On 11/20/10 3:19 PM, "Chris" <cpoll...@embarqmail.com> wrote:
> On Fri, 2010-11-19 at 19:38 -0800, Al Varnell wrote: >> On Nov 19, 2010, at 5:21 PM, Chris <cpoll...@embarqmail.com> wrote: >> >>> RKhunter V1.3.6, this apparently started yesterday on my morning >>> rkhunter cronjob. It also reports: >>> >>> Checking version of GnuPG [ Warning ] >>> Warning: Application 'gpg', version '1.4.10', is out of date, and >>> possibly a security risk. >>> Checking version of Apache [ Warning ] >>> Warning: Application 'httpd', version '2.2.15', is out of date, and >>> possibly a security risk. >>> Checking version of OpenSSL [ Warning ] >>> Warning: Application 'openssl', version '1.0.0a', is out of date, and >>> possibly a security risk. >>> >>> Any ideas why this would suddenly pop-up? I haven't run --propupd yet on >>> this though as I'll wait and see what is decided. >> >> I don't think --propped will make any difference to this part of the check. >> >> Did you run --update first? There was an update to the RKH DB in >> conjunction with the rollout of the new version. You do know that v1.3.8 is >> out, right? Lots of good new stuff. >> >> >> Sent from Janet's iPad >> >> -Al- > > I've installed 1.3.8 and get the same warnings: > > [16:45:11] Checking version of GnuPG [ Warning ] > [16:45:11] Warning: Application 'gpg', version '1.4.10', is out of date, > and possibly a security risk. > [16:45:11] Checking version of Apache [ Warning ] > [16:45:11] Warning: Application 'httpd', version '2.2.15', is out of > date, and possibly a security risk. > [16:45:11] Checking version of Bind DNS [ OK ] > [16:45:11] Info: Application 'named' version '9.7.0-P2' found. > [16:45:11] Checking version of OpenSSL [ Warning ] > [16:45:11] Warning: Application 'openssl', version '1.0.0a', is out of > date, and possibly a security risk. > > Yes, I did run --update and --propupd. As I said these warnings didn't > start until two days ago when I was still using 1.3.6 > > While on the Nov 17th run all showed 'Ok' > > [04:16:00] Checking version of GnuPG [ OK ] > [04:16:00] Info: Application 'gpg' version '1.4.10' found. > [04:16:00] Checking version of Apache [ OK ] > [04:16:00] Info: Application 'httpd' version '2.2.15' found. > [04:16:00] Checking version of Bind DNS [ OK ] > [04:16:00] Info: Application 'named' version '9.7.0-P2' found. > [04:16:00] Checking version of OpenSSL [ OK ] > [04:16:00] Info: Application 'openssl' version '1.0.0a' found. > > The 'warnings' started on the 18th > I'm sorry that I'm not making this clear. I'll try again. On the 18th there was a change to the RKHunter database. When you ran --update it downloaded those updated files that included "programs_bad.dat" which is a list of nine applications with versions known to have issues. You have three of those applications which match the database, so you get warnings. The fact that v1.3.8 came out that day was not intended to be part of the solution, just mentioned it since you were two versions behind. If you don't like seeing these warnings than you have two choices. - Update those applications either from whomever provides your OS updates or directly from the source if your OS provider has not patched then in yet. - Decide that they are of no consequence to you and whitelist them in rkhunter.conf or rkhunter.conf.local if you have it. -Al- -- Al Varnell Mountain View, CA ------------------------------------------------------------------------------ Beautiful is writing same markup. Internet Explorer 9 supports standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3. Spend less time writing and rewriting code and more time creating great experiences on the web. Be a part of the beta today http://p.sf.net/sfu/msIE9-sfdev2dev _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
