rpms/rkhunter/F-12 rkhunter.spec, 1.30, 1.31 rkhunter-1.3.6-fedoraconfig.patch, 1.3, 1.4
Kevin Fenzi
kevin at fedoraproject.org
Sun Jun 27 00:44:46 UTC 2010
- Previous message: rpms/jack_capture/F-12 .cvsignore, 1.7, 1.8 jack_capture.spec, 1.7, 1.8 sources, 1.7, 1.8
- Next message: rpms/GtkAda/devel GtkAda-2.14.0-GTK+-2.21.patch, NONE, 1.1 GtkAda.spec, 1.35, 1.36
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: kevin
Update of /cvs/pkgs/rpms/rkhunter/F-12
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv22219
Modified Files:
rkhunter.spec rkhunter-1.3.6-fedoraconfig.patch
Log Message:
Add ipsec.hmac exclude - bug #560594
Change config to not specify XINETD_PATH - bug #560562
Index: rkhunter.spec
===================================================================
RCS file: /cvs/pkgs/rpms/rkhunter/F-12/rkhunter.spec,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -p -r1.30 -r1.31
--- rkhunter.spec 24 Jan 2010 01:42:58 -0000 1.30
+++ rkhunter.spec 27 Jun 2010 00:44:45 -0000 1.31
@@ -1,6 +1,6 @@
Name: rkhunter
Version: 1.3.6
-Release: 4%{?dist}
+Release: 7%{?dist}
Summary: A host-based tool to scan for rootkits, backdoors and local exploits
Group: Applications/System
@@ -95,6 +95,16 @@ EOF
%{_mandir}/man8/*
%changelog
+* Sat Jun 05 2010 Kevin Fenzi <kevin at tummy.com> - 1.3.6-7
+- Add ipsec.hmac exclude - bug #560594
+
+* Fri May 28 2010 Kevin Fenzi <kevin at tummy.com> - 1.3.6-6
+- Add exclude for md-device-map - bug #596731
+- Supress ssh version check - bug #596775
+
+* Sat Mar 06 2010 Kevin Fenzi <kevin at tummy.com> - 1.3.6-5
+- Change config to not specify XINETD_PATH - bug #560562
+
* Sat Jan 23 2010 Kevin Fenzi <kevin at tummy.com> - 1.3.6-4
- Change email to just root instead of root at localhost - bug #553179
- Add .k5login.5.gz to files whitelist - bug #553134
rkhunter-1.3.6-fedoraconfig.patch:
rkhunter.conf | 89 ++++++++++++++++++++++++++++++++--------------------------
1 file changed, 50 insertions(+), 39 deletions(-)
Index: rkhunter-1.3.6-fedoraconfig.patch
===================================================================
RCS file: /cvs/pkgs/rpms/rkhunter/F-12/rkhunter-1.3.6-fedoraconfig.patch,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- rkhunter-1.3.6-fedoraconfig.patch 24 Jan 2010 01:42:58 -0000 1.3
+++ rkhunter-1.3.6-fedoraconfig.patch 27 Jun 2010 00:44:45 -0000 1.4
@@ -1,6 +1,6 @@
diff -Nur rkhunter-1.3.6.orig/files/rkhunter.conf rkhunter-1.3.6/files/rkhunter.conf
--- rkhunter-1.3.6.orig/files/rkhunter.conf 2009-11-28 15:13:19.000000000 -0700
-+++ rkhunter-1.3.6/files/rkhunter.conf 2010-01-23 18:03:32.000000000 -0700
++++ rkhunter-1.3.6/files/rkhunter.conf 2010-06-05 12:07:58.000000000 -0600
@@ -71,7 +71,7 @@
# NOTE: This option should be present in the configuration file.
#
@@ -65,6 +65,15 @@ diff -Nur rkhunter-1.3.6.orig/files/rkhu
#
# Set this option to '1' to allow the use of the SSH-1 protocol, but note
+@@ -207,7 +207,7 @@
+ # configuration file, then a value of '2' may be set here in order to
+ # suppress a warning message. This option has a default value of '0'.
+ #
+-ALLOW_SSH_PROT_V1=0
++ALLOW_SSH_PROT_V1=2
+
+ #
+ # This setting tells rkhunter the directory containing the SSH configuration
@@ -236,7 +236,7 @@
# tests, the test names, and how rkhunter behaves when these options are used.
#
@@ -99,7 +108,7 @@ diff -Nur rkhunter-1.3.6.orig/files/rkhu
#
# Allow the specified commands to have the immutable attribute set.
-@@ -406,37 +409,41 @@
+@@ -406,37 +409,42 @@
# Allow the specified hidden directories.
# One directory per line (use multiple ALLOWHIDDENDIR lines).
#
@@ -162,10 +171,11 @@ diff -Nur rkhunter-1.3.6.orig/files/rkhu
+ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
+ALLOWHIDDENFILE=/dev/.mdadm.map
+ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
++ALLOWHIDDENFILE=/usr/sbin/.ipsec.hmac
#
# Allow the specified processes to use deleted files.
-@@ -495,7 +502,7 @@
+@@ -495,10 +503,11 @@
# ALLOWDEVFILE lines).
#
#ALLOWDEVFILE=/dev/abc
@@ -174,16 +184,11 @@ diff -Nur rkhunter-1.3.6.orig/files/rkhu
#ALLOWDEVFILE=/dev/shm/sem.ADBE_ReadPrefs_*
#ALLOWDEVFILE=/dev/shm/sem.ADBE_REL_*
#ALLOWDEVFILE=/dev/shm/sem.ADBE_WritePrefs_*
-@@ -536,7 +543,7 @@
- # This setting tells rkhunter where the xinetd configuration
- # file is located.
- #
--#XINETD_CONF_PATH=/etc/xinetd.conf
-+XINETD_CONF_PATH=/etc/xinetd.conf
++ALLOWDEVFILE=/dev/md/md-device-map
#
- # Allow the following enabled xinetd services. Whilst it would be
-@@ -822,3 +829,5 @@
+ # This setting tells rkhunter where the inetd configuration
+@@ -822,3 +831,5 @@
# Enabling this feature implies you have the knowledge to interprete results properly.
#
#SCANROOTKITMODE=THOROUGH
- Previous message: rpms/jack_capture/F-12 .cvsignore, 1.7, 1.8 jack_capture.spec, 1.7, 1.8 sources, 1.7, 1.8
- Next message: rpms/GtkAda/devel GtkAda-2.14.0-GTK+-2.21.patch, NONE, 1.1 GtkAda.spec, 1.35, 1.36
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list