Re: 'exim', version '4.69', is out of date
On Wed, Dec 09, 2009 at 07:03:26AM +0000, Camaleón wrote:
> - Debian Lenny (stable) is not a "rolling-update" distribution. So once
> is released, it won't update packages just because there is a newer
> version available "upstream". Lenny just get updated packages when there
> is a security patch available for each of them. That is, "officially" you
> will get only security updates. Whenever a new version of any package is
> available (just the case of Exim) you can install it "by hand" and at
> your own risk (by compiling, by using a backport repository, by
> donwloading .deb file, etc...).
> - Rkhunter is just doing its job: it advices you there is a newer version
> available for those packages and that's right. Is up to you upgrading
> them or not.
No. Rkhunter is not doing its job. Most of the installations of Exim in
the world are by now "out of date". Hence Rkhunter is more likely to
generate a false warning. Or even worse: to encourge the user to install
an unsupported package.
> I, personally, would not take any step :-)
So you basically your hunter is crying "old wolf" and you ignore it.
Tzafrir Cohen | firstname.lastname@example.org | VIM is
http://tzafrir.org.il | | a Mutt's
email@example.com | | best
ICQ# 16849754 | | friend