Bug#919990: stretch-pu: package chkrootkit/0.50-4+b2

Mon, 21 Jan 2019 03:01:16 -0800 

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian....@packages.debian.org
Usertags: pu

As reported in #600109, /etc/cron.daily/chkrootkit contains a regular
expression to filter out dhclient3 and dhcpd3 as false positives from the
packet sniffer test. However, the binaries don't exist anymore, they have been
renamed to dhclient and dhcpd respectively.

I propose to backport the fix to this regex from chkrootkit/0.52-2 in Buster.

Debdiff is attached.

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru chkrootkit-0.50/debian/changelog chkrootkit-0.50/debian/changelog
--- chkrootkit-0.50/debian/changelog    2016-12-27 13:14:43.000000000 +0100
+++ chkrootkit-0.50/debian/changelog    2019-01-21 11:45:44.000000000 +0100
@@ -1,3 +1,14 @@
+chkrootkit (0.50-4+deb9u1) stretch; urgency=medium
+
+  * Non-maintainer upload.
+  * Backport fix for regular expression for filtering out dhcpd and dhclient as
+    false positives from the packet sniffer test.
+
+  [ Lorenzo "Palinuro" Faletra ]
+  * Update /etc/cron.daily/chkrootkit (Closes: #600109)
+
+ -- Moritz Schlarb <schla...@uni-mainz.de>  Mon, 21 Jan 2019 11:45:44 +0100
+
 chkrootkit (0.50-4) unstable; urgency=low
 
   * [132754e] Fix windigo false positive (Closes:#796599)
diff -Nru chkrootkit-0.50/debian/cron.daily chkrootkit-0.50/debian/cron.daily
--- chkrootkit-0.50/debian/cron.daily   2016-12-27 13:14:43.000000000 +0100
+++ chkrootkit-0.50/debian/cron.daily   2019-01-21 11:44:19.000000000 +0100
@@ -19,7 +19,7 @@
                                eval $CHKROOTKIT $RUN_DAILY_OPTS > 
$LOG_DIR/log.today.raw 2>&1
                                # the sed expression replaces the messages 
about /sbin/dhclient3 /usr/sbin/dhcpd3
                                # with a message that is the same whatever 
order eth0 and eth1 were scanned
-                               sed -r -e 's,eth(0|1)(:[0-9])?: PACKET 
SNIFFER\((/sbin/dhclient3|/usr/sbin/dhcpd3)\[[0-9]+\]\),eth\[0|1\]: PACKET 
SNIFFER\([dhclient3|dhcpd3]{PID}\),' \
+                               sed -r -e 's,eth(0|1)(:[0-9])?: PACKET 
SNIFFER\((/sbin/dhclient|/usr/sbin/dhcpd)\[[0-9]+\]\),eth\[0|1\]: PACKET 
SNIFFER\([dhclient|dhcpd]{PID}\),' \
                                -e 's/(! \w+\s+)[ 0-9]{4}[0-9]/\1#####/' 
$LOG_DIR/log.today.raw > $LOG_DIR/log.today
         if [ ! -f $LOG_DIR/log.expected ]; then
                                                echo "ERROR: No file 
$LOG_DIR/log.expected"

Reply via email to