Installed library files (mostly kernel modules) not belonging to any package in tiger audit report

[Maarten Derickx <m.derickx.student@gmail.com>]

Dear All,

Today I got the following in my tiger security audit:

# Checking installed files against packages...

--WARN-- [lin001w] File `/lib/init/rw/.ramfs' does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/2.6.32-5-amd64/modules.softdep' does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/2.6.32-5-amd64/modules.symbols' does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/2.6.32-5-amd64/modules.dep' does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/2.6.32-5-amd64/modules.dep.bin' does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/2.6.32-5-amd64/modules.devname' does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/2.6.32-5-amd64/modules.alias.bin' does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/2.6.32-5-amd64/modules.alias' does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/2.6.32-5-amd64/modules.symbols.bin' does not belong to any package.

I suspect all the missing kernel modules are caused by me recently installing: open-vm-modules-2.6.32-5-amd64 . 

But I installed that using apt, so tiger should recognize that they belong to a package. Looking in dpkg.log it should be one of the following packages:

2012-11-01 12:51:21 status installed gcc-4.3-base 4.3.5-4

2012-11-01 12:51:21 status installed cpp-4.3 4.3.5-4

2012-11-01 12:51:21 status installed gcc-4.3 4.3.5-4

2012-11-01 12:51:21 status installed linux-headers-2.6.32-5-common 2.6.32-46

2012-11-01 12:51:21 status installed linux-kbuild-2.6.32 2.6.32-1

2012-11-01 12:51:21 status installed linux-headers-2.6.32-5-amd64 2.6.32-46

2012-11-01 12:51:52 status installed open-vm-modules-2.6.32-5-amd64 1:8.4.2-261024-1+2.6.32-46

Is this a bug in one of the packages not claiming ownership of one of the files it installes?

If so how do I report this?

Thanks Maarten