Package: rkhunter
Version: 1.3.2-6
Severity: important
Tags: lenny

On a server with Debian lenny, I get the following from rkhunter every
day:

| Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a 
security risk.
| Warning: Application 'named', version '9.5.1', is out of date, and possibly a 
security risk.
| Warning: Application 'openssl', version '0.9.8g', is out of date, and 
possibly a security risk.
| Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a 
security risk.

Since this is Debian stable, I'm not expecting to run the latest but
I'd hope that there are security updates through Debian.  In other
words, this version check is pretty useless in lenny and quite
confusing. (README.Debian also doesn't say how to turn it off, so I
had to look at the sources.)

I see that you've already turned this check off in unstable but I
think this change should also be put into a stable update for lenny.

Thanks.

-- 
Martin Michlmayr
http://www.cyrius.com/



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to