chkrootkit - Debian Package Tracker

general

source: chkrootkit (main)
version: 0.58b-3
maintainer: Debian Security Tools (DMD)
uploaders: Marcos Fouces [DMD]
arch: any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.52-3
oldstable: 0.54-1
stable: 0.57-2
testing: 0.58b-3
unstable: 0.58b-3

versioned links

0.52-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.54-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.57-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.58b-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

chkrootkit (3 bugs: 0, 2, 1, 0)

action needed

debian/patches: 32 patches with invalid metadata, 23 patches to forward upstream high

Among the 104 debian patches available in version 0.58b-3 of the package, we noticed the following issues:

32 patches with invalid metadata that ought to be fixed.
23 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2024-10-01 09:04

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.58b-4, distribution unstable) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit ef53a911f916616e0057dee240523bcccba523cc
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Thu Feb 6 17:05:07 2025 +0000

    Update debian/changelog for recent changes

commit 4a383a4a01688da031744fb8a2b6a332f28b5aec
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Wed Feb 5 12:36:02 2025 +0000

    autopkgtests: Use 'unshare --net'
    
    Ensure we know exactly what the 'sniffer' test should be finding by running
    the test inside unshare. Rather than assuming the test sees the network
    manager from the host (which is not the case in debusine, or if the host
    wasnt running any networking at all), we instead run the tests in unshare
    and create a dummy interface
    
    This means that the first tests will see no networking.
    When we want to test sniffer, we run our own dhcpd on the dummy interface,
    with a local IP from 192.0.2.0/24 (which is reserved for testing).
    
    This will then be found by subsequent 'sniffer' checks

commit f5a41f9e1e91045f556e7f9262fb37ac570d14ff
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Wed Feb 5 12:33:14 2025 +0000

    debian/tests/control: Add breaks-testbed
    
    The test is not designed to be run on a "real" system
    split depends into one-line per package

commit e07c26808fc96fe8b9e28eeec7966f1efbb52ea0
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Wed Feb 5 12:27:33 2025 +0000

    debian/tests/test-chkrootkit: cosmetic changes
    
    - improve comments
    - improve copying of commands to $CLEAN (the last helps if you run the file
       by hand - which is not a good idea unless already in a container)
    - delete more created files at the end

commit 7419a79ea33a303ffaeed32d83a03c03fefd9244
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Tue Dec 31 19:01:24 2024 +0000

    Ensure systemd unit can send mails
    
    We recently enabled ProtectSystem=strict, to prevent files in /tmp having
    their atimes updated. But this prevents emails being sent: we need to open
    access to /var/spool, /var/mail and /var/log for exim. And some tools,
    (including mail from mailutils) expect a writable TMPDIR, so we need to make
    a temporary /run/chkrootkit and set TMPDIR to that (NB: we cant use PrivateTmp
    as we want chkrootkit to scan the main system)

commit fdbbcbd6e4402d5c1fd95596d8bb5470c22113b2
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Sat Dec 21 11:55:48 2024 +0000

    Squash chkproc change into previous patch

commit f18548f78acd7558faadb36ab0efc8d5124b8ba1
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Sat Dec 21 11:46:10 2024 +0000

    Update Forwarded: information for all patches

commit 758cc031cf923094800493dcc32b7746e453682f
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Wed Dec 18 23:51:56 2024 +0000

    Update debian/changelog for recent changes

commit c6dbceb3c204afcd26404e488897f4ab4adc09f8
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Sun Dec 15 20:46:34 2024 +0000

    chkproc: improve output
    
    Show more information about suspicious processes: show /proc/pid/cmdline and /proc/pid/comm

commit 5d48ad0fe37c4d5447deb051e36e261ea124ed00
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Thu Dec 19 13:34:06 2024 +0000

    chkdirs: Fix compilation error on non-linux

commit 2e56f7cf9e0c78185e69602f363301f0d0d9e3fc
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Wed Dec 18 23:30:50 2024 +0000

    chkrootkit.service: Use ProtectSystem=strict
    
    This makes the filesystem read-only, which is sensible precaution.
    It also prevents tests modifying the access time of files when they
    use grep. In particular the test for suspicious PHP files calls head(1)
    on files in /tmp, which means systemd-tmpfiles will never delete them,
    which is unhelpful.
    
    Closes: #1089588

commit 98228c481ca063b05f76884724269c2c06e088e2
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Sun Nov 10 10:34:20 2024 +0000

    chkrootkit patches: define lookfor_rootkit in better place
    
    Previously this function (added by Debian in 2017), was defined
    inside aliens(), which (was OK but) made it unavailable for other tests.
    
    This commit moves its definition to the more correct top-level position.
    
