Your message dated Fri, 24 Apr 2020 18:36:24 +0200
with message-id <[email protected]>
and subject line Re: chkrootkit: False positive: libqt4-dbg Bug#694860
has caused the Debian Bug report #694860,
regarding chkrootkit: False positive: libqt4-dbg
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
694860: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694860
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: chkrootkit
Version: 0.49-4.1
Severity: normal
Dear Maintainer,
chkrootkit reports false positives
blackbox:~# /etc/cron.daily/chkrootkit
/usr/lib/jvm/.java-1.7.0-openjdk-i386.jinfo /usr/lib/jvm/.java-6-sun.jinfo
/usr/lib/jvm/java-1.5.0-gcj-4.4/.java-gcj-4.4.jinfo
/usr/lib/jvm/.java-1.6.0-openjdk-i386.jinfo
/usr/lib/jvm/java-6-sun-1.6.0.26/.systemPrefs
/usr/lib/python2.6/dist-packages/PyQt4/uic/widget-plugins/.noinit
/usr/lib/python2.7/dist-packages/PyQt4/uic/widget-plugins/.noinit
/usr/lib/debug/.build-id /usr/lib/icedove/.autoreg
/usr/lib/pymodules/python2.6/.path /usr/lib/pymodules/python2.7/.path
/usr/lib/xulrunner-1.9.1/.autoreg
/usr/lib/debug/.build-id
eth0: PACKET SNIFFER(/sbin/dhclient[3584], /usr/sbin/ntop[3799])
The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID PID TTY CMD
! root 2504 tty7 /usr/bin/X :0 vt7 -br -nolisten tcp -auth
/var/run/xauth/A:0-JbRRca
! root 18668 tty8 /usr/bin/X :1 vt8 -br -nolisten tcp -auth
/var/run/xauth/A:1-Kntgia
blackbox:~#
on my system.
Most of the files are even part of debian packages....wouldn't it make sense to
run dpkg -S for all the suspicious files before reporting them?
rd@blackbox:~/tmp.nobackup/Maps$ for f in /usr/lib/xulrunner/.autoreg
/usr/lib/jvm/.java-1.7.0-openjdk-i386.jinfo /usr/lib/jvm/.java-6-sun.jinfo
/usr/lib/jvm/java-1.5.0-gcj-4.4/.java-gcj-4.4.jinfo
/usr/lib/jvm/.java-1.6.0-openjdk-i386.jinfo
/usr/lib/jvm/java-6-sun-1.6.0.26/.systemPrefs
/usr/lib/python2.6/dist-packages/PyQt4/uic/widget-plugins/.noinit
/usr/lib/python2.7/dist-packages/PyQt4/uic/widget-plugins/.noinit
/usr/lib/debug/.build-id /usr/lib/icedove/.autoreg
/usr/lib/pymodules/python2.6/.path /usr/lib/pymodules/python2.7/.path
/usr/lib/xulrunner-1.9.1/.autoreg /usr/lib/debug/.build-id; do dpkg -S $f; done
dpkg-query: Kein Pfad gefunden, der auf Muster /usr/lib/xulrunner/.autoreg passt
openjdk-7-jre-headless:i386: /usr/lib/jvm/.java-1.7.0-openjdk-i386.jinfo
sun-java6-bin: /usr/lib/jvm/.java-6-sun.jinfo
gcj-4.4-jre-headless: /usr/lib/jvm/java-1.5.0-gcj-4.4/.java-gcj-4.4.jinfo
openjdk-6-jre-headless:i386: /usr/lib/jvm/.java-1.6.0-openjdk-i386.jinfo
sun-java6-jre: /usr/lib/jvm/java-6-sun-1.6.0.26/.systemPrefs
python-qt4: /usr/lib/python2.6/dist-packages/PyQt4/uic/widget-plugins/.noinit
python-qt4: /usr/lib/python2.7/dist-packages/PyQt4/uic/widget-plugins/.noinit
libqt4-dbg, libtelepathy-glib0-dbg:i386: /usr/lib/debug/.build-id
icedove: /usr/lib/icedove/.autoreg
dpkg-query: Kein Pfad gefunden, der auf Muster
/usr/lib/pymodules/python2.6/.path passt
dpkg-query: Kein Pfad gefunden, der auf Muster
/usr/lib/pymodules/python2.7/.path passt
xulrunner-1.9.1: /usr/lib/xulrunner-1.9.1/.autoreg
libqt4-dbg, libtelepathy-glib0-dbg:i386: /usr/lib/debug/.build-id
rd@blackbox:~/tmp.nobackup/Maps$
e.g.
