_common.c b/sa_common.c
 index 3460257a..0ca8b039 100644
 --- a/sa_common.c
 +++ b/sa_common.c
@@ -463,9 +463,9 @@ void allocate_structures(struct activity *act[])
 		if (act[i]->nr_ini > 0) {
 			/* Look for a possible overflow */
 -			check_overflow((unsigned long long) act[i]->msize,
 -				       (unsigned long long) act[i]->nr_ini,
 -				       (unsigned long long) act[i]->nr2);
 +			check_overflow((unsigned int) act[i]->msize,
 +				       (unsigned int) act[i]->nr_ini,
 +				       (unsigned int) act[i]->nr2);
 			for (j = 0; j < 3; j++) {
 				SREALLOC(act[i]->buf[j], void,
@@ -531,8 +531,8 @@ void reallocate_all_buffers(struct activity *a, __nr_t nr_min)
 	}
 	/* Look for a possible overflow */
 -	check_overflow((unsigned long long) a->msize, nr_realloc,
 -		       (unsigned long long) a->nr2);
 +	check_overflow((unsigned int) a->msize, (unsigned int) nr_realloc,
 +		       (unsigned int) a->nr2);
 	for (j = 0; j < 3; j++) {
 		SREALLOC(a->buf[j], void,
 diff --git a/sadc.c b/sadc.c
 index 123bf8e0..40a1e15b 100644
 --- a/sadc.c
 +++ b/sadc.c
@@ -362,9 +362,9 @@ void sa_sys_init(void)
 		if (IS_COLLECTED(act[i]->options) && (act[i]->nr_ini > 0)) {
 			/* Look for a possible overflow */
 -			check_overflow((unsigned long long) act[i]->msize,
 -				       (unsigned long long) act[i]->nr_ini,
 -				       (unsigned long long) act[i]->nr2);
 +			check_overflow((unsigned int) act[i]->msize,
 +				       (unsigned int) act[i]->nr_ini,
 +				       (unsigned int) act[i]->nr2);
 			/* Allocate structures for current activity (using nr_ini and nr2 results) */
 			SREALLOC(act[i]->_buf0, void,
--- a/SOURCES/sysstat-12.5.4-bz2080650.patch
+++ b/SOURCES/sysstat-12.5.4-bz2080650.patch
@ -0,0 +1,112 @@
 From 398585bfe7b1340d41143f50dfc868ef8ab9a5e4 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= <lzaoral@redhat.com>
 Date: Tue, 21 Feb 2023 12:43:42 +0100
 Subject: [PATCH] Tools that take --dec=X option should only accept digits
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Right now the argument of --dec is passed to atoi(3) which returns 0
 on conversion error.  Therefore, --dec=A was not rejected and was
 equivalent to --dec=0 by mistake.
 Signed-off-by: Lukáš Zaoral <lzaoral@redhat.com>
 ---
 cifsiostat.c | 5 +++++
 iostat.c     | 5 +++++
 mpstat.c     | 5 +++++
 pidstat.c    | 5 +++++
 sar.c        | 6 ++++++
 5 files changed, 26 insertions(+)
 diff --git a/cifsiostat.c b/cifsiostat.c
 index 375b1ff..849583b 100644
 --- a/cifsiostat.c
 +++ b/cifsiostat.c
@@ -522,6 +522,11 @@ int main(int argc, char **argv)
 		}
 		else if (!strncmp(argv[opt], "--dec=", 6) && (strlen(argv[opt]) == 7)) {
 +			/* Check that the argument is a digit */
 +			if (!isdigit(argv[opt][6])) {
 +				usage(argv[0]);
 +			}
 +
 			/* Get number of decimal places */
 			dplaces_nr = atoi(argv[opt] + 6);
 			if ((dplaces_nr < 0) || (dplaces_nr > 2)) {
 diff --git a/iostat.c b/iostat.c
 index 1d7ea3c..7ac56ef 100644
 --- a/iostat.c
 +++ b/iostat.c
@@ -2142,6 +2142,11 @@ int main(int argc, char **argv)
 #endif
 		else if (!strncmp(argv[opt], "--dec=", 6) && (strlen(argv[opt]) == 7)) {
 +			/* Check that the argument is a digit */
 +			if (!isdigit(argv[opt][6])) {
 +				usage(argv[0]);
 +			}
 +
 			/* Get number of decimal places */
 			dplaces_nr = atoi(argv[opt] + 6);
 			if ((dplaces_nr < 0) || (dplaces_nr > 2)) {
 diff --git a/mpstat.c b/mpstat.c
 index 90d6226..5045e45 100644
 --- a/mpstat.c
 +++ b/mpstat.c
@@ -2221,6 +2221,11 @@ int main(int argc, char **argv)
 	while (++opt < argc) {
 		if (!strncmp(argv[opt], "--dec=", 6) && (strlen(argv[opt]) == 7)) {
 +			/* Check that the argument is a digit */
 +			if (!isdigit(argv[opt][6])) {
 +				usage(argv[0]);
 +			}
 +
 			/* Get number of decimal places */
 			dplaces_nr = atoi(argv[opt] + 6);
 			if ((dplaces_nr < 0) || (dplaces_nr > 2)) {
 diff --git a/pidstat.c b/pidstat.c
 index 21fed6c..d550605 100644
 --- a/pidstat.c
 +++ b/pidstat.c
@@ -2633,6 +2633,11 @@ int main(int argc, char **argv)
 		}
 		else if (!strncmp(argv[opt], "--dec=", 6) && (strlen(argv[opt]) == 7)) {
 +			/* Check that the argument is a digit */
 +			if (!isdigit(argv[opt][6])) {
 +				usage(argv[0]);
 +			}
 +
 			/* Get number of decimal places */
 			dplaces_nr = atoi(argv[opt] + 6);
 			if ((dplaces_nr < 0) || (dplaces_nr > 2)) {
 diff --git a/sar.c b/sar.c
 index 4f06172..7691793 100644
 --- a/sar.c
 +++ b/sar.c
@@ -28,6 +28,7 @@
 #include <errno.h>
 #include <signal.h>
 #include <sys/stat.h>
 +#include <ctype.h>
 #include "version.h"
 #include "sa.h"
@@ -1372,6 +1373,11 @@ int main(int argc, char **argv)
 		}
 		else if (!strncmp(argv[opt], "--dec=", 6) && (strlen(argv[opt]) == 7)) {
 +			/* Check that the argument is a digit */
 +			if (!isdigit(argv[opt][6])) {
 +				usage(argv[0]);
 +			}
 +
 			/* Get number of decimal places */
 			dplaces_nr = atoi(argv[opt] + 6);
 			if ((dplaces_nr < 0) || (dplaces_nr > 2)) {
 -- 
 2.39.2
--- a/SOURCES/sysstat-12.5.4-bz2216805.patch
+++ b/SOURCES/sysstat-12.5.4-bz2216805.patch
@ -0,0 +1,34 @@
 From 370ad59826c2320288a1999ef9038e2a2655b8a0 Mon Sep 17 00:00:00 2001
 From: Sebastien GODARD <sysstat@users.noreply.github.com>
 Date: Thu, 22 Jun 2023 17:47:59 +0200
 Subject: [PATCH] Add UMASK definition to sysstat(5) manual page (#362)
 Explain UMASK variable in sysstat(5) manual page.
 Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
 Cherry-picked-by: Lukáš Zaoral <lzaoral@redhat.com>
 Upstream-commit: 370ad59826c2320288a1999ef9038e2a2655b8a0
 ---
 man/sysstat.in | 9 +++++++++
 1 file changed, 9 insertions(+)
 diff --git a/man/sysstat.in b/man/sysstat.in
 index 6ce6b473..89bdd3f4 100644
 --- a/man/sysstat.in
 +++ b/man/sysstat.in
@@ -140,6 +140,15 @@ daily data files.
 These options are used only when a new data file is created. They will be
 ignored with an already existing one.
 .TP
 +.B UMASK
 +.RB "The " "sa1" " and " "sa2"
 +scripts generate system activity data and report files in the
 +.IR /var/log/sa
 +directory. By default the files are created with umask 0022
 +and are therefore readable for all users. Change this variable to restrict
 +the permissions on the files (e.g. use 0027 to adhere to more strict
 +security standards).
 +.TP
 .B YESTERDAY
 .RB "By default " "sa2"
 script generates yesterday's summary, since the
--- a/SPECS/sysstat.spec
+++ b/SPECS/sysstat.spec
@ -1,30 +1,35 @@
 Summary: Collection of performance monitoring tools for Linux
 Name: sysstat
-Version: 12.7.6
+Version: 12.5.4
-Release: 2%{?dist}
+Release: 8%{?dist}
-License: GPL-2.0-or-later
+License: GPLv2+
-
+URL: http://sebastien.godard.pagesperso-orange.fr/
 URL: http://sebastien.godard.pagesperso-orange.fr
 Source: https://github.com/sysstat/sysstat/archive/v%{version}.tar.gz
-# PCP is no longer available for %%{ix86} on F40
+# Use colors in sysstat output
-%if 0%{?fedora} >= 40 || 0%{?rhel} >= 10
+Source1: colorsysstat.csh
-%ifnarch %{ix86}
+Source2: colorsysstat.sh
-BuildRequires: pcp-libs-devel
+
-%endif
+# arithmetic overflow in allocate_structures() on 32 bit systems (CVE-2022-39377)
-%else
+Patch1:  sysstat-12.5.4-CVE-2022-39377.patch
-BuildRequires: pcp-libs-devel
+# {cifsio,io,mp,pid}stat --dec and sar --dec report values from single alphabet other than defined (bz2080650)
-%endif
+Patch2:  sysstat-12.5.4-bz2080650.patch
-
+# fix allocation errors with malformed sa files (RHEL-35684)
-BuildRequires: gcc
+# https://github.com/sysstat/sysstat/commit/c9a11d35df4aecfcf22aef827bac6cd57def9d4e
-BuildRequires: gettext
+# https://github.com/sysstat/sysstat/commit/44f1dc159242c1e434a3b836cda49f084c5a96cc
-BuildRequires: git
+Patch3:  sysstat-12.5.4-RHEL-35684.patch
-BuildRequires: lm_sensors-devel
+# check_overflow() function can work incorrectly that lead to an overflow (CVE-2023-33204)
 # https://github.com/sysstat/sysstat/commit/6f8dc568e6ab072bb8205b732f04e685bf9237c0
 Patch4:  sysstat-12.5.4-CVE-2023-33204.patch
 # add description of UMASK to man/systat.in (bz2216805)
 Patch5:  sysstat-12.5.4-bz2216805.patch
 BuildRequires: make
-BuildRequires: systemd-rpm-macros
+BuildRequires: gcc, gettext, lm_sensors-devel, pcp-libs-devel, systemd, git
 Requires: findutils, xz
-Requires: findutils
+%{?systemd_requires}
 Requires: xz
 %description
 The sysstat package contains the sar, sadf, mpstat, iostat, tapestat,
@ -48,25 +53,26 @@ The cifsiostat command reports I/O statistics for CIFS file systems.
 %autosetup -S git_am
 %build
 export CFLAGS="$RPM_OPT_FLAGS -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld"
 %configure \
    --enable-install-cron \
    --enable-copy-only \
    --disable-file-attr \
    --disable-stripping \
-    --docdir='%{_pkgdocdir}' \
+    --docdir=%{_pkgdocdir} \
    --with-systemdsystemunitdir='%{_unitdir}' \
    --with-systemdsleepdir='%{_unitdir}-sleep' \
    sadc_options='-S DISK' \
    history=28 \
    compressafter=31
-%make_build
+make %{?_smp_mflags}
 %install
 %make_install
 %find_lang %{name}
-# Do not install the license as documentation
+# Colored sysstat output
-rm %{buildroot}%{_docdir}/%{name}/COPYING
+mkdir -p %{buildroot}%{_sysconfdir}/profile.d
 install -p -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/profile.d
 install -p -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/profile.d
 %post
 %systemd_post sysstat.service sysstat-collect.timer sysstat-summary.timer
@ -82,93 +88,46 @@ fi
 %systemd_postun sysstat.service sysstat-collect.timer sysstat-summary.timer
 %files -f %{name}.lang
-%license COPYING
+%doc CHANGES COPYING CREDITS FAQ.md README.md %{name}-%{version}.lsm
 %doc CHANGES CREDITS FAQ.md README.md
 %config(noreplace) %{_sysconfdir}/sysconfig/sysstat
 %config(noreplace) %{_sysconfdir}/sysconfig/sysstat.ioconf
-%{_bindir}/cifsiostat
+%config(noreplace) %{_sysconfdir}/profile.d/*
-%{_bindir}/iostat
+%{_bindir}/*
 %{_bindir}/mpstat
 %{_bindir}/pidstat
 %{_bindir}/sadf
 %{_bindir}/sar
 %{_bindir}/tapestat
 %{_libdir}/sa
 %{_unitdir}/sysstat*
 %{_systemd_util_dir}/system-sleep/sysstat*
-%{_mandir}/man1/cifsiostat.1*
+%{_mandir}/man*/*
 %{_mandir}/man1/iostat.1*
 %{_mandir}/man1/mpstat.1*
 %{_mandir}/man1/pidstat.1*
 %{_mandir}/man1/sadf.1*
 %{_mandir}/man1/sar.1*
 %{_mandir}/man1/tapestat.1*
 %{_mandir}/man5/sysstat.5*
 %{_mandir}/man8/sa1.8*
 %{_mandir}/man8/sa2.8*
 %{_mandir}/man8/sadc.8*
 %{_localstatedir}/log/sa
 %changelog
-* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 12.7.6-2
+* Tue May 07 2024 Lukáš Zaoral <lzaoral@redhat.com> - 12.5.4-8
- Bump release for October 2024 mass rebuild:
+- fix allocation errors with malformed sa files (RHEL-35684)
-  Resolves: RHEL-64018
+- reorder patches to prevent errors during their application
 * Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 12.7.6-1
 - Rebuilt for MSVSphere 10
 * Thu Jul 04 2024 Lukáš Zaoral <lzaoral@redhat.com> - 12.7.6-1
 - rebase to latest upstream release (RHEL-20252)
 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 12.7.5-3
 - Bump release for June 2024 mass rebuild
 * Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 12.7.5-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
 * Mon Dec 18 2023 Lukáš Zaoral <lzaoral@redhat.com> - 12.7.5-1
 - rebase to latest upstream release (rhbz#2254956)
 * Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 12.7.4-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
 * Fri Jun 23 2023 Lukáš Zaoral <lzaoral@redhat.com> - 12.7.4-1
 - Update to v12.7.4 (rhbz#2216900)
 * Mon Jan 30 2023 Lukáš Zaoral <lzaoral@redhat.com> - 12.7.2-1
 - Update to v12.7.2 (rhbz#2165400)
 - Use SPDX license format
 - Modernize the spec file according to the current packaging guidelines
 * Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 12.7.1-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
-* Tue Nov 08 2022 Lukáš Zaoral <lzaoral@redhat.com> - 12.7.1-1
+* Thu Jul 27 2023 Lukáš Zaoral <lzaoral@redhat.com> - 12.5.4-7
- Update to 12.7.1 (rhbz#2140811)
+- add description of UMASK to man/systat.in (rhbz#2216805)
-* Thu Sep 01 2022 FeRD (Frank Dana) <ferdnyc@gmail.com> - 12.6.0-3
+* Fri Jun 30 2023 Pavel Šimovec <psimovec@redhat.com> - 12.5.4-6
- Drop profile.d configs for color output, which is enabled by default
+- fix the arithmetic overflow in allocate_structures() that is still possible on some 32 bit systems (CVE-2023-33204)
-* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 12.6.0-2
+* Tue Feb 21 2023 Lukáš Zaoral <lzaoral@redhat.com> - 12.5.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+- Fix --dec argument validation (rhbz#2080650)
-* Mon May 30 2022 Lukáš Zaoral <lzaoral@redhat.com> - 12.6.0-1
+* Thu Nov 10 2022 Lukáš Zaoral <lzaoral@redhat.com> - 12.5.4-4
- Update to v12.6.0 (#2091359)
+- arithmetic overflow in allocate_structures() on 32 bit systems (CVE-2022-39377)
-* Mon Apr 04 2022 Lukáš Zaoral <lzaoral@redhat.com> - 12.5.6-1
+* Mon Feb 21 2022 Michal Sekletar <msekleta@redhat.com> 12.5.4-3
- Update to v12.5.6 (#2059133)
+- sysstat's buildsystem doesn't really use LDFLAGS, we have to merge CFLAGS and LDFLAGS to get binaries with full RELRO (#2044893)
 - Build position independent executables
 - Use systemd-rpm-macros
   - See https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_scriptlets
-* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 12.5.4-3
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 12.5.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
  Related: rhbz#1991688
-* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 12.5.4-2
+* Tue Jun 15 2021 Nathan Scott <nathans@redhat.com> - 12.5.4-1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+- update to v12.5.4 (#1866234)
-* Tue Jun 08 2021 Nathan Scott <nathans@redhat.com> - 12.5.4-1
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 12.5.3-2
- update to v12.5.4 (#1968635)
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 * Mon Mar 15 2021 Nathan Scott <nathans@redhat.com> - 12.5.3-1
 - update to v12.5.3 (#1822907)
`@ -1 +1 @@`
	`SOURCES/v12.7.6.tar.gz`	`SOURCES/v12.5.4.tar.gz`
`@ -1 +1 @@`
	`b99740d71e9fe6c4bf20182f0c27dff4659f5ce2 SOURCES/v12.7.6.tar.gz`	`597196f8f2be7a8960bec880c18eec875b27ff73 SOURCES/v12.5.4.tar.gz`
		`@ -0,0 +1,2 @@`
							`# Color sysstat output`
							`if ( "$?S_COLORS" == 0 ) setenv S_COLORS auto`
		`@ -0,0 +1,2 @@`
							`# Color sysstat output`
							`export S_COLORS=${S_COLORS-auto}`