[Bug 1808882] Re: false positive on tcpd
Launchpad Bug Tracker
1808882 at bugs.launchpad.net
Thu Mar 7 10:34:27 UTC 2019
This bug was fixed in the package chkrootkit - 0.52-1ubuntu0.1
---------------
chkrootkit (0.52-1ubuntu0.1) bionic; urgency=medium
* d/patches/24_fix_chktcpd.patch: Apply patch to fix tcpd false-positive
detections. (LP: #1808882)
Thanks to Francois Marier for the patch.
-- Thomas Ward <teward at ubuntu.com> Tue, 29 Jan 2019 16:35:21 -0500
** Changed in: chkrootkit (Ubuntu Bionic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1808882
Title:
false positive on tcpd
Status in chkrootkit package in Ubuntu:
Fix Released
Status in chkrootkit source package in Bionic:
Fix Released
Status in chkrootkit source package in Cosmic:
Fix Released
Status in chkrootkit source package in Disco:
Fix Released
Status in chkrootkit package in Debian:
Fix Released
Bug description:
[Impact]
chkrootkit will return false positives for tcpd detections as
"infected" when tcpd is not present on a system.
[Test Case]
* Install chkrootkit, run chkrootkit checks.
* Without the patch, chkrootkit should return "INFECTED" in its detections for tcpd.
* With the debdiff, it should say "not present" or "not infected".
[Regression Potential]
* Regression risk is limited. The only change with this patch and
debdiff is that we reinitialize the CMD variable in the test to
"empty" before utilizing CMD, which clears the bug if "/bin/tar" from
the previous test being still used in the script for testing tcpd. No
other chkrootkit bits are, based on my testing, affected by this
change.
[Other Info]
* Patch was provided by Francois Mariner from Debian
[Original Description]
This has apparently been a thing since at least 16.04
Install a clean version of Ubuntu, install chkrootkit, run a check.
tcpd will report as infected.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: chkrootkit 0.52-1
ProcVersionSignature: Ubuntu 4.15.0-42.45-lowlatency 4.15.18
Uname: Linux 4.15.0-42-lowlatency x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.9-0ubuntu7.5
Architecture: amd64
CurrentDesktop: MATE
Date: Mon Dec 17 18:30:29 2018
InstallationDate: Installed on 2018-12-05 (12 days ago)
InstallationMedia: Ubuntu-MATE 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725)
SourcePackage: chkrootkit
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chkrootkit/+bug/1808882/+subscriptions
More information about the Ubuntu-sponsors
mailing list