Bug 27570

Hi, thanks for reporting this bug.
Assigned to all packagers and added recent commiters.

(Please set the status to 'assigned' if you are working on it)

Assignee: bugsquad => pkg-bugs
Keywords: (none) => Triaged
CC: (none) => jani.valimaa, joequant

Suggested advisory:
========================

The updated package fixes a security vulnerability:

A buffer overflow from long hostnames. (rhbz#1563939)

References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GE44PAF52D6HCPKQ3EYTGSSXBPT5UPYU/
========================

Updated package in core/updates_testing:
========================
arpwatch-2.1a15-18.1.mga7

from SRPM:
arpwatch-2.1a15-18.1.mga7.src.rpm

Source RPM: arpwatch-2.1a15-20.mga8.src.rpm => arpwatch-2.1a15-18.mga7.src.rpm
Version: Cauldron => 7
Keywords: Triaged => (none)
Whiteboard: MGA7TOO => (none)
Status: NEW => ASSIGNED
Assignee: pkg-bugs => qa-bugs
CC: (none) => nicolas.salguero

MGA7-64 MATE on Peaq C19011
No istallation issues.
For testing ref bug 6329 and https://www.tecmint.com/monitor-ethernet-activity-in-linux/
# systemctl start arpwatch

# systemctl -l status arpwatch
● arpwatch.service - LSB: The arpwatch daemon
   Loaded: loaded (/etc/rc.d/init.d/arpwatch; generated)
   Active: active (running) since Wed 2020-11-11 11:45:23 CET; 25s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 11685 ExecStart=/etc/rc.d/init.d/arpwatch start (code=exited, status=0/SUCCESS)
    Tasks: 1 (limit: 2288)
   Memory: 3.3M
   CGroup: /system.slice/arpwatch.service
           └─11696 arpwatch -i wlan0 -u arpwatch -e root -s root (Arpwatch)

Nov 11 11:45:22 mach6.hviaene.thuis systemd[1]: Starting LSB: The arpwatch daemon...
Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11685]: Starting arpwatch: [  OK  ]
Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11696]: Running as uid=973 gid=963
Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11696]: listening on wlan0
Nov 11 11:45:23 mach6.hviaene.thuis systemd[1]: Started LSB: The arpwatch daemon.

# ps -e | grep arpwatch | grep -v grep
11696 ?        00:00:00 arpwatch

# grep ^[NUG] /proc/11696/status
Name:	arpwatch
Umask:	0022
Ngid:	0
Uid:	973	973	973	973
Gid:	963	963	963	963
Groups:	963 
NStgid:	11696
NSpid:	11696
NSpgid:	11685
NSsid:	11685
NoNewPrivs:	0

# arp -a
_gateway (192.168.2.15) at 34:31:c4:80:a9:b4 [ether] on wlan0
mach1.hviaene.thuis (192.168.2.1) at 00:1b:21:80:7e:a9 [ether] on wlan0

Since according the tutorial the daemon writes to the syslog or messages:
# journalctl -xe | grep arpwatch
Nov 11 11:40:39 mach6.hviaene.thuis useradd[11034]: new group: name=arpwatch, GID=963
Nov 11 11:40:39 mach6.hviaene.thuis useradd[11034]: new user: name=arpwatch, UID=973, GID=963, home=/var/lib/arpwatch, shell=/bin/sh
Nov 11 11:40:42 mach6.hviaene.thuis [RPM][10962]: install arpwatch-2:2.1a15-18.1.mga7.x86_64: success
Nov 11 11:40:43 mach6.hviaene.thuis [RPM][10962]: install arpwatch-2:2.1a15-18.1.mga7.x86_64: success
Nov 11 11:44:22 mach6.hviaene.thuis dbus-daemon[11453]: [session uid=0 pid=11451] Activating service name='org.freedesktop.secrets' requested by ':1.2' (uid=0 pid=11500 comm="pluma /etc/sysconfig/arpwatch")
Nov 11 11:45:22 mach6.hviaene.thuis systemd[1]: Starting LSB: The arpwatch daemon...
-- Subject: A start job for unit arpwatch.service has begun execution
-- A start job for unit arpwatch.service has begun execution.
Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11685]: Starting arpwatch: [  OK  ]
Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11696]: Running as uid=973 gid=963
Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11696]: listening on wlan0
Nov 11 11:45:23 mach6.hviaene.thuis systemd[1]: Started LSB: The arpwatch daemon.
-- Subject: A start job for unit arpwatch.service has finished successfully
-- A start job for unit arpwatch.service has finished successfully.
Nov 11 11:45:55 mach6.hviaene.thuis arpwatch[11696]: new station 192.168.2.15 34:31:c4:80:a9:b4
Nov 11 11:45:55 mach6.hviaene.thuis arpwatch[11696]: new station 192.168.2.6 80:a5:89:2e:7d:5
Nov 11 11:45:55 mach6.hviaene.thuis arpwatch[11696]: new station 192.168.2.1 0:1b:21:80:7e:a9
Nov 11 11:45:55 mach6.hviaene.thuis postfix/pickup[7014]: CC3062278A: uid=973 from=<arpwatch>
Nov 11 11:45:55 mach6.hviaene.thuis postfix/qmgr[2639]: CC3062278A: from=<arpwatch@mach6.hviaene.thuis>, size=559, nrcpt=1 (queue active)
Nov 11 11:45:55 mach6.hviaene.thuis postfix/pickup[7014]: D1F4C20172: uid=973 from=<arpwatch>
Nov 11 11:45:55 mach6.hviaene.thuis postfix/qmgr[2639]: D1F4C20172: from=<arpwatch@mach6.hviaene.thuis>, size=559, nrcpt=1 (queue active)
Nov 11 11:46:00 mach6.hviaene.thuis postfix/pickup[7014]: CB6252278A: uid=973 from=<arpwatch>
Nov 11 11:46:00 mach6.hviaene.thuis postfix/qmgr[2639]: CB6252278A: from=<arpwatch@mach6.hviaene.thuis>, size=539, nrcpt=1 (queue active)
Nov 11 11:49:14 mach6.hviaene.thuis perl[10962]: running: rpm -ql arpwatch-2.1a15-18.1.mga7.x86_64
Nov 11 11:49:14 mach6.hviaene.thuis perl[10962]: running: rpm -q --qf '%{description}' arpwatch-2.1a15-18.1.mga7.x86_64
Nov 11 11:49:14 mach6.hviaene.thuis perl[10962]: running: rpm -q --changelog arpwatch-2.1a15-18.1.mga7.x86_64

This all seems reasonable to me

CC: (none) => herman.viaene
Whiteboard: (none) => MGA7-64-OK

Validated update, Advisory and packages in Comment 2.
Advisory pushed to SVN.

CC: (none) => ouaurelien

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0420.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED