On Mon, 30 Nov 2009 10:09:26 +0100 François Patte <francois.patte@xxxxxxxxxxxxxxxxxxxx> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Bonjour, > > I updated my f10 this week-end (last update before f10 > desappearing...) and today rkhunter sends these warnings: > > Warning: Application 'exim', version '4.69', is out of date, and > possibly a security risk. > Warning: Application 'gpg', version '1.4.9', is out of date, and > possibly a security risk. > Warning: Application 'httpd', version '2.2.11', is out of date, and > possibly a security risk. > Warning: Application 'named', version '9.5.2', is out of date, and > possibly a security risk. > Warning: Application 'openssl', version '0.9.8g', is out of date, and > possibly a security risk. > Warning: Application 'php', version '5.2.9', is out of date, and > possibly a security risk. > Warning: Application 'sshd', version '5.1p1', is out of date, and > possibly a security risk. > > > ??? What can I do else? Upgrade to f12? I don't want to do this now. > Are f10 packages so obsolete? Disable the application checks. I am going to likely push out a new rkhunter package that does this soon. The problem is that upstream pushes out a dat file with the versions of those packages that are up to date and proof against known security issues. Fedora often backports fixes for stable releases, so the version isn't very good as an indicator when you are safe or not. kevin
Attachment:
signature.asc
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines