I just took a look at the patchset mirror://gentoo/arpwatch-patchset-0.5.tbz2 and i think the mentioned code lines are in /var/tmp/portage/net-analyzer/arpwatch-2.1.15-r6/work/arpwatch-patchset/08_all_arpwatch-2.1a15-drop-priveleges.patch
Personally debian gave me the hint: http://lists.debian.org/debian-security-announce/2012/msg00121.html
Previous comments have proper link to other distro patches. Maintainer/project please bump with appropriate patch. No rdeps present so this is a candidate for tree cleaning.
Arch teams, please test and mark stable: =net-analyzer/arpwatch-2.1.15-r8 Targeted stable KEYWORDS : amd64 hppa ppc sparc x86
Stable for HPPA.
amd64 stable
x86 stable
ppc stable
sparc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
GLSA request opened.
@maintainer, still pending cleanup. Please let us know when complete or if you are unable to. Thanks.
This issue was resolved and addressed in GLSA 201607-16 at https://security.gentoo.org/glsa/201607-16 by GLSA coordinator Aaron Bauman (b-man).