rd@blackbox:~/tmp.nobackup/Maps$ for f in /usr/lib/xulrunner/.autoreg
/usr/lib/jvm/.java-1.7.0-openjdk-i386.jinfo /usr/lib/jvm/.java-6-sun.jinfo
/usr/lib/jvm/java-1.5.0-gcj-4.4/.java-gcj-4.4.jinfo
/usr/lib/jvm/.java-1.6.0-openjdk-i386.jinfo
/usr/lib/jvm/java-6-sun-1.6.0.26/.systemPrefs
/usr/lib/python2.6/dist-packages/PyQt4/uic/widget-plugins/.noinit
/usr/lib/python2.7/dist-packages/PyQt4/uic/widget-plugins/.noinit
/usr/lib/debug/.build-id /usr/lib/icedove/.autoreg
/usr/lib/pymodules/python2.6/.path /usr/lib/pymodules/python2.7/.path
/usr/lib/xulrunner-1.9.1/.autoreg /usr/lib/debug/.build-id; do if ! dpkg -S $f
> /dev/null 2>/dev/null; then echo $f; fi ; done
/usr/lib/xulrunner/.autoreg
/usr/lib/pymodules/python2.6/.path
/usr/lib/pymodules/python2.7/.path
rd@blackbox:~/tmp.nobackup/Maps$
reports the three really suspicous files.
Thanks,
Rainer
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing'), (300, 'unstable'), (200, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages chkrootkit depends on:
ii binutils 2.22-7.1
ii debconf [debconf-2.0] 1.5.46
ii libc6 2.13-37
ii net-tools 1.60-24.2
ii procps 1:3.3.3-2
chkrootkit recommends no packages.
chkrootkit suggests no packages.
-- debconf information:
* chkrootkit/run_daily: true
* chkrootkit/run_daily_opts: -q
* chkrootkit/diff_mode: false
--- End Message ---
--- Begin Message ---
Hello Rainer,
this package is already dropped so i believe that keeping this bug open
is useless.
Please, fell free to reopen if it seems appropiate.
Greetings,
Marcos
El jue, 09-04-2020 a las 09:12 +0000, Debian Bug Tracking System
escribió:
> Debian Bug report logs - #694860
> chkrootkit: False positive: libqt4-dbg
>
> version graph
>
> Package: chkrootkit; Maintainer for chkrootkit is Debian Security
> Tools
> <[email protected]>; Source for chkrootkit is
> src:chkrootkit (PTS, buildd, popcon).
>
> Reported by: Rainer Dorsch <[email protected]>
>
> Date: Sat, 1 Dec 2012 12:33:01 UTC
>
> Severity: normal
>
> Found in version chkrootkit/0.49-4.1
>
> Reply or subscribe to this bug.
>
> Toggle useless messages
>
> View this report as an mbox folder, status mbox, maintainer mbox
> ________________________________________________________________
> __
>
> Report forwarded to [email protected], Giuseppe
> Iuculano <[email protected]>:
> Bug#694860; Package chkrootkit. (Sat, 01 Dec 2012 12:33:04 GMT)
> (full
> text, mbox, link).
