SUSE has issued an advisory on January 7: http://lists.suse.com/pipermail/sle-security-updates/2020-January/006302.html Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Commit to fix the issue is linked from the SUSE bug: https://bugzilla.suse.com/show_bug.cgi?id=1159104
Status comment: (none) => Fix available in upstream commit
Assigning to you (yet another one!) DavidG, as you have done several recent commits.
Assignee: bugsquad => geiger.david68210
Updated package uploaded by David. Advisory: ======================== Updated sysstat package fixes security vulnerability: Double free in check_file_actlst in sa_common.c (CVE-2019-19725). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19725 http://lists.suse.com/pipermail/sle-security-updates/2020-January/006302.html ======================== Updated packages in core/updates_testing: ======================== sysstat-12.2.1-1.mga7 from sysstat-12.2.1-1.mga7.src.rpm
Assignee: geiger.david68210 => qa-bugsVersion: Cauldron => 7CC: (none) => geiger.david68210Status comment: Fix available in upstream commit => (none)Whiteboard: MGA7TOO => (none)
MGA7-64 Plasma on Lenovo B50 No installation issues Ref bug 25804 for tests: $ iostat Linux 5.4.12-desktop-1.mga7 (FQDN) 23-01-20 _x86_64_ (4 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 5,87 0,18 3,39 17,98 0,00 72,58 Device tps kB_read/s kB_wrtn/s kB_dscd/s kB_read kB_wrtn kB_dscd sda 83,29 3276,30 201,57 0,00 1081931 66565 0 $ mpstat Linux 5.4.12-desktop-1.mga7 (FQDN) 23-01-20 _x86_64_ (4 CPU) 15:33:02 CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle 15:33:02 all 5,59 0,18 3,11 16,92 0,00 0,17 0,00 0,00 0,00 74,03 $ pidstat Linux 5.4.12-desktop-1.mga7 (FQDN) 23-01-20 _x86_64_ (4 CPU) 15:33:31 UID PID %usr %system %guest %wait %CPU CPU Command 15:33:31 0 1 0,14 0,35 0,00 0,01 0,49 1 systemd 15:33:31 0 5 0,00 0,23 0,00 0,02 0,23 0 kworker/0:0-events 15:33:31 0 8 0,00 0,01 0,00 0,00 0,01 0 kworker/u8:0-i915 etc....... but: $ sadf Kan /var/log/sa/sa23 niet openen: Bestand of map bestaat niet (file or folder does not exist Controleer of gegevensverzameling ingeschakeld is. (check whether data collaction is switched on) [tester7@mach5 ~]$ sar Kan /var/log/sa/sa23 niet openen: Bestand of map bestaat niet Controleer of gegevensverzameling ingeschakeld is. Googling shows different sites where reference is made to /etc/cron.d/sysstat, but that does not exist in this installation, so I guess data collection s indeed not activated.
CC: (none) => herman.viaene
Correction: the cron is in cron.daily and cron.hourly, where is stated to run every 10 min Found also https://www.thomas-krenn.com/en/wiki/Collect_and_report_Linux_System_Activity_Information_with_sar Where it is stated that an ENABLe=true should be in the config. Added that line in /etc/sysconfig/sysstat, but more than 10 min. later, still nothing. But that might be due to the daily cron which did not run yet. Running the scripts manually changes the results to: $ sar Linux 5.4.12-desktop-1.mga7 (FQDN) 23-01-20 _x86_64_ (4 CPU) $ sadf no feedback Leaving for the higher powers to judge whether this is good enough.
@Herman: in response to your request have run the tests here and saw a response to $ sadf difda 600 2020-01-23 00:11:01 UTC all %user 0.76 difda 600 2020-01-23 00:11:01 UTC all %nice 0.04 difda 600 2020-01-23 00:11:01 UTC all %system 0.39 [...] difda 600 2020-01-23 20:31:01 UTC all %iowait 0.02 difda 600 2020-01-23 20:31:01 UTC all %steal 0.00 difda 600 2020-01-23 20:31:01 UTC all %idle 98.00 738 lines of output. $ sar Linux 5.4.12-desktop-1.mga7 (difda) 23/01/20 _x86_64_ (8 CPU) 00:01:01 CPU %user %nice %system %iowait %steal %idle 00:11:01 all 0.76 0.04 0.39 0.02 0.00 98.79 00:21:01 all 0.76 0.01 0.39 0.02 0.00 98.82 [...] 20:31:01 CPU %user %nice %system %iowait %steal %idle 20:41:01 all 2.58 0.02 0.75 0.03 0.00 96.63 Average: all 1.08 0.01 0.45 0.02 0.00 98.42 It looks fine AFAICS so go ahead with the OK Len = *a lower power* ;-)
CC: (none) => tarazed25
Whiteboard: (none) => MGA7-64-OK
Good enough to suit me, guys. Validating. Advisory in Comment 3. TJ = *deluded into thinking he actually has some power* ;-)
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0064.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED