[Bug 220765] [MAINTAINER] security/rkhunter: Update to 1.4.4

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun Jul 16 14:50:47 UTC 2017 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220765

            Bug ID: 220765
           Summary: [MAINTAINER] security/rkhunter: Update to 1.4.4
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs at FreeBSD.org
          Reporter: lukasz at wasikowski.net

Created attachment 184397
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=184397&action=edit
svn diff updating rkhunter to 1.4.4

Update rkhunter to the latest version.

CHANGELOG:

* 1.4.4 (29/06/2017)

 New:
 - Added the GLOBSTAR configuration file option. This will set the
   shells globstar option to allow recursive checks of directories.
   By default this option is disabled.
 - Added a Japanese translation file.
 - Added support for the 'BSDng' package manager option. This can
   be used by those *BSD systems which have the 'pkg' command
   available (currently later FreeBSD systems).
 - The BSD package manager will now try the 'pkg_info' command '-W'
   option if the '-F' option fails.
 - Added the LOCKDIR configuration option. It is now possible to
   specify the directory rkhunter will use to store the lock file
   (if USE_LOCKING has been set). The default is unset, and this
   will cause rkhunter to look for a directory to use. Details are
   in the configuration file.
 - Added the ALLOWIPCPROC configuration file option. This can be
   used to whitelist suspicious processes using shared memory
   segments (found during the 'ipc_shared_mem' check).

 Changes:
 - The DISABLE_UNHIDE option has been removed from the configuration
   file. It is no longer required as disabling the 'hidden_procs' or
   'hidden_ports' tests has the same effect.
 - The installer now installs directories and executable files with
   mode 700, other files are set as mode 600. The man page is left
   at mode 644. The documentation directory is mode 755, and the
   files within it are mode 644. The 'rkhunter' program itself will
   set the mode of copied files to 600 (for example log files, and
   the passwd/group files).
 - By default the 'apps' test is now disabled in the configuration
   file.
 - The default hash function for the file properties test, given by
   the HASH_CMD option in the configuration file, has now changed
   to SHA256. It was previously SHA1, or MD5 if SHA1 was not found.
 - Previously the lock file (if locking was used) was just an empty
   file. It now contains the PID of the running process.
 - The 'system_configs' test name has now been changed into a test
   group consisting of the two tests 'system_configs_ssh' and
   'system_configs_syslog'. Each test may now be enabled or disabled
   individually.
 - The 'other_malware' test name has been removed, and replaced by
   the 'login_backdoors', 'sniffer_logs', 'tripwire', 'susp_dirs'
   and 'ipc_shared_mem' test names. These are now all part of the
   'malware' test group.

 Bugfixes:
 - Ensure that 'lsof' errors are not displayed.
 - Ensure that 'ipcs' errors and the locale are handled correctly.
 - Correct broken pipe errors in some commands.
 - For Solaris users set the 'awk' command very early on so that
   option processing works correctly.
 - The ALLOWPROCDELFILE option was not handling multiple pathnames
   or wildcards correctly. It was also not handling the option
   pathnames correctly.
 - The SCANROOTKITMODE configuration option was never actually read
   as a configuration option.
 - The '--config-check'/'-C' option could produce incorrect error
   messages in certain circumstances.
 - Setting the ALLOW_SSH_PROT_V1 option to '2' could cause warning
   messages when SSH protocol 1 was allowed.
 - Allow Linux 'grep' to work correctly with binary (i18n) files.
 - Multiple UID0_ACCOUNTS and PWDLESS_ACCOUNTS options were not being
   handled correctly.
 - Uppercase test names were not being handled correctly.
 - Changed the 'logger' command tag from 'Rootkit Hunter' to 'rkhunter'
   to avoid problems with spaces.
 - Ensure that 'fdescfs' filesystems are correctly detected.
 - To try and avoid colour escape sequences being logged, both of
   the variables CLICOLOR and CLICOLOR_FORCE are unset for *BSD and
   SunOS systems.
 - The 'startup_malware' and 'possible_rkt_strings' checks will now
   check systemd startup scripts if they are located in the 
   '/etc/systemd/system' directory.
 - The 'sockstat' command output on BSD systems can become corrupted
   if a username is very long. This is now detected, and processed
   correctly.
 - The 'shared_libs' test now recognises comments in the preload file.
 - The ALLOWPROMISCIF configuration option was not handling multiple
   occurrences correctly. This has now been corrected.
 - Tighten up the input verification check on the mirror file to
   ensure that only URL's are used as a mirror. (CVE-2017-7480)
 - The BSD package manager seemed to be needlessly stripping out
   parts of package names on NetBSD systems. It no longer does this.
 - In certain cases it was possible for certain tests to not display
   any output. This has now been corrected.
 - The installer did not always add the 'rkhunter.d' directory, if
   it existed, to the main configuration file for monitoring.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-ports-bugs mailing list