> ________________________________________________________________
> __
>
> View this message in rfc822 format
>
> From: Rainer Dorsch <[email protected]>
> To: Debian Bug Tracking System <[email protected]>
> Subject: Bug#694860: chkrootkit: False positive: libqt4-dbg
> Date: Sat, 01 Dec 2012 13:30:34 +0100
>
> Package: chkrootkit
> Version: 0.49-4.1
> Severity: normal
>
> Dear Maintainer,
>
> chkrootkit reports false positives
>
> blackbox:~# /etc/cron.daily/chkrootkit
>
> /usr/lib/jvm/.java-1.7.0-openjdk-i386.jinfo /usr/lib/jvm/.java-6-
> sun.jinfo /usr/
> lib/jvm/java-1.5.0-gcj-4.4/.java-gcj-4.4.jinfo /usr/lib/jvm/.java-
> 1.6.0-openjdk-
> i386.jinfo /usr/lib/jvm/java-6-sun-1.6.0.26/.systemPrefs
> /usr/lib/python2.6/dist
> -packages/PyQt4/uic/widget-plugins/.noinit /usr/lib/python2.7/dist-
> packages/PyQt
> 4/uic/widget-plugins/.noinit /usr/lib/debug/.build-id
> /usr/lib/icedove/.autoreg
> /usr/lib/pymodules/python2.6/.path /usr/lib/pymodules/python2.7/.path
> /usr/lib/x
> ulrunner-1.9.1/.autoreg
> /usr/lib/debug/.build-id
> eth0: PACKET SNIFFER(/sbin/dhclient[3584], /usr/sbin/ntop[3799])
> The tty of the following user process(es) were not found
> in /var/run/utmp !
> ! RUID PID TTY CMD
> ! root 2504 tty7 /usr/bin/X :0 vt7 -br -nolisten tcp -auth
> /var/run/xa
> uth/A:0-JbRRca
> ! root 18668 tty8 /usr/bin/X :1 vt8 -br -nolisten tcp -auth
> /var/run/xa
> uth/A:1-Kntgia
> blackbox:~#
>
> on my system.
>
> Most of the files are even part of debian packages....wouldn't it
> make sense to
> run dpkg -S for all the suspicious files before reporting them?
>
> rd@blackbox:~/tmp.nobackup/Maps$ for f in /usr/lib/xulrunner/.autoreg
> /usr/lib/j
> vm/.java-1.7.0-openjdk-i386.jinfo /usr/lib/jvm/.java-6-
> sun.jinfo /usr/lib/jvm/
> java-1.5.0-gcj-4.4/.java-gcj-4.4.jinfo /usr/lib/jvm/.java-1.6.0-
> openjdk-i386.ji
> nfo /usr/lib/jvm/java-6-sun-
> 1.6.0.26/.systemPrefs /usr/lib/python2.6/dist-pack
> ages/PyQt4/uic/widget-plugins/.noinit /usr/lib/python2.7/dist-
> packages/PyQt4/ui
> c/widget-plugins/.noinit /usr/lib/debug/.build-
> id /usr/lib/icedove/.autoreg /
> usr/lib/pymodules/python2.6/.path /usr/lib/pymodules/python2.7/.path
> /usr/lib/
> xulrunner-1.9.1/.autoreg /usr/lib/debug/.build-id; do dpkg -S $f;
> done
> dpkg-query: Kein Pfad gefunden, der auf Muster
> /usr/lib/xulrunner/.autoreg passt
> openjdk-7-jre-headless:i386: /usr/lib/jvm/.java-1.7.0-openjdk-
> i386.jinfo
> sun-java6-bin: /usr/lib/jvm/.java-6-sun.jinfo
> gcj-4.4-jre-headless: /usr/lib/jvm/java-1.5.0-gcj-4.4/.java-gcj-
> 4.4.jinfo
> openjdk-6-jre-headless:i386: /usr/lib/jvm/.java-1.6.0-openjdk-
> i386.jinfo
> sun-java6-jre: /usr/lib/jvm/java-6-sun-1.6.0.26/.systemPrefs
> python-qt4: /usr/lib/python2.6/dist-packages/PyQt4/uic/widget-
> plugins/.noinit
> python-qt4: /usr/lib/python2.7/dist-packages/PyQt4/uic/widget-
> plugins/.noinit
> libqt4-dbg, libtelepathy-glib0-dbg:i386: /usr/lib/debug/.build-id
> icedove: /usr/lib/icedove/.autoreg
> dpkg-query: Kein Pfad gefunden, der auf Muster
> /usr/lib/pymodules/python2.6/.pat
> h passt
> dpkg-query: Kein Pfad gefunden, der auf Muster
> /usr/lib/pymodules/python2.7/.pat
> h passt
> xulrunner-1.9.1: /usr/lib/xulrunner-1.9.1/.autoreg
> libqt4-dbg, libtelepathy-glib0-dbg:i386: /usr/lib/debug/.build-id
> rd@blackbox:~/tmp.nobackup/Maps$
>
> e.g.
