Bug#765895: marked as done (rkhunter: maybe the Debian version should deactivate any update functionality)

[Debian Bug Tracking System]

Your message dated Wed, 05 Jul 2017 18:05:02 +
with message-id 
and subject line Bug#765895: fixed in rkhunter 1.4.4-2
has caused the Debian Bug report #765895,
regarding rkhunter: maybe the Debian version should deactivate any update 
functionality
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
765895: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765895
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: rkhunter
Version: 1.4.2-0.1
Severity: wishlist
Tags: security


Hi.

This is something for consideration:
rkhunter has this "updating" functionality, which apparently downloads
new stuff from the web, updates the mirrors list and so on.


In a way I feel that this should be disabled (at lest per default) in
Debian for several reasons:


1) security
While I haven't checked rkhunter in specific, downloading stuff from the,
especially new code or pattern files or anything that is actually
used by a program is always really tricky and difficult.

Signing alone is by far not enough, as this often still allows for
blocking/downgrading attacks.

Some time ago I've started a longer thread about this on debian-devel...


It seems to use wget/curl per default for downloading, which means at
best, everything is SSL/TLS secured,... which basically means no security
at all.
wget/curl, both use per default still SSLv3 (which is broken since POODLE,
latestly)... and even worse,... any CA which is activated in the system,
which is per default a big list, including such untrustworthy fellows
as CNNIC) could forge certificates for the source-forge mirrors and
potentially deliver our users forged files (if MitM attacks are possible
as well).
So I guess it's better to be sceptical... especially since rkhunter
runs as root.


As I said, I don't wanna claim that rkhunter wouldn't do this cleanly,
since I haven't checked it... but even if secure, there comes the
following:




2) if packages "update" themselves, they circumvent the package management
system, which no only does everything from (1) correctly... it should
also be the central point of the system, that updates software and its
code, with only very few execptions (typically highly volatile stuff
like spam filter rules, or virus definition files).

If anything new goes to rkhunter, it should go to Debian via a porper
package upgrade, not via some of rkhunter's own update functions.





That being said,... if you agree, than I think the following changes
to the default confiugration hopefully do the job:

ROTATE_MIRRORS=0 (not strictly necessary)
UPDATE_MIRRORS=0 (do not update mirrors)
MIRRORS_MODE=1 (only use local mirrors, never even try to get anything remote)
UPDATE_LANG=en (do not update language files)
WEB_CMD=/bin/false (let any downloading fail)

Apart from that, --update seems to not work anyway (at least for me
it always fails, even without the options from above).


Cheers,
Chris.
--- End Message ---
--- Begin Message ---
Source: rkhunter
Source-Version: 1.4.4-2

We believe that the bug you reported is fixed in the latest version of
rkhunter, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 765...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Francois Marier  (supplier of updated rkhunter package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 05 Jul 2017 10:39:31 -0700
Source: rkhunter
Binary: rkhunter
Architecture: source all
Version: 1.4.4-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Forensics 
Changed-By: Francois Marier 
Description:
 rkhunter   - rootkit, backdoor, sniffer and exploit scanner
Closes: 765895
Changes:
 rkhunter (1.4.4-2) unstable; urgency=medium
 .
   * Disable remote updates to prevent bugs like CVE-2017-7480 in the
 future (closes: #765895).
   * Include db files in md5sums and remove lintian overrides.
   * Use standard file permissions for db files and remove lintian overrides.
Checksums-Sha1:
 9bc46b375973ee754a764e42d345b59f7e278bfd 2083 rkhunter_1.4.4-2.dsc
 

rkhunter_1.4.4-2_amd64.changes ACCEPTED into unstable

[Debian FTP Masters]

