** Changed in: rkhunter (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/493607
Title:
rkhunter reports openssl and sshd versions out of date
--
Please note: One has to have a blank at the start and the end of the
APP_WHITELIST in rkhunter.conf. Like
APP_WHITELIST= openssl:0.9.8g sshd:4.7p1
otherwise first and last entry will never match, as the test used is
if [ -n `echo \${APP_WHITELIST}\ | grep \ ${APPLICATION}:${RKHTMPVAR} \`
];
** Changed in: rkhunter (Debian)
Status: Unknown = Fix Released
--
rkhunter reports openssl and sshd versions out of date
https://bugs.launchpad.net/bugs/493607
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
furicle,
It looks to me that every security release would require an update to
the white list unless I'm mistaken. I just don't see this happening.
Flat out skipping the apps check will likely be more practical for
rkhunter's maintainer. It's been about a week since this was reported,
and the
On Thu, Dec 17, 2009 at 12:23 PM, Andrew Cholakian andre...@gmail.com wrote:
furicle,
It looks to me that every security release would require an update to
the white list unless I'm mistaken.
I don't so. The problem is because they (Debian based distros like
Ubuntu) PATCH the current version
furicle, while it is true that Ubuntu backports fixes from upstream
versions its incorrect to say that the version number doesn't change.
For instance, on Hardy at the moment the current version of PHP is PHP
5.2.4-2ubuntu5.9 , Ubuntu doesn't increment the 5.2.4-2 part, but it
does increment the
On Thu, Dec 17, 2009 at 7:52 PM, Andrew Cholakian andre...@gmail.com wrote:
furicle, while it is true that Ubuntu backports fixes from upstream
versions its incorrect to say that the version number doesn't change.
For instance, on Hardy at the moment the current version of PHP is PHP
An easier way to bypass this than white listing (at least for cron jobs)
is to simply have it skip the application check. Just set the
environment variable $RK_OPT to '--skip-version-check'. The rkhunter
cron job automatically adds the contents of $RK_OPT to the rkhunter
command line.
--
My apologies, it appears that the --skip-application-check flag doesn't
work after all.
--
rkhunter reports openssl and sshd versions out of date
https://bugs.launchpad.net/bugs/493607
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
It does appear that adding 'apps' to the DISABLE_TESTS option in
/etc/rkhunter.conf does work.
--
rkhunter reports openssl and sshd versions out of date
https://bugs.launchpad.net/bugs/493607
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
On Wed, Dec 16, 2009 at 12:45 PM, Andrew Cholakian andre...@gmail.com wrote:
It does appear that adding 'apps' to the DISABLE_TESTS option in
/etc/rkhunter.conf does work.
Sure, but wouldn't it be better to only whitelist certain versions
rather than skipping them altogether? Keep the
** Bug watch added: Debian Bug tracker #560157
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560157
** Also affects: rkhunter (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560157
Importance: Unknown
Status: Unknown
** Changed in: rkhunter (Ubuntu)
About the colons, look in /var/log/rkhunter, and it'll tell you exactly
what to whitelist. For named, I had to use named:9.4.2.
Still, it seems silly that I have to whitelist apps that are in Ubuntu
because of a root-kit checker that is in Ubuntu. I would have hoped
that the distro would be
13 matches
Mail list logo
