I think the component for this bug should be netstat, no chkrootkit, since that's where the issue lies. I'm seeing the same warning for netstat on F21 (net-tools-2.0-0.31.20141124git.fc21.x86_64).

# netstat -l
...
Active Bluetooth connections (only servers)
Proto  Destination       Source            State         PSM DCID   SCID      IMTU    OMTU Security
warning, got bogus l2cap line.
warning, got bogus l2cap line.
warning, got bogus l2cap line.
warning, got bogus l2cap line.
warning, got bogus l2cap line.

I filed the bug against chkrootkit after seeing that net-tools package (netstat) was marked "end of life" and is not likely to be updated in Fedora or upstream. I can live with errors from netstat since it is generally used interactively but error output from a root-kit scanner may cause unnecessary alarm.

I have "fixed" my own version by restricting the netstat protocol options but I'm no root-kit expert so I don't know if the affected Trojans only use IPv4/IPv6.

Quick fix:
- OPT=-an
+ OPT=-an46
in 4 places in chkrootkit script. One instance is quoted.

That fixes things for netstat for now but switching to ss would take considerably more effort.

Hi,

(In reply to DaveG from comment #2)
> I filed the bug against chkrootkit after seeing that net-tools package
> (netstat) was marked "end of life" and is not likely to be updated in Fedora
> or upstream.

what will be the netstat replacement ? 

Thanks,

(In reply to Sergio Monteiro Basto from comment #3)
> Hi,
> 
> (In reply to DaveG from comment #2)
> > I filed the bug against chkrootkit after seeing that net-tools package
> > (netstat) was marked "end of life" and is not likely to be updated in Fedora
> > or upstream.
> 
> what will be the netstat replacement ? 
> 
ss

Yes, 'ss' from the iproute package. Similar output but different format.

Thanks  :)

Does this still occur with ss?

chkrootkit-0.50-8.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-b93b991ea4

chkrootkit-0.50-8.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-6c1a60982e

chkrootkit-0.50-8.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2016-533e10ae24

chkrootkit-0.50-8.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-533e10ae24

chkrootkit-0.50-8.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-b93b991ea4

chkrootkit-0.50-8.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-6c1a60982e

chkrootkit-0.50-8.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.

chkrootkit-0.50-8.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

chkrootkit-0.50-8.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.