Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 17 Feb 2009 19:47:38 GMT
From:      Dan Voisine <voisined@wit.edu>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/131786: [PATCH] Update security/rkhunter to 1.3.4
Message-ID:  <200902171947.n1HJlchQ048254@www.freebsd.org>
Resent-Message-ID: <200902171950.n1HJo2Eo087760@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         131786
>Category:       ports
>Synopsis:       [PATCH] Update security/rkhunter to 1.3.4
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Feb 17 19:50:02 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Dan Voisine
>Release:        7.1-RELEASE FreeBSD
>Organization:
>Environment:
FreeBSD *.*.* 7.1-RELEASE FreeBSD 7.1-RELEASE #0: Thu Jan  1 14:37:25 UTC 2009     root@logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386

>Description:
Update rkhunter to 1.3.4

The change log lists 4 additions, 8 changes and 9 bugfixes. Naming a few:

    * Added IntoXonia-NG rootkit check.
    * Added Phalanx2 rootkit check.
    * Added support for TCB shadow files.
    * The '--propupd' option can now take an optional file, directory or package name after it.
    * Revised file properties inode check.
    * Tests against the SSH configuration file now accept the key/value pair.
    * Improved the O/S name detection.
    * The Linux 'os_specific' test has now been split into two separate tests.
    * Improved ALLOWPROCDELFILE configuration option.
    * Improved hidden files and directories check.
    * The DBDIR directory can now be read-only, after installation.
    * Improved debug file option.
    * The system startup file and directory tests have now been merged. 
>How-To-Repeat:
n/a
>Fix:
Apply patch

Patch attached with submission follows:

--- Makefile.orig	2008-06-06 10:01:04.000000000 -0400
+++ Makefile	2009-01-26 14:18:54.000000000 -0500
@@ -6,8 +6,7 @@
 #
 
 PORTNAME=	rkhunter
-PORTVERSION=	1.3.2
-PORTREVISION=	1
+PORTVERSION=	1.3.4
 CATEGORIES=	security
 MASTER_SITES=	SF
 
--- distinfo.orig	2008-04-29 07:51:34.000000000 -0400
+++ distinfo	2009-01-26 14:17:14.000000000 -0500
@@ -1,3 +1,3 @@
-MD5 (rkhunter-1.3.2.tar.gz) = a00ff64d7076d6ff47ef0c9f0b6202f2
-SHA256 (rkhunter-1.3.2.tar.gz) = 2a325acedc094bc5ae9d5a3326af760bb376d5a1122c433d22477968eec1eebd
-SIZE (rkhunter-1.3.2.tar.gz) = 269563
+MD5 (rkhunter-1.3.4.tar.gz) = 31eaacc4d01ad138d1a4283f105088e6
+SHA256 (rkhunter-1.3.4.tar.gz) = 
+d85d179850fee8ab04bc1733680c9c6dd8a1577975c12554db9c52bf4f7c50ba
+SIZE (rkhunter-1.3.4.tar.gz) = 275653


--- files/patch-rkhunter.orig	2007-10-20 19:51:21.000000000 -0400
+++ files/patch-rkhunter	2009-02-17 14:26:23.000000000 -0500
@@ -1,11 +1,13 @@
---- files/rkhunter.orig	Wed Oct 17 14:03:56 2007
-+++ files/rkhunter	Wed Oct 17 14:06:00 2007
-@@ -7959,7 +7959,7 @@
+--- files/rkhunter.orig	2009-02-17 14:24:32.000000000 -0500
++++ files/rkhunter	2009-02-17 14:25:25.000000000 -0500
+@@ -8448,8 +8448,8 @@
  	SOCKSTAT_CMD=`find_cmd sockstat`
  
  	if [ -n "${SOCKSTAT_CMD}" -a -n "${NETSTAT_CMD}" -a -n "${SORT_CMD}" -a -n "${UNIQ_CMD}" ]; then
 -		SOCKSTAT_OUTPUT=`${SOCKSTAT_CMD} -n | grep '\*[:.]\*' | cut -c1-55 | grep '\*[:.]' | cut -c39-47 | grep -v '\*' | tr -d ' ' | ${SORT_CMD} | ${UNIQ_CMD}`
+-		NETSTAT_OUTPUT=`${NETSTAT_CMD} -an | egrep -v 'TIME_WAIT|ESTABLISHED|SYN_SENT|CLOSE_WAIT|LAST_ACK|SYN_RECV|CLOSING' | cut -c1-44 | grep '\*\.' | cut -c24-32 | grep -v '\*' | tr -d ' ' | tr -d '\t' | ${SORT_CMD} | ${UNIQ_CMD}`
 +		SOCKSTAT_OUTPUT=`${SOCKSTAT_CMD} | grep '\*[:.]\*' | cut -c1-55 | grep '\*[:.]' | cut -c39-47 | grep -v '\*' | tr -d ' ' | ${SORT_CMD} | ${UNIQ_CMD}`
- 		NETSTAT_OUTPUT=`${NETSTAT_CMD} -an | egrep -v 'TIME_WAIT|ESTABLISHED|SYN_SENT|CLOSE_WAIT|LAST_ACK|SYN_RECV|CLOSING' | cut -c1-44 | grep '\*\.' | cut -c24-32 | grep -v '\*' | tr -d ' ' | tr -d '\t' | ${SORT_CMD} | ${UNIQ_CMD}`
++		NETSTAT_OUTPUT=`${NETSTAT_CMD} -an | egrep -v 'TIME_WAIT|ESTABLISHED|SYN_SENT|CLOSE_WAIT|LAST_ACK|SYN_RECV|CLOSING' | cut -c1-44 | grep '\*\.' | cut -c23-31 | grep -v '\*' | tr -d ' ' | tr -d '\t' | ${SORT_CMD} | ${UNIQ_CMD}`
  
  		if [ "${SOCKSTAT_OUTPUT}" = "${NETSTAT_OUTPUT}" ]; then
+ 			display --to SCREEN+LOG --type PLAIN --result OK --color GREEN --log-indent 2 --screen-indent 4 ROOTKIT_OS_BSD_SOCKNET


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902171947.n1HJlchQ048254>