Re: rkhunter warning after updating

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 30 Nov 2009 10:09:26 +0100
François Patte <francois.patte@xxxxxxxxxxxxxxxxxxxx> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Bonjour,
> 
> I updated my f10 this week-end (last update before f10
> desappearing...) and today rkhunter sends these warnings:
> 
> Warning: Application 'exim', version '4.69', is out of date, and
> possibly a security risk.
> Warning: Application 'gpg', version '1.4.9', is out of date, and
> possibly a security risk.
> Warning: Application 'httpd', version '2.2.11', is out of date, and
> possibly a security risk.
> Warning: Application 'named', version '9.5.2', is out of date, and
> possibly a security risk.
> Warning: Application 'openssl', version '0.9.8g', is out of date, and
> possibly a security risk.
> Warning: Application 'php', version '5.2.9', is out of date, and
> possibly a security risk.
> Warning: Application 'sshd', version '5.1p1', is out of date, and
> possibly a security risk.
> 
> 
> ??? What can I do else? Upgrade to f12? I don't want to do this now.
> Are f10 packages so obsolete?

Disable the application checks. I am going to likely push out a new
rkhunter package that does this soon. 

The problem is that upstream pushes out a dat file with the versions of
those packages that are up to date and proof against known security
issues. Fedora often backports fixes for stable releases, so the
version isn't very good as an indicator when you are safe or not. 

kevin

Attachment: signature.asc
Description: PGP signature

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux