The Bad Programs database is currently at Version:2014042901which means it has not been updated in almost three years now.
The last time this was discussed there was little to no interest in expending any effort to keep it up-to-date. -Al- On Mon, Apr 03, 2017 at 01:49 PM, Christian Heutger wrote: > Hi, > > my CentOS brings me a warning > > „Warning: Application 'httpd', version '2.4.6', is out of date, and possibly > a security risk.“ > > meanwhile gpg, named, openssl, php, proftpd and sshd should be „safe“. As > it’s usual, that CentOS / RHEL does not provide feature updates but only > patches, I would expect also others popping up to be unsafe/out of date, e.g. > php 5.4.16 is very much out of date, but only httpd does. So I expect, > rkhunter database is aware of CentOS handling, but however has a bug, that > httpd version 2.4.6 although being the newest one for CentOS 7 (with all > patches applied) by error is not recognized to be such a version. > > As it’s usual, that continous errors result in unawareness of real warning, I > would be happy to have a correction of the databse instead of using settings > described on some Google „solutions“ to disable httpd checking. > > Would that be possible? > > Regards, > Christian
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