>
> rd@blackbox:~/tmp.nobackup/Maps$ for f in /usr/lib/xulrunner/.autoreg
> /usr/lib/j
> vm/.java-1.7.0-openjdk-i386.jinfo /usr/lib/jvm/.java-6-
> sun.jinfo /usr/lib/jvm/
> java-1.5.0-gcj-4.4/.java-gcj-4.4.jinfo /usr/lib/jvm/.java-1.6.0-
> openjdk-i386.ji
> nfo /usr/lib/jvm/java-6-sun-
> 1.6.0.26/.systemPrefs /usr/lib/python2.6/dist-pack
> ages/PyQt4/uic/widget-plugins/.noinit /usr/lib/python2.7/dist-
> packages/PyQt4/ui
> c/widget-plugins/.noinit /usr/lib/debug/.build-
> id /usr/lib/icedove/.autoreg /
> usr/lib/pymodules/python2.6/.path /usr/lib/pymodules/python2.7/.path
> /usr/lib/
> xulrunner-1.9.1/.autoreg /usr/lib/debug/.build-id; do if ! dpkg -S $f
> > /dev/nul
> l 2>/dev/null; then echo $f; fi ; done
> /usr/lib/xulrunner/.autoreg
> /usr/lib/pymodules/python2.6/.path
> /usr/lib/pymodules/python2.7/.path
> rd@blackbox:~/tmp.nobackup/Maps$
>
> reports the three really suspicous files.
>
> Thanks,
> Rainer
>
>
> -- System Information:
> Debian Release: wheezy/sid
> APT prefers testing
> APT policy: (500, 'testing'), (300, 'unstable'), (200,
> 'experimental')
> Architecture: i386 (i686)
>
> Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages chkrootkit depends on:
> ii binutils 2.22-7.1
> ii debconf [debconf-2.0] 1.5.46
> ii libc6 2.13-37
> ii net-tools 1.60-24.2
> ii procps 1:3.3.3-2
>
> chkrootkit recommends no packages.
>
> chkrootkit suggests no packages.
>
> -- debconf information:
> * chkrootkit/run_daily: true
> * chkrootkit/run_daily_opts: -q
> * chkrootkit/diff_mode: false
> ________________________________________________________________
> __
>
> Acknowledgement sent to Rainer Dorsch <[email protected]>:
> New Bug report received and forwarded. Copy sent to Giuseppe
> Iuculano
> <[email protected]>. (Sat, 01 Dec 2012 12:33:04 GMT) (full text,
> mbox, link).
> ________________________________________________________________
> __
>
> View this message in rfc822 format
>
> From: [email protected] (Debian Bug Tracking System)
> To: Rainer Dorsch <[email protected]>
> Subject: Bug#694860: Acknowledgement (chkrootkit: False positive:
> libqt4-dbg)
> Date: Sat, 01 Dec 2012 12:33:04 +0000
>
> Thank you for filing a new Bug report with Debian.
>
> This is an automatically generated reply to let you know your message
> has been received.
>
> Your message is being forwarded to the package maintainers and other
> interested parties for their attention; they will reply in due
> course.
>
> Your message has been sent to the package maintainer(s):
> Giuseppe Iuculano <[email protected]>
>
> If you wish to submit further information on this problem, please
> send it to [email protected].
>
> Please do not send mail to [email protected] unless you wish
> to report a problem with the Bug-tracking system.
>
> --
> 694860: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694860
> Debian Bug Tracking System
> Contact [email protected] with problems
> ________________________________________________________________
> __
>
> Send a report that this bug log contains spam.
> ________________________________________________________________
> __
>
>
> Debian bug tracking system administrator <[email protected]>.
> Last modified: Thu Apr 9 09:12:35 2020; Machine Name: buxtehude
> Debian Bug tracking system
> Debbugs is free software and licensed under the terms of the GNU
> Public License version 2. The current version can be obtained
> from
> https://bugs.debian.org/debbugs-source/.
> Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation
> Ltd,
> 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other
> contributors.
--- End Message ---