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 05 Jul 2017 10:39:31 -0700
Source: rkhunter
Binary: rkhunter
Architecture: source all
Version: 1.4.4-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Forensics 
Changed-By: Francois Marier 
Description:
 rkhunter   - rootkit, backdoor, sniffer and exploit scanner
Closes: 765895
Changes:
 rkhunter (1.4.4-2) unstable; urgency=medium
 .
   * Disable remote updates to prevent bugs like CVE-2017-7480 in the
 future (closes: #765895).
   * Include db files in md5sums and remove lintian overrides.
   * Use standard file permissions for db files and remove lintian overrides.
Checksums-Sha1:
 9bc46b375973ee754a764e42d345b59f7e278bfd 2083 rkhunter_1.4.4-2.dsc
 3fa03853195746f5a0dae1baa3a0ba11997a56b5 26328 rkhunter_1.4.4-2.debian.tar.xz
 f79eeb0768e4c0b5c4bdacda56baed5db3cbbd4c 251448 rkhunter_1.4.4-2_all.deb
 e0246e2b93a0e49edbba7d34155079dba06ac4ad 5577 rkhunter_1.4.4-2_amd64.buildinfo
Checksums-Sha256:
 43d750ef7f66f7c15125ea6840f2eacab44c48d7f07aa01e13e46d1b8d639c2b 2083 
rkhunter_1.4.4-2.dsc
 6828212eda0972569da8b21c9f843772dc7d111883c9197eede4d52632e0bbae 26328 
rkhunter_1.4.4-2.debian.tar.xz
 28233d221fe74acfa39e3dd82cf1ad9b1fe1619c48a20869d199342cdfbca760 251448 
rkhunter_1.4.4-2_all.deb
 f39be8a965fc19acea1b7989f58fae5bd84da107218fd4e8e146ba1eb5348301 5577 
rkhunter_1.4.4-2_amd64.buildinfo
Files:
 26c7c5e506987f0613cabbd33dd92de3 2083 admin optional rkhunter_1.4.4-2.dsc
 52db5487aa1000b155137b022a59ae59 26328 admin optional 
rkhunter_1.4.4-2.debian.tar.xz
 902938cf3209214fff2586ca28eb4855 251448 admin optional rkhunter_1.4.4-2_all.deb
 9a0ba05f1e396027d10447cafd3f4e42 5577 admin optional 
rkhunter_1.4.4-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQKoBAEBCgCSFiEEjEcLKgsxVo4RDUMlFigfLgB8mNEFAlldJrxfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDhD
NDcwQjJBMEIzMTU2OEUxMTBENDMyNTE2MjgxRjJFMDA3Qzk4RDEUHGZyYW5jb2lz
QGRlYmlhbi5vcmcACgkQFigfLgB8mNEE8w/8Dn1IHXUJ4TW0P2i1XqxbTw9z0hsG
szAvctXHVqViLFF6WCBQeUxU7Cl/xu9tMdV87tTmd4b3XNPed5dHwEN7M72BbZ+Z
GPDGgARX0hlJpQ2NqrvLKNl/l9lxAsywdyRjzPf/47DNrQ51vmjA+hhfp+sWFPm9
ms5gQ/uQIqOASHbmq4bYEDRE9ddeEhQqLfRsz5SN8z80mHP/e1+NkcGc8bFywx1o
deMDpTm3SmL1dn7lDo0o+wfFBCdnjG/GQ4I8jwV7fYcLpOH9RmDx8itOgQCD2dQ7
4ia4U2gRhAalgnh6atxO9ZYzMwYIutSgGOqu5oUiSz/ow8ppmmYlShgdZH9bbFg5
jHQ4rf8gBPsRnUdS32rEVT5ZByw6mdyxsn/8vhxfYNssmZty5yhs9frW4R6TUgny
nW9Fx7sr+zayAbbsLTbh6ypxB2bqr1ihiagnMKTU7sy6VP4J79+Ymivpd9+OdYDB
igJ1xXYoLZqrI1Q/5hZUSGqFpQFd974t4GmbNFI4XhTo8fIqjW0hX++IJwPuFQvs
WiRfN7cpHRy3SZgH5iFtK0QQ5RkN8GpsG6l2yp3z6hJKJJ4T7yWUGd9vt3LOOzaS
H0sRdHftPNksMRiPV0nvKNs0SQ1DcixJHezcJ7XtFiWw2JkGTTR35n83t6Hp9eSp
Exd9bZRiozmKWC4=
=6Tlb
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Processing of rkhunter_1.4.4-2_amd64.changes

[Debian FTP Masters]

rkhunter_1.4.4-2_amd64.changes uploaded successfully to localhost
along with the files:
  rkhunter_1.4.4-2.dsc
  rkhunter_1.4.4-2.debian.tar.xz
  rkhunter_1.4.4-2_all.deb
  rkhunter_1.4.4-2_amd64.buildinfo

