On Fri, 15 Oct 2004 13:43:25 +0200, François Patte wrote: > > Bonjour, > > who has experienced rkhunter? I have just installed it and tried and everything > seems ok on my machine, expect these warning messages: > > * Application version scan > - GnuPG 1.2.3 [ Vulnerable ] > - Apache 2.0.47 [ Vulnerable ] > - OpenSSL 0.9.7a [ Vulnerable ] > - PHP 4.3.3 [ Vulnerable ] > - OpenSSH 3.6.1p2 [ Vulnerable ] > Are fedoralegacy mirrors not up to date or rkhunter is wrong? The latter. It makes false assumptions about version numbers and doesn't know about backported security fixes. http://www.redhat.com/advice/speaks_backport.html The fedora.us package of rkhunter has this check disabled by default. -- Fedora Core release 2 (Tettnang) - Linux 2.6.8-1.541 loadavg: 0.00 0.02 0.07
