Your message dated Tue, 03 Jun 2014 19:18:43 +0000
with message-id <[email protected]>
and subject line Bug#680263: fixed in chkrootkit 0.49-5
has caused the Debian Bug report #680263,
regarding chkrootkit: 27: [: Illegal number: 4-trunk-amd64
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
680263: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680263
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: chkrootkit
Version: 0.49-4.1
Severity: normal
File: /usr/sbin/chkrootkit
Tags: patch
Usertags: pca.it-security
Hi there!
The output speaks by itself:
--8<---------------cut here---------------start------------->8---
/etc/cron.daily/chkrootkit:
ERROR: chkrootkit output was not as expected.
The difference is:
---[ BEGIN: diff -u /var/log/chkrootkit/log.expected
/var/log/chkrootkit/log.today ] ---
--- /var/log/chkrootkit/log.expected 2011-11-26 23:25:03.221541540 -0600
+++ /var/log/chkrootkit/log.today 2012-07-03 06:25:12.220193941 -0600
@@ -1,11 +1,14 @@
+/usr/sbin/chkrootkit: 27: [: Illegal number: 4-trunk-amd64
Possible RH-Sharpe rootkit installed:
/usr/bin/slice
--8<---------------cut here---------------end--------------->8---
The attached patch will be pushed to the Git repository as soon as this
bug gets a number:
--8<---------------cut here---------------start------------->8---
diff --git a/debian/patches/kallsyms.patch b/debian/patches/kallsyms.patch
index 24d4d68..cb68abd 100644
--- a/debian/patches/kallsyms.patch
+++ b/debian/patches/kallsyms.patch
@@ -12,7 +12,7 @@ Last-Update: 2012-07-04
export _POSIX2_VERSION
+# ksyms/kallsyms, depending on kernel version
-+if [ `uname -r | cut -d. -f2` -lt 6 ] ;
++if ! echo "$(uname -r | cut -d- -f 1) <= 2.6" | bc >/dev/null ;
+then
+KALLSYMS=ksyms ;
+else
--8<---------------cut here---------------end--------------->8---
Thx, bye,
Gismo / Luca
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.4-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages chkrootkit depends on:
ii binutils 2.22-6.1
ii debconf [debconf-2.0] 1.5.45
ii libc6 2.13-34
ii net-tools 1.60-24.1
ii procps 1:3.3.3-2
chkrootkit recommends no packages.
chkrootkit suggests no packages.
-- debconf information:
chkrootkit/run_daily_opts: -q
chkrootkit/run_daily: true
chkrootkit/diff_mode: true
pgpT1ozvW_6oW.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: chkrootkit
Source-Version: 0.49-5
We believe that the bug you reported is fixed in the latest version of
chkrootkit, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Giuseppe Iuculano <[email protected]> (supplier of updated chkrootkit package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 03 Jun 2014 20:58:19 +0200
Source: chkrootkit
Binary: chkrootkit
Architecture: source amd64
Version: 0.49-5
Distribution: unstable
Urgency: high
Maintainer: Giuseppe Iuculano <[email protected]>
Changed-By: Giuseppe Iuculano <[email protected]>
Description:
chkrootkit - rootkit detector
Closes: 680263
Changes:
chkrootkit (0.49-5) unstable; urgency=high
.
[ Luca Capello ]
* [c2fb1af] debian/patches/kallsyms.patch: DEP-3, credits to original author
* [eeba363] debian/patches/kallsyms.patch:
(Closes: #680263) check N.M, not only M
.
[ Giuseppe Iuculano ]
* [9c9d633] Fix CVE-2014-0476.
Thanks to Thomas Stangner
Checksums-Sha1:
6354409c1bb845ddd9e8488c276c799258b2f9a6 1241 chkrootkit_0.49-5.dsc
0cea0e6ca8e7075b1f869f74bb8d3d4dab2c2eb4 35102 chkrootkit_0.49-5.diff.gz
43cf36566eb554338f5689fa947c7fcdc701fe6f 307424 chkrootkit_0.49-5_amd64.deb
Checksums-Sha256:
99e7b0967389105c948cc9684ed535641d932cb41b0a0366297e071f79f8dbe4 1241
chkrootkit_0.49-5.dsc
36e58f3898d1940d519aec52990461c414157f5c77c8374ba0b34c668ebf4222 35102
chkrootkit_0.49-5.diff.gz
0d24b98a10179160ae09021fdfbad217a44ef678cd9d4408b9eea1967dd617eb 307424
chkrootkit_0.49-5_amd64.deb
Files:
1fa263269eac95aeed22e1ca8e39b854 307424 misc optional
chkrootkit_0.49-5_amd64.deb
b7abf79abff12c096373999c46fee369 1241 misc optional chkrootkit_0.49-5.dsc
69793aa56687656740be082f4ab0786b 35102 misc optional chkrootkit_0.49-5.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlOOHC4ACgkQNxpp46476aqXdACfRl5/N5xCQX8pCJgG+Fuuoj3u
vRwAn25DwjoAUnasiEoe3HcjtXKmYnpx
=Lgg6
-----END PGP SIGNATURE-----
--- End Message ---
