Debian-LTS has issued an advisory on May 27: https://www.debian.org/lts/security/2023/dla-3434 Mageia 8 is also affected.
Status comment: (none) => Patches available from upstream and DebianWhiteboard: (none) => MGA8TOO
Suggested advisory: ======================== The updated package fixes a security vulnerability: sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. (CVE-2023-33204) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33204 https://www.debian.org/lts/security/2023/dla-3434 ======================== Updated package in core/updates_testing: ======================== sysstat-12.5.2-1.2.mga8 from SRPM: sysstat-12.5.2-1.2.mga8.src.rpm
Source RPM: sysstat-12.7.2-1.mga9.src.rpm => sysstat-12.5.2-1.2.mga8.src.rpmWhiteboard: MGA8TOO => (none)Version: Cauldron => 8CC: (none) => nicolas.salgueroStatus: NEW => ASSIGNEDStatus comment: Patches available from upstream and Debian => (none)Assignee: bugsquad => qa-bugs
Testing this for mga8, x64. Groundwork in bug 26067. It appears that munin-node uses sysstat so I installed munin and munin-node. Documentation is mainly online. No handholding for a noddy so after a couple of hours fiddling about with configuration files gave up on that. $ sar Linux 5.15.117-1.mga8 (canopus) 17/06/23 _x86_64_ (20 CPU) 16:01:01 CPU %user %nice %system %iowait %steal %idle 16:11:01 all 0.12 0.01 0.24 0.01 0.00 99.61 16:21:01 all 0.40 0.01 0.35 0.01 0.00 99.22 [...] Average: all 0.19 0.01 0.24 0.01 0.00 99.55 $ sadf canopus 600 2023-06-17 15:11:01 UTC all %user 0.12 canopus 600 2023-06-17 15:11:01 UTC all %nice 0.01 [...] canopus 600 2023-06-17 16:21:01 UTC all %system 0.26 canopus 600 2023-06-17 16:21:01 UTC all %iowait 0.01 canopus 600 2023-06-17 16:21:01 UTC all %steal 0.00 canopus 600 2023-06-17 16:21:01 UTC all %idle 99.38 $ iostat Linux 5.15.117-1.mga8 (canopus) 17/06/23 _x86_64_ (20 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 0.26 0.01 0.25 0.02 0.00 99.47 Device tps kB_read/s kB_wrtn/s kB_dscd/s kB_read kB_wrtn kB_dscd nvme0n1 2.50 85.06 11.33 0.00 1662253 221383 0 sda 3.10 81.59 17.89 0.00 1594493 349717 0 ... $ mpstat Linux 5.15.117-1.mga8 (canopus) 17/06/23 _x86_64_ (20 CPU) 17:33:27 CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle 17:33:27 all 0.26 0.01 0.25 0.02 0.00 0.00 0.00 0.00 0.00 99.47 $ pidstat Linux 5.15.117-1.mga8 (canopus) 17/06/23 _x86_64_ (20 CPU) 17:34:37 UID PID %usr %system %guest %wait %CPU CPU Command 17:34:37 0 1 0.02 0.04 0.00 0.00 0.05 7 systemd 17:34:37 0 2 0.00 0.00 0.00 0.00 0.00 5 kthreadd 1 [...] 17:34:37 1000 638408 0.03 0.00 0.00 0.00 0.03 8 emacs 17:34:37 1000 640932 0.00 0.00 0.00 0.00 0.00 0 Web Content 17:34:37 0 646577 0.00 0.00 0.00 0.00 0.00 13 kworker/13:0-events 17:34:37 0 648461 0.00 0.00 0.00 0.00 0.00 9 kworker/u40:3-events_unbound 17:34:37 1000 654742 0.00 0.00 0.00 0.00 0.00 6 pidstat Good enough. The cli utilities worked fine before the update so no regressions.
CC: (none) => tarazed25
Whiteboard: (none) => MGA8-64-OK
Validating. Advisory in comment 1.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0203.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED