Check for RedHad/CentOs backported security patches based on cve data
Brought to you by:
dogsbody
version 1.3.4 (not latest but shipped with third party panel on production)
OS: CentOs 6.4 x64
RkHunter reports
Warning: Application 'httpd', version '2.2.15', is out of date, and possibly a security risk.
But according to RedHad Backporting policy (security patches from latest versions are backported to the older versions without breaking interoperability), the application vulnerability should be checked based on the cve patches applied and not the software version.
The warning comes from the 'apps' test. I personally do not recommend the test for the simple reason that it is impossible to keep it up to date. We would have to check the application versions on all the UNIX and Linux distributions, and ensure that any we whitelisted were patched for all those distributions. (E.g '2.2.15' on CentOS may be okay, but on Debian it might not be.) I would suggest just disabling the test.
I know I'm beating an old horse. But the package maintainers could add APP_WHITELIST to the default config it installs, using the stable and security fixed version numbers their distro uses. I suggest reporting this to the package maintainers instead.
Yup, feel free to suggest it to the package maintainers.