Package: rkhunter Version: 1.3.2-6 Severity: important Tags: lenny On a server with Debian lenny, I get the following from rkhunter every day:
| Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a security risk. | Warning: Application 'named', version '9.5.1', is out of date, and possibly a security risk. | Warning: Application 'openssl', version '0.9.8g', is out of date, and possibly a security risk. | Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a security risk. Since this is Debian stable, I'm not expecting to run the latest but I'd hope that there are security updates through Debian. In other words, this version check is pretty useless in lenny and quite confusing. (README.Debian also doesn't say how to turn it off, so I had to look at the sources.) I see that you've already turned this check off in unstable but I think this change should also be put into a stable update for lenny. Thanks. -- Martin Michlmayr http://www.cyrius.com/ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

