Hi, After updating rkhunter from 1.4.2 to 1.4.6, cron.daily report tell me : Invalid option specified: --update and : # rkhunter --update Invalid option specified: --update man rkhunter rkhunter {--check | --unlock | --update | --versioncheck | --propupd [{filename | directory | package name},...] | --list [tests | {lang | languages} | rootkits | perl | propfiles] | --config-check | --version | --help} [options] --update This command option causes rkhunter to check if there is a later version of any of its text data files. A command-line web browser, for example wget or lynx, must be present on the system when using this option. I can see that's with versioncheck too : # rkhunter --versioncheck Invalid option specified: --versioncheck but : # rkhunter --help | egrep "update|versioncheck" # options removed ? man no updated ? /etc/cron.daily/rkhunter should be modified ?
hmmmmm : https://gitweb.gentoo.org/repo/gentoo.git/diff/app-forensics/rkhunter/files/rkhunter-1.4.6-no-insecure-web.patch?id=61e995b755727e286d140d8d721340959c434b6c 1) user should be warned 2) how to update databases so ?
I can confirm this. As a workaround I set UPDATE=no in /etc/cron.daily/rkhunter
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=279eb849abb2875b3f3181a4a1b3e47b24c5643a commit 279eb849abb2875b3f3181a4a1b3e47b24c5643a Author: Michael Palimaka <kensington@gentoo.org> AuthorDate: 2018-05-26 10:28:38 +0000 Commit: Michael Palimaka <kensington@gentoo.org> CommitDate: 2018-05-26 10:29:02 +0000 app-forensics/rkhunter: revbump removes update option from cron file Closes: https://bugs.gentoo.org/651980 Package-Manager: Portage-2.3.31, Repoman-2.3.9 app-forensics/rkhunter/files/rkhunter-1.4.cron | 134 ++++++++++++++++++++++++ app-forensics/rkhunter/rkhunter-1.4.6-r1.ebuild | 63 +++++++++++ 2 files changed, 197 insertions(+)
(In reply to Christophe PEREZ from comment #1) > 2) how to update databases so ? It was removed due to CVE-2017-7480 (bug 623150). At the time I pushed the change, I did a quick check and didn't see any updates being pushed anyway.