[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1039-1] rkhunter security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : rkhunter
Version        : 1.4.0-1+deb7u1
CVE ID         : CVE-2017-7480


CVE-2017-7480
     The original patch introduces new regex to better check for
     allowed download URLs.
     Other versions of the package in Jessie, Stretch and Sid don't
     apply that patch but just disable the download of everything by
     default via rkhunter.conf.
     In order to make this version consistent with all the other
     distributions and don't break existing installations, this will
     be done in Wheezy as well.


For Debian 7 "Wheezy", these problems have been fixed in version
1.4.0-1+deb7u1.

We recommend that you upgrade your rkhunter packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJZd6wMXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHVMkQAKjggyOPyYQqJUQvTeaROod8
pDu8jQimcYligQ83NU5lezIfheSFpwwRDpTK/QPFFLeyIGpps9tx8bUlaZbUZgpv
tmUK3ur8bhjJFKP8hmjtfbJoSVRd3Ox1EXu9LPKU9ZcHHiWCxXqc9DTNLozm+uL1
va0/W9O1aUTGJWSNYkDIrgkqENBR84Cs8oDGuGeuq7zDsS4Liy6NtBL92YVLmB2f
NCvEtXFRSDEga2wHjALZo+94SH4Nzg2ufDikDRTpo42M+dqkydkkK57Hm3zVEx6p
MAv/nWX9/e3HsPpXOwaOQFEC7yq3XolgpcN8FcqcCxqF2G9EaHQ6vOCnlgxbGWxU
H9eGXtsmy5wsMIez6gToE4on6v4kQkQdxBK4QbCBPiBE6GbbR672d6cWJOr+zMeU
qOIpqXVNxLnKCcI2bAPoq/Hm/bmoZt2DThKLBzfMFR+oplmZwkEQdWRM1fcBHp5s
Zh30QhF/vctpi0XFBA3aHNLp8ygm0ST51e3DWujI34xv6Fnjij/TVJJfI+Kw3bo2
rhyoZ1N3xhjH0OWC6sT2qGX3ltrFO0BUsFomILKcRL4hiKmvzyLzA09RV4jIMA54
Lr0BJWjULs6XLJDUC5qxTSi+TC0QpbANHu0WjOjzWqi12pQUh5JEni5/vIczu+Fy
EQNrAJtno3i3/Z/V5SxO
=8oVk
-----END PGP SIGNATURE-----


Reply to: