On Thu, Dec 17, 2009 at 7:52 PM, Andrew Cholakian <[email protected]> wrote: > furicle, while it is true that Ubuntu backports fixes from upstream > versions its incorrect to say that the version number doesn't change. > For instance, on Hardy at the moment the current version of PHP is PHP > 5.2.4-2ubuntu5.9 , Ubuntu doesn't increment the 5.2.4-2 part, but it > does increment the ubuntu5.9 part. For the white list scheme to work, > every Ubuntu package rkhunter looks at would have to synchronize its > releases with concurrent updates of the rkhunter white list. That hardly > seems worth it to me.
But rkhunter does not check the packaging version number with the appcheck - just the 'upstream' version number. That doesn't change. It's only a handful of packages, once every six months. It's really not a big deal. That line I provided is all it takes. The packaging changes are covered via the apt system in a different way. That's why apt is hooked to run rkhunter --propupd when you install/upgrade. -- rkhunter reports openssl and sshd versions out of date https://bugs.launchpad.net/bugs/493607 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
