recently, 3-5 days ago, rkhutner started giving me these warnings: Code: Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a security risk. Warning: Application 'openssl', version '0.9.8g', is out of date, and possibly a security risk. Warning: Application 'php', version '5.2.6', is out of date, and possibly a security risk. Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a security risk. One or more warnings have been found while checking the system. Please check the log file (/var/log/rkhunter.log) I am jsut wondering now, as I keep my system up to date with apt-get dist-upgrade and have the newest upgrades. What to do about these warnigns now?
If you update files that are being monitored by rkhunter, you ned to update the rkhunter database file as well so it knows the files are updated. Code: rkhunter --propupd was the command for that if i'm not mistaken.
I knew that, I was doing that when rkhutner was alertign em that some fiels had changed where I knew I had changed them, but this seemed different to me, its complaining about old versions but my system is up to date, that is what confused me..
interresting, i got the exact same mail today from rkhunter the apt repos ain't updated, for debian, so can't download newer versions (i think they've updated the rkhunter db and decided to spam these warnings)
i know, i have the same warnings every day in my mailbox I think it's nothing really to worrie about .. when you use the apt repo's then you're stuck with the version that it supplies .. you can manually install the software upgrades, but won't advise it. So i guess we've to wait until there is a .deb file for it.
Debian updates these applications which patches without rising the version number. So your server is secure and these warnings are wrong as long as you install all available updates with apt.
