On Wed, Jun 04, 2014 at 04:38:45AM -0700, Horatio Leragon wrote: > I received a security update advisory [SECURITY] [DSA 2945-1] today. > > Package : chkrootkit > CVE ID : CVE-2014-0476 > Assuming what you wrote isn't tongue in cheek, and from most of your posts it may not be a good assumption: > I am shocked to learn that Debian is vulnerable to rootkits. That's why there's a package to check for them. Why are you shocked? > > I switched to Debian from Microsoft Windows OS because of the massive over-hype that I read on the internet: that Debian is impervious to malware and no viruses have ever infected a *nix OS. Where did you read this, and don't say "the internet"? Be specific. No knowledgeable source would ever say that Debian is impervious to malware and no viruses have ever infected a *nix OS. There isn't an OS in existence that is *completely* impervious to malware and there are plenty of *nixes that have been infected. Ask any sysadmin who's been in the business for more than 6 months. *I'm* the one who's shocked that a statement like that didn't raise a red flag. BTW you would be well served to read this site: http://www.catb.org/~esr/faqs/smart-questions.html I'm surprised that you haven't been steered to it before, way before. > > > Should I install this package called "chkrootkit"? > > But then it itself is vulnerable to errors in its code :( -- -- Bob Holtzman A man is a man who will fight with a sword or tackle Mt Everest in snow, but the bravest of all owns a '34 Ford and tries for 6000 in low.
Attachment:
signature.asc
Description: Digital signature