Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 13 Apr 2005 14:00:51 +0000 (UTC)
From:      cordeiro@nic.br
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        cordeiro@nic.br
Subject:   ports/79865: update to version 0.45
Message-ID:  <20050413140051.832315C048@luinil.nic.br>
Resent-Message-ID: <200504131410.j3DEAOaN063949@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         79865
>Category:       ports
>Synopsis:       update to version 0.45
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Apr 13 14:10:23 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Luiz Eduardo Roncato Cordeiro
>Release:        FreeBSD 5.4-RC2 i386
>Organization:
NBSO
>Environment:
System: FreeBSD XXX 5.4-RC2 FreeBSD 5.4-RC2 #19: Mon Apr 11 14:42:06 UTC 2005 root@XXX:/usr/obj/usr/src/sys/XXX i386


>Description:
	Update to chkrookit version 0.45

        chkproc.c: better support for Linux
        threads.  New rootkit detected: Fu,
        Kenga3, ESRK.  New test: chkutmp.  -n
        option improvement.  Minor bug fixes.

>How-To-Repeat:
>Fix:


diff -ruN /usr/ports/security/chkrootkit.old/Makefile /usr/ports/security/chkrootkit/Makefile
--- /usr/ports/security/chkrootkit.old/Makefile	Wed Apr 13 13:32:53 2005
+++ /usr/ports/security/chkrootkit/Makefile	Wed Apr 13 13:50:38 2005
@@ -6,16 +6,23 @@
 #
 
 PORTNAME=	chkrootkit
-PORTVERSION=	0.44
+PORTVERSION=	0.45
 CATEGORIES=	security
-MASTER_SITES=	ftp://ftp.pangeia.com.br/pub/seg/pac/
-
+MASTER_SITES=	ftp://ftp.pangeia.com.br/pub/seg/pac/ \
+                ftp://gd.tuwien.ac.at/infosys/security/chkrootkit/ \
+                ftp://ftp.digitalvoodoo.org/pub/mirrors/chkrootkit/ \
+                http://www.spenneberg.org/chkrootkit-mirror/files/ \
+                http://www.mirrors.wiretapped.net/security/host-security/chkrootkit/ \
+                http://ftp.uni-stuttgart.de/pub/security/unix/forensics/chkrootkit/ \
+                http://ftp.bit.nl/mirror/chkrootkit/ \
+                http://chkrootkit.mirror.fr/
+                
 MAINTAINER=	cordeiro@nic.br
 COMMENT=	A tool to locally check for signs of a rootkit
 
 USE_REINPLACE=	yes
 
-ALL_TARGET=	chkrootkit chklastlog chkwtmp chkproc chkdirs ifpromisc check_wtmpx strings
+ALL_TARGET=	chkrootkit chklastlog chkwtmp chkutmp chkproc chkdirs ifpromisc check_wtmpx strings
 
 DOCFILES=	ACKNOWLEDGMENTS COPYRIGHT README README.chklastlog README.chkwtmp
 
@@ -28,6 +35,7 @@
 	${REINPLACE_CMD} -e \
 		's#\./chklastlog#${PREFIX}/sbin/chklastlog#g; \
 		s#\./chkwtmp#${PREFIX}/sbin/chkwtmp#g; \
+		s#\./chkutmp#${PREFIX}/sbin/chkutmp#g; \
 		s#\./chkproc#${PREFIX}/sbin/chkproc#g; \
 		s#\./chkdirs#${PREFIX}/sbin/chkdirs#g; \
 		s#\./check_wtmpx#${PREFIX}/sbin/check_wtmpx#g; \
@@ -39,6 +47,7 @@
 	${INSTALL_SCRIPT}  ${WRKSRC}/chkrootkit ${PREFIX}/sbin
 	${INSTALL_PROGRAM} ${WRKSRC}/chklastlog ${PREFIX}/sbin
 	${INSTALL_PROGRAM} ${WRKSRC}/chkwtmp    ${PREFIX}/sbin
+	${INSTALL_PROGRAM} ${WRKSRC}/chkutmp    ${PREFIX}/sbin
 	${INSTALL_PROGRAM} ${WRKSRC}/chkproc    ${PREFIX}/sbin
 	${INSTALL_PROGRAM} ${WRKSRC}/chkdirs    ${PREFIX}/sbin
 	${INSTALL_PROGRAM} ${WRKSRC}/ifpromisc  ${PREFIX}/sbin
diff -ruN /usr/ports/security/chkrootkit.old/README.html /usr/ports/security/chkrootkit/README.html
--- /usr/ports/security/chkrootkit.old/README.html	Wed Apr 13 13:32:53 2005
+++ /usr/ports/security/chkrootkit/README.html	Wed Apr 13 13:54:47 2005
@@ -11,7 +11,7 @@
 
     <p>You are now in the directory for the port "security/chkrootkit".</p>
 
-    <p>The package name of this port is "chkrootkit-0.42b".</p>
+    <p>The package name of this port is "chkrootkit-0.45".</p>
 
     <p>This is the one-line description for this port:</p>
     <hr>
diff -ruN /usr/ports/security/chkrootkit.old/distinfo /usr/ports/security/chkrootkit/distinfo
--- /usr/ports/security/chkrootkit.old/distinfo	Wed Apr 13 13:32:53 2005
+++ /usr/ports/security/chkrootkit/distinfo	Wed Apr 13 13:39:27 2005
@@ -1,2 +1,2 @@
-MD5 (chkrootkit-0.44.tar.gz) = 8f6dbb3204c24e9b71490142cb2953ee
-SIZE (chkrootkit-0.44.tar.gz) = 34163
+MD5 (chkrootkit-0.45.tar.gz) = 57493e24ca81750a200d8bcb4049e858
+SIZE (chkrootkit-0.45.tar.gz) = 36359
diff -ruN /usr/ports/security/chkrootkit.old/pkg-descr /usr/ports/security/chkrootkit/pkg-descr
--- /usr/ports/security/chkrootkit.old/pkg-descr	Wed Apr 13 13:32:53 2005
+++ /usr/ports/security/chkrootkit/pkg-descr	Wed Apr 13 13:54:18 2005
@@ -13,6 +13,7 @@
  * chkproc.c: checks for signs of LKM trojans.
  * chkdirs.c: checks for signs of LKM trojans.
  * strings.c: quick and dirty strings replacement.
+ * chkutmp.c: checks for utmp deletions.
 
  For an updated list of rootkits, worms and LKMs detected by
  chkrootkit please visit: http://www.chkrootkit.org/
diff -ruN /usr/ports/security/chkrootkit.old/pkg-plist /usr/ports/security/chkrootkit/pkg-plist
--- /usr/ports/security/chkrootkit.old/pkg-plist	Wed Apr 13 13:32:53 2005
+++ /usr/ports/security/chkrootkit/pkg-plist	Wed Apr 13 13:50:57 2005
@@ -3,6 +3,7 @@
 sbin/chkproc
 sbin/chkrootkit
 sbin/chkwtmp
+sbin/chkutmp
 sbin/ifpromisc
 sbin/check_wtmpx
 sbin/strings
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050413140051.832315C048>