    It's actually used in chk_lsdopreload, so this actually fixes running
    "chkrootkit ldsopreload" to run just one test.

commit 3aa8e7c14e9db1d9a2d061ef437cbfcdf4f84067
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Sat Nov 9 17:00:04 2024 +0000

    Misc changes
    
    - Makefile: allow STATIC to be disabled (for termux)
    - check_wtmpx, chkutmp: dont silently do nothing on unsupported OS
    - chkwtmp: fix overflow in argument parsing (and encoding issue in a comment)
    - chkdirs: Simplify:
        remove linked list that was built and then immediately cleared
                    ensure NAME_MAX is defined
                    reuse buffer for path name
                    instead of (incompletely) listing various os that need limits.h, include it except on the 2 that do not (fixes compilation on android, netbsd)
                    improve message about unsupported fs: it's more likely overlayfs than btrfs! show filesystem type (for some fs)
    - chklastlog: fix compilation on android (do nothing, but not silently), fix indent
    - chkproc: support netbsd, fix support for linux threads, allow -p on all OS,
       allow custom ps and parsing (for testing), include fnctl, improve output,
             readdir is section 2 not 3

commit 9fc4fcd189c99613c5c9a70c48e493318a55e46b
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Wed Nov 6 22:11:26 2024 +0000

    Update autopkgtest for last changes

commit 349ae01af73cbcc560c9cb3840f5f2148bcd5e70
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Sat Oct 12 16:40:41 2024 +0100

    .gitignore: ignore generated files

commit 01aed060a5bc7f8bd27144862aa93f9c5e7ded74
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Sat Nov 2 21:14:24 2024 +0000

    d/copyright: update
    
    Patch for ifpromisc was renamed

commit 1082af9114e8d4420a6f8364b76e054c24e44c1d
Author: Richard Lewis <richard.lewis.debian@googlemail.com>
Date:   Fri Oct 25 23:27:06 2024 +0100

    Refactor debian/patches
    
    No changes, but completely restrcture patches so we have
    
    chkrootkit: one patch for each _test_ (excpet that non-upstreamable patches are kept separate)
    
    one patch for all other files

Created: 2025-01-17 Last update: 2025-02-26 18:33

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).

Created: 2025-02-21 Last update: 2025-02-27 13:25

news

[rss feed]

[2024-10-10] chkrootkit 0.58b-3 MIGRATED to testing (Debian testing watch)
[2024-09-30] Accepted chkrootkit 0.58b-3 (source) into unstable (Richard Lewis) (signed by: Simon Josefsson)
[2024-09-26] Accepted chkrootkit 0.58b-2 (source) into unstable (Richard Lewis) (signed by: Simon Josefsson)
[2023-10-01] chkrootkit 0.58b-1 MIGRATED to testing (Debian testing watch)
[2023-09-29] Accepted chkrootkit 0.58b-1 (source) into unstable (Richard Lewis) (signed by: Samuel Henrique)
[2023-04-12] chkrootkit 0.57-2 MIGRATED to testing (Debian testing watch)
[2023-03-22] Accepted chkrootkit 0.57-2 (source) into unstable (Richard Lewis) (signed by: Marcos Fouces)
[2023-02-19] chkrootkit 0.57-1 MIGRATED to testing (Debian testing watch)
[2023-02-09] Accepted chkrootkit 0.57-1 (source) into unstable (Marcos Fouces)
[2021-12-26] chkrootkit 0.55-4 MIGRATED to testing (Debian testing watch)
[2021-12-23] Accepted chkrootkit 0.55-4 (source) into unstable (Marcos Fouces)
[2021-12-07] Accepted chkrootkit 0.55-3 (source) into unstable (Marcos Fouces)
[2021-11-24] Accepted chkrootkit 0.55-2 (source) into unstable (Marcos Fouces)
[2021-08-28] chkrootkit 0.55-1 MIGRATED to testing (Debian testing watch)
[2021-08-22] Accepted chkrootkit 0.55-1 (source) into unstable (Marcos Fouces)
[2021-01-12] chkrootkit 0.54-1 MIGRATED to testing (Debian testing watch)
[2021-01-07] Accepted chkrootkit 0.54-1 (source) into unstable (Marcos Fouces)
[2020-10-12] chkrootkit 0.53-2 MIGRATED to testing (Debian testing watch)
[2020-10-06] Accepted chkrootkit 0.53-2 (source) into unstable (Marcos Fouces)
[2019-09-21] chkrootkit 0.53-1 MIGRATED to testing (Debian testing watch)
[2019-09-15] Accepted chkrootkit 0.53-1 (source) into unstable (Marcos Fouces) (signed by: Giovani Augusto Ferreira)
[2019-03-11] chkrootkit 0.52-3 MIGRATED to testing (Debian testing watch)
[2019-03-01] Accepted chkrootkit 0.52-3 (source) into unstable (Marcos Fouces) (signed by: Samuel Henrique)
[2019-02-09] Accepted chkrootkit 0.50-4+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Moritz Schlarb) (signed by: Christoph Martin)
[2018-04-25] chkrootkit 0.52-2 MIGRATED to testing (Debian testing watch)
[2018-04-19] Accepted chkrootkit 0.52-2 (source) into unstable (Raphaël Hertzog)
[2017-08-09] chkrootkit 0.52-1 MIGRATED to testing (Debian testing watch)
[2017-08-03] Accepted chkrootkit 0.52-1 (source) into unstable (Marcos Fouces) (signed by: Gianfranco Costamagna)
[2017-07-01] Accepted chkrootkit 0.50-3.2~deb8u1 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Adrian Bunk)
[2017-01-07] chkrootkit 0.50-4 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 6
RC: 0
I&N: 4
M&W: 1
F&P: 1
patch: 0

links

homepage
lintian
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.58b-3
12 bugs (2 patches)