Greetings,

Your Debian queue daemon (running on host usper.debian.org)

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Processing of yara_3.6.3+dfsg-1_source.changes

[Debian FTP Masters]

yara_3.6.3+dfsg-1_source.changes uploaded successfully to localhost
along with the files:
  yara_3.6.3+dfsg-1.dsc
  yara_3.6.3+dfsg.orig.tar.xz
  yara_3.6.3+dfsg-1.debian.tar.xz
  yara_3.6.3+dfsg-1_source.buildinfo

Greetings,

Your Debian queue daemon (running on host usper.debian.org)

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

Informations Impôts 2018

[Les Experts Fiscalité]

Bénéficiez d'une rentabilité de 6% par an en investissant dans un Loué Meublé.

Si vous ne pouvez pas lire cet email, suivre ce lien 
(http://front.info-expert-1.com/php/emailing/view_mail.php?CODE=95L0VZ2M_11177=70b8064770dbe5ebc431f81662f2c053)


Les Experts Fiscalité





Les experts de la Fiscalité 
(http://lt.info-expert-1.com/r.php?i=95L0VZ2M_11177_1=http%3A%2F%2Fid3297.r.info-expert-1.com%2FInvest-lmnp-no-sms%2F%3Futm_source%3Dgulli_lmnp_guide_mini_47)

Investissez dans un Loué Meubléet bénéficiez d'une rentabilité de 6%/an






 
(http://lt.info-expert-1.com/r.php?i=95L0VZ2M_11177_1=http%3A%2F%2Fid3297.r.info-expert-1.com%2FInvest-lmnp-no-sms%2F%3Futm_source%3Dgulli_lmnp_guide_mini_47)

Dcouvrez les avantages de la loi Censi-Bouvard (LMNP):
0 € d’impôts pendant 12 ans
L’assurance d’un revenu complémentaire (6% par an)
Recevez votre guide gratuit
Rapide et sans engagement !


+ GUIDE OFFERT Loi LMNP 2017 



Les avantages de l'investissement lmnp 2017



Constituez vousun patrimoine

33 000 € d’économiesd’impôts en 12 ans

Profitez d’un revenucomplémentaire

Devenez propriétairesans apport






Etablissez votre bilan fiscal avec notre expert - gratuit et sans engagement 
(http://lt.info-expert-1.com/r.php?i=95L0VZ2M_11177_1=http%3A%2F%2Fid3297.r.info-expert-1.com%2FInvest-lmnp-no-sms%2F%3Futm_source%3Dgulli_lmnp_guide_mini_47)
Plan de relance immobilier du gouvernement 
(http://lt.info-expert-1.com/r.php?i=95L0VZ2M_11177_1=http%3A%2F%2Fid3297.r.info-expert-1.com%2FInvest-lmnp-no-sms%2F%3Futm_source%3Dgulli_lmnp_guide_mini_47)


La loi LMNP vous permet vous de déduire (de votre impôt sur le revenu) jusqu'à 
21% du montant de votre investissement (réparti de manière linéaire sur toute 
la durée de location) sur l’achat d’un bien immobilier neuf, dédié à la 
location pendant une durée minimum.
Votre réduction d'impôt varie en fonction de la durée de location que vous 
envisagez au moment de l’achat :
• Pour une location équivalent à 6 années, votre réduction d’impôt sera de 12 % 
du montant de l’achat
• Pour une location équivalent à 9 années, votre réduction d’impôt sera de 18 % 
du montant de l’achat
• Pour une location équivalent à 12 années, votre réduction d’impôt sera de 21 
% du montant de l’achat
A titre d'exemple, pour l'achat d'un appartement neuf de 300 000€, vous pourrez 
déduire jusqu'à 33 000 € de vos impôts sur 12 ans. Votre bien ne vous coûte 
plus que 267 000€ auxquels viendront se soustraire les loyers perçus pendant 12 
ans.







Si vous voulez vous dsinscrire, suivre ce lien 
(http://front.info-expert-1.com/php/emailing/u.php?CODE=95L0VZ2M_11177=70b8064770dbe5ebc431f81662f2c053)

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel

dfdatetime_20170704-1_source.changes ACCEPTED into unstable

[Debian FTP Masters]

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 05 Jul 2017 09:06:18 +0200
Source: dfdatetime
Binary: python-dfdatetime python3-dfdatetime
Architecture: source
Version: 20170704-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Forensics 
Changed-By: Hilko Bengen 
Description:
 python-dfdatetime - Digital Forensics date and time library for Python 2
 python3-dfdatetime - Digital Forensics date and time library for Python 3
Changes:
 dfdatetime (20170704-1) unstable; urgency=medium
 .
   * New upstream version 20170704
   * Bump Standards-Version, Debhelper compat level
Checksums-Sha1:
 705d5d5940d3bd3ed5a015fe0678f3b295d7bf62 2128 dfdatetime_20170704-1.dsc
 a6a83712e5edfbd54459a9e98d22c7625b3b0f01 75571 dfdatetime_20170704.orig.tar.gz
 1e3b8108f89c19625ba15a372718a10733c21544 2072 
dfdatetime_20170704-1.debian.tar.xz
 bdda40ca153b21bb16f23b9746fbeca321e0487c 6791 
dfdatetime_20170704-1_source.buildinfo
Checksums-Sha256:
 950c3564011e27c54373f74c7980dea98404aa2f65b43921f593c4732997327c 2128 
dfdatetime_20170704-1.dsc
 f100768568322aacae2a153d47a9571fdedbc6b1d2e4e1ba0f68ea715e59d4b3 75571 
dfdatetime_20170704.orig.tar.gz
 05a1dff46e162de391b3522158e60a33214687b6d6c5a45f387c742427b4f7e2 2072 
dfdatetime_20170704-1.debian.tar.xz
 24ec36cf8af0ae8e669182855ae0e8c9db1d2fb17b1c77d636cabc578745178b 6791 
dfdatetime_20170704-1_source.buildinfo
Files:
 1811003f9d73f57103bb0adaf4dd113d 2128 python optional dfdatetime_20170704-1.dsc
 56f8593b0d8e5280535a28bad1d71b25 75571 python optional 
dfdatetime_20170704.orig.tar.gz
 808bc15cae58b2e7012d9bd100f6f78c 2072 python optional 
dfdatetime_20170704-1.debian.tar.xz
 05629111c411213f2a288319f1e4c0b9 6791 python optional 
dfdatetime_20170704-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAllcj/oACgkQdbcQY1wh
On4yEQ//WTV4HdJLemJEvQKUSxHiS+6h57NwSXF43lVLmIAPEsY3mwQIpZ2G464p
Hq2zdJkID4a49DE9MI2c7BnuEvrd94G+kF/nXq4qfxMgLeMNkOW/U7gXZ4IMMGeu
Pwshyq498F+n9PBcVIcwO/fyMA6Hz6l/80HcGCo3qAedjnbNOY1CP5lezeux1Jxa
7632VpUlPmbbrzt3DvKsPeOQrwC0645syL5+ZtXlUGYXY0U1rKZzQVLwuJB8DwDX
RUAr7dCmCS+qnEPTQwEo6qvHns8C4QCcrfp6P/PFPzS9f4tFQlNqV/bW8SASgDlM
l+rGd4tgWeOONoSmRJhSUHf4AeVz+NcDMJ4giYm6AGgSvJWQ4mCuZpP62OafLPjx
Zj25aSb5k3UxUkq4PAmx4DkX83jd/JKeRlZDWXJ8OLsu4TpyK7gXISpiJTN1HXkD
eLVTabQw7NtwpyA7EiFVEv+V6Nw18fBrWGsrlKmoaXpu27rRBzxVlk2L2JVuBLrs
0BIzGoqsDqbxUjq+E2Qe+xIy+Kgm67359I09BUbOFi7A+lifBVi94/+/3USh7vCd
lrjcCwfUOsFKfA2nOKpkeaOns1o9sXGMwo54QCgOz7y89Tw4al4rkZtKlmPwlsn1
e0L0kNz3a9LoyzwYWx8xHDRUAHcYc5rpxNt560HsDt/pzjIETA4=
=WEyr
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel