Hello community, here is the log from the commit of package rkhunter for openSUSE:Factory checked in at 2018-09-25 15:43:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rkhunter (Old) and /work/SRC/openSUSE:Factory/.rkhunter.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rkhunter" Tue Sep 25 15:43:11 2018 rev:23 rq:637741 version:1.4.6 Changes: -------- --- /work/SRC/openSUSE:Factory/rkhunter/rkhunter.changes 2017-11-27 22:15:59.991886019 +0100 +++ /work/SRC/openSUSE:Factory/.rkhunter.new/rkhunter.changes 2018-09-25 15:43:15.161237323 +0200 @@ -1,0 +2,79 @@ +Mon Sep 24 06:23:55 UTC 2018 - Mathias Homann <Mathias.Homann@opensuse.org> + +- upgrade to version 1.4.6 + + * 1.4.6 (20/02/2018) + + + * New: + - Added support for Alpine Linux (busybox). + - Added the 'Diamorphine LKM' test. + - Added the ALLOWIPCPID configuration file option. This will allow + specific PIDs to be whitelisted from the shared memory check. + - Added the ALLOWIPCUSER configuration file option. This will allow + specific usernames to be whitelisted from the shared memory check. + - Added the IPC_SEG_SIZE configuration file option. This can be used + to set the minimum shared memory segment size to check. The default + value is 1048576 bytes (1MB). + - Added the SKIP_INODE_CHECK configuration file option. Setting this + option will disable the reporting of any changed inode numbers. + The default is to report inode changes. (This option may be useful + for filesystems such as Btrfs.) + - Added Ebury sshd backdoor test. + - Added a new SSH configuration test to check for various suspicious + configuration options. Currently there is only one check which + relates to the Ebury backdoor. + - Added basic test for Jynx2 rootkit. + - Added Komplex trojan test. + - Added basic test for KeRanger running process. + - Added test for Keydnap backdoor. + - Added basic test for Eleanor backdoor running process. + - Added basic tests for Mokes backdoor. + - Added tests for Proton backdoor. + - Added the SUSPSCAN_WHITELIST configuration file option. This + option can be used to whitelist file pathnames from the + 'suspscan' test. + + * Changes: + - The 'ipc_shared_mem' test will now log the minimum segment size + that will be checked. It will also log the size of any segments + which appear suspicious (that is, larger than the configured + allowed maximum size). + - If verbose logging is disabled, then generally only the test + name and the final result for the test will now be logged. + - Kernel symbol checks will now use the 'System.map' file, if it + exists, and no other kernel symbol file can be found. + + * Bugfixes: + - For prelinked systems ensure that the default hash function is + SHA1 and not SHA256. + - The result from the 'hidden_procs' test was not being + calculated correctly. + - Checking the O/S version number could be missed in some cases. + - Minor improvement to the *BSD immutable files check. + - The 'OS_VERSION_FILE' configuration option pathname cannot be + a link, but this was not checked. + - Improved checks for the O/S name on Devuan systems. + - Handling of the '/etc/issue' file during O/S detection has now + improved. Escape sequences are either replaced or removed. + - Not all the linux kernel module names were being checked. + - The logging of detached memory segments tried to show the + process pathname. This has now been corrected, and where no + pathname is available, the segment owner and PID will be logged. + - It was possible for the return code to be lost when running the + 'ipc_shared_mem' test. This has now been corrected. + - Some configuration options were still not being handled correctly + when specified more than once. + - The 'ipc_shared_mem' test did not correctly handle whitelisting + when a segment pathname was flagged as deleted. This has now + been corrected. + - Commands disabled in the configuration file were being logged + as not found. They are now logged as having been disabled. + - Disabling verbose logging could hide some warning messages. + - The 'shared_libs' test now caters for simple filenames, as well + as pathnames which contain the '$LIB', '$ORIGIN' or '$PLATFORM' + variables. + + -- + +------------------------------------------------------------------- Old: ---- rkhunter-1.4.4.tar.gz New: ---- rkhunter-1.4.6.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rkhunter.spec ++++++ --- /var/tmp/diff_new_pack.cBVD5a/_old 2018-09-25 15:43:16.277236131 +0200 +++ /var/tmp/diff_new_pack.cBVD5a/_new 2018-09-25 15:43:16.281236127 +0200 @@ -1,7 +1,7 @@ # # spec file for package rkhunter # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2009-2010 by Sascha Manns <saigkill@opensuse.org> # # All modifications and additions to the file contributed by third parties @@ -13,7 +13,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -23,10 +23,10 @@ %endif Name: rkhunter -Version: 1.4.4 +Version: 1.4.6 Release: 0 Summary: Rootkit Hunter Scans for Rootkits, Backdoors, and Local Exploits -License: GPL-2.0+ +License: GPL-2.0-or-later Group: System/Monitoring Url: http://rkhunter.sourceforge.net/ Source0: http://sourceforge.net/projects/rkhunter/files/%{name}-%{version}.tar.gz ++++++ rkhunter-1.4.4.tar.gz -> rkhunter-1.4.6.tar.gz ++++++ ++++ 5393 lines of diff (skipped)