Package: rkhunter
Version: 1.3.2-6
Severity: important
Tags: lenny
On a server with Debian lenny, I get the following from rkhunter every
day:
| Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a
security risk.
| Warning: Application 'named', version '9.5.1', is out of date, and possibly a
security risk.
| Warning: Application 'openssl', version '0.9.8g', is out of date, and
possibly a security risk.
| Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a
security risk.
Since this is Debian stable, I'm not expecting to run the latest but
I'd hope that there are security updates through Debian. In other
words, this version check is pretty useless in lenny and quite
confusing. (README.Debian also doesn't say how to turn it off, so I
had to look at the sources.)
I see that you've already turned this check off in unstable but I
think this change should also be put into a stable update for lenny.
Thanks.
--
Martin Michlmayr
http://www.cyrius.com/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org