Fedora has issued an advisory today (November 5): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GE44PAF52D6HCPKQ3EYTGSSXBPT5UPYU/ Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Hi, thanks for reporting this bug. Assigned to all packagers and added recent commiters. (Please set the status to 'assigned' if you are working on it)
Assignee: bugsquad => pkg-bugsKeywords: (none) => TriagedCC: (none) => jani.valimaa, joequant
Suggested advisory: ======================== The updated package fixes a security vulnerability: A buffer overflow from long hostnames. (rhbz#1563939) References: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GE44PAF52D6HCPKQ3EYTGSSXBPT5UPYU/ ======================== Updated package in core/updates_testing: ======================== arpwatch-2.1a15-18.1.mga7 from SRPM: arpwatch-2.1a15-18.1.mga7.src.rpm
Source RPM: arpwatch-2.1a15-20.mga8.src.rpm => arpwatch-2.1a15-18.mga7.src.rpmVersion: Cauldron => 7Keywords: Triaged => (none)Whiteboard: MGA7TOO => (none)Status: NEW => ASSIGNEDAssignee: pkg-bugs => qa-bugsCC: (none) => nicolas.salguero
MGA7-64 MATE on Peaq C19011 No istallation issues. For testing ref bug 6329 and https://www.tecmint.com/monitor-ethernet-activity-in-linux/ # systemctl start arpwatch # systemctl -l status arpwatch ● arpwatch.service - LSB: The arpwatch daemon Loaded: loaded (/etc/rc.d/init.d/arpwatch; generated) Active: active (running) since Wed 2020-11-11 11:45:23 CET; 25s ago Docs: man:systemd-sysv-generator(8) Process: 11685 ExecStart=/etc/rc.d/init.d/arpwatch start (code=exited, status=0/SUCCESS) Tasks: 1 (limit: 2288) Memory: 3.3M CGroup: /system.slice/arpwatch.service └─11696 arpwatch -i wlan0 -u arpwatch -e root -s root (Arpwatch) Nov 11 11:45:22 mach6.hviaene.thuis systemd[1]: Starting LSB: The arpwatch daemon... Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11685]: Starting arpwatch: [ OK ] Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11696]: Running as uid=973 gid=963 Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11696]: listening on wlan0 Nov 11 11:45:23 mach6.hviaene.thuis systemd[1]: Started LSB: The arpwatch daemon. # ps -e | grep arpwatch | grep -v grep 11696 ? 00:00:00 arpwatch # grep ^[NUG] /proc/11696/status Name: arpwatch Umask: 0022 Ngid: 0 Uid: 973 973 973 973 Gid: 963 963 963 963 Groups: 963 NStgid: 11696 NSpid: 11696 NSpgid: 11685 NSsid: 11685 NoNewPrivs: 0 # arp -a _gateway (192.168.2.15) at 34:31:c4:80:a9:b4 [ether] on wlan0 mach1.hviaene.thuis (192.168.2.1) at 00:1b:21:80:7e:a9 [ether] on wlan0 Since according the tutorial the daemon writes to the syslog or messages: # journalctl -xe | grep arpwatch Nov 11 11:40:39 mach6.hviaene.thuis useradd[11034]: new group: name=arpwatch, GID=963 Nov 11 11:40:39 mach6.hviaene.thuis useradd[11034]: new user: name=arpwatch, UID=973, GID=963, home=/var/lib/arpwatch, shell=/bin/sh Nov 11 11:40:42 mach6.hviaene.thuis [RPM][10962]: install arpwatch-2:2.1a15-18.1.mga7.x86_64: success Nov 11 11:40:43 mach6.hviaene.thuis [RPM][10962]: install arpwatch-2:2.1a15-18.1.mga7.x86_64: success Nov 11 11:44:22 mach6.hviaene.thuis dbus-daemon[11453]: [session uid=0 pid=11451] Activating service name='org.freedesktop.secrets' requested by ':1.2' (uid=0 pid=11500 comm="pluma /etc/sysconfig/arpwatch") Nov 11 11:45:22 mach6.hviaene.thuis systemd[1]: Starting LSB: The arpwatch daemon... -- Subject: A start job for unit arpwatch.service has begun execution -- A start job for unit arpwatch.service has begun execution. Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11685]: Starting arpwatch: [ OK ] Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11696]: Running as uid=973 gid=963 Nov 11 11:45:23 mach6.hviaene.thuis arpwatch[11696]: listening on wlan0 Nov 11 11:45:23 mach6.hviaene.thuis systemd[1]: Started LSB: The arpwatch daemon. -- Subject: A start job for unit arpwatch.service has finished successfully -- A start job for unit arpwatch.service has finished successfully. Nov 11 11:45:55 mach6.hviaene.thuis arpwatch[11696]: new station 192.168.2.15 34:31:c4:80:a9:b4 Nov 11 11:45:55 mach6.hviaene.thuis arpwatch[11696]: new station 192.168.2.6 80:a5:89:2e:7d:5 Nov 11 11:45:55 mach6.hviaene.thuis arpwatch[11696]: new station 192.168.2.1 0:1b:21:80:7e:a9 Nov 11 11:45:55 mach6.hviaene.thuis postfix/pickup[7014]: CC3062278A: uid=973 from=<arpwatch> Nov 11 11:45:55 mach6.hviaene.thuis postfix/qmgr[2639]: CC3062278A: from=<arpwatch@mach6.hviaene.thuis>, size=559, nrcpt=1 (queue active) Nov 11 11:45:55 mach6.hviaene.thuis postfix/pickup[7014]: D1F4C20172: uid=973 from=<arpwatch> Nov 11 11:45:55 mach6.hviaene.thuis postfix/qmgr[2639]: D1F4C20172: from=<arpwatch@mach6.hviaene.thuis>, size=559, nrcpt=1 (queue active) Nov 11 11:46:00 mach6.hviaene.thuis postfix/pickup[7014]: CB6252278A: uid=973 from=<arpwatch> Nov 11 11:46:00 mach6.hviaene.thuis postfix/qmgr[2639]: CB6252278A: from=<arpwatch@mach6.hviaene.thuis>, size=539, nrcpt=1 (queue active) Nov 11 11:49:14 mach6.hviaene.thuis perl[10962]: running: rpm -ql arpwatch-2.1a15-18.1.mga7.x86_64 Nov 11 11:49:14 mach6.hviaene.thuis perl[10962]: running: rpm -q --qf '%{description}' arpwatch-2.1a15-18.1.mga7.x86_64 Nov 11 11:49:14 mach6.hviaene.thuis perl[10962]: running: rpm -q --changelog arpwatch-2.1a15-18.1.mga7.x86_64 This all seems reasonable to me
CC: (none) => herman.viaeneWhiteboard: (none) => MGA7-64-OK
Validated update, Advisory and packages in Comment 2. Advisory pushed to SVN.
CC: (none) => ouaurelien
CC: (none) => sysadmin-bugsKeywords: (none) => advisory, validated_update
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0420.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED