On Mon, 30 Nov 2009 10:09:26 +0100
François Patte <francois.pa...@mi.parisdescartes.fr> wrote:

> Hash: SHA1
> Bonjour,
> I updated my f10 this week-end (last update before f10
> desappearing...) and today rkhunter sends these warnings:
> Warning: Application 'exim', version '4.69', is out of date, and
> possibly a security risk.
> Warning: Application 'gpg', version '1.4.9', is out of date, and
> possibly a security risk.
> Warning: Application 'httpd', version '2.2.11', is out of date, and
> possibly a security risk.
> Warning: Application 'named', version '9.5.2', is out of date, and
> possibly a security risk.
> Warning: Application 'openssl', version '0.9.8g', is out of date, and
> possibly a security risk.
> Warning: Application 'php', version '5.2.9', is out of date, and
> possibly a security risk.
> Warning: Application 'sshd', version '5.1p1', is out of date, and
> possibly a security risk.
> ??? What can I do else? Upgrade to f12? I don't want to do this now.
> Are f10 packages so obsolete?

Disable the application checks. I am going to likely push out a new
rkhunter package that does this soon. 

The problem is that upstream pushes out a dat file with the versions of
those packages that are up to date and proof against known security
issues. Fedora often backports fixes for stable releases, so the
version isn't very good as an indicator when you are safe or not. 


Attachment: signature.asc
Description: PGP signature

fedora-list mailing list
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

Reply via email to