Re: rkhunter warning after updating

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2009/11/30 Kevin Fenzi <kevin@xxxxxxxxx>:
> On Mon, 30 Nov 2009 10:09:26 +0100
> François Patte <francois.patte@xxxxxxxxxxxxxxxxxxxx> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Bonjour,
>>
>> I updated my f10 this week-end (last update before f10
>> desappearing...) and today rkhunter sends these warnings:
>>
>> Warning: Application 'exim', version '4.69', is out of date, and
>> possibly a security risk.
>> Warning: Application 'gpg', version '1.4.9', is out of date, and
>> possibly a security risk.
>> Warning: Application 'httpd', version '2.2.11', is out of date, and
>> possibly a security risk.
>> Warning: Application 'named', version '9.5.2', is out of date, and
>> possibly a security risk.
>> Warning: Application 'openssl', version '0.9.8g', is out of date, and
>> possibly a security risk.
>> Warning: Application 'php', version '5.2.9', is out of date, and
>> possibly a security risk.
>> Warning: Application 'sshd', version '5.1p1', is out of date, and
>> possibly a security risk.
>>
>>
>> ??? What can I do else? Upgrade to f12? I don't want to do this now.
>> Are f10 packages so obsolete?
>
> Disable the application checks. I am going to likely push out a new
> rkhunter package that does this soon.
>
> The problem is that upstream pushes out a dat file with the versions of
> those packages that are up to date and proof against known security
> issues. Fedora often backports fixes for stable releases, so the
> version isn't very good as an indicator when you are safe or not.

That's good info. I had a customer today who suddenly got these
warnings from his rkhunter install (on RHEL) - so I'm guessing this is
a recent dat file upgrade. I might tell him to disable the application
checks too ;o)

--
Sam

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux