--- tiger-3.2.2.orig/config +++ tiger-3.2.2/config @@ -395,10 +395,11 @@ # [ -n "$RCFILE" -a -r $RCFILE ] && { + tempfile=`tempfile -d $WORKDIR` || tempfile=$WORKDIR/rcfile.$$ $GREP -v '^#' $RCFILE | - $SED -e 's/^\(.*\)=/export \1; \1=/' > $WORKDIR/rcfile.$$ - . $WORKDIR/rcfile.$$ - $RM -f $WORKDIR/rcfile.$$ + $SED -e 's/^\(.*\)=/export \1; \1=/' > $tempfile + . $tempfile + $RM -f $tempfile } HOSTNAME=`$GETHOSTNAME` --- tiger-3.2.2.orig/configure.in +++ tiger-3.2.2/configure.in @@ -57,5 +57,6 @@ AC_SUBST(tigerhomedir) AC_OUTPUT(Makefile c/Makefile + doc/Makefile man/tiger.8 man/tigercron.8) --- tiger-3.2.2.orig/configure +++ tiger-3.2.2/configure @@ -1030,6 +1030,7 @@ trap 'rm -fr `echo "Makefile c/Makefile + doc/Makefile man/tiger.8 man/tigercron.8" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 EOF @@ -1120,6 +1121,7 @@ CONFIG_FILES=\${CONFIG_FILES-"Makefile c/Makefile + doc/Makefile man/tiger.8 man/tigercron.8"} EOF --- tiger-3.2.2.orig/tigercron +++ tiger-3.2.2/tigercron @@ -256,7 +256,7 @@ done >> $WORKDIR/tigcron.diff.$$ [ ! -n "$Tiger_Mail_RCPT" ] && Tiger_Mail_RCPT="root" -[ ! -n "$Tiger_Mail_FROM" ] && Tiger_Mail_FROM="root@$HOSTNAME" +[ ! -n "$Tiger_Mail_FROM" ] && Tiger_Mail_FROM="root@$(hostname)" length=1 if [ ! -n "$EGREP" ] ; then @@ -272,9 +272,9 @@ } haveallcmds MAILER && [ "$send" = "Y" ] && { # Mail header (so it does not just say it's root - echo "From: \"Tiger automatic auditor at $HOSTNAME\" <$Tiger_Mail_FROM>" + echo "From: \"Tiger automatic auditor at $(hostname)\" <$Tiger_Mail_FROM>" echo "To: $Tiger_Mail_RCPT" - echo "Subject: Tiger Auditing Report for $HOSTNAME" + echo "Subject: Tiger Auditing Report for $(hostname)" echo cat $WORKDIR/tigcron.diff.$$ } | $MAILER $Tiger_Mail_RCPT --- tiger-3.2.2.orig/Makefile.in +++ tiger-3.2.2/Makefile.in @@ -1,3 +1,22 @@ +#!/usr/bin/make -f +# +# Makefile for tiger HTML documentation +# +# +# General makefile for tiger - A UN*X security checking system +# Copyright (C) 2001-2008 Javier Fernandez-Sanguino Pen~a +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 1, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Please see the file `COPYING' for the complete copyright notice. # # You only need to 'make' tiger if you are planning to run it # on a regular basis, or to compile the binaries (sources under c/) @@ -147,7 +166,8 @@ ./util/mkfilelst \ ./util/mksig \ ./util/setsh \ - ./util/sgrep + ./util/sgrep \ + ./doc/explain.idx MISCDIRS=./bin \ ./check.d \ @@ -157,15 +177,8 @@ ./systems all: - @if [ ! -d bin ]; then \ - mkdir bin; \ - fi - cd c && $(MAKE) install - @if [ ! -d html ]; then \ - mkdir html; \ - fi - cd util && sh doc2html - ./util/genmsgidx + cd c && $(MAKE) + cd doc && $(MAKE) installdirs: @echo "Creating $(TIGERHOME)..." @@ -244,9 +257,16 @@ @chmod 644 $(DESTDIR)$(TIGERHOME)/config install: installdirs installbinaries installconfig installmanpages + @if [ ! -d bin ]; then \ + mkdir bin; \ + fi + @if [ ! -d html ]; then \ + mkdir html; \ + fi cd c && $(MAKE) install + cd doc && $(MAKE) install @echo "Copying miscellaneous dirs..." - @for dir in $(MISCDIRS); do \ + for dir in $(MISCDIRS); do \ tar cf - $$dir | (cd $(DESTDIR)$(TIGERHOME); tar xpf -); \ done @echo "Copying miscellaneous files..." @@ -279,11 +299,13 @@ clean: cd c && $(MAKE) clean + cd doc && $(MAKE) -f Makefile.in clean -find bin/ -type f -exec rm -f {} \; -rm -f man/index.bt distclean: clean cd c && $(MAKE) distclean + cd doc && $(MAKE) -f Makefile.in distclean -find log/ -type f -exec rm -f {} \; -find run/ -type f -exec rm -f {} \; -rm -f Makefile config.{status,log,cache} man/tiger.8 man/tigercron.8 --- tiger-3.2.2.orig/tigerrc +++ tiger-3.2.2/tigerrc @@ -308,6 +308,10 @@ Tiger_FSScan_ofNote=Y # weird filenames Tiger_FSScan_WDIR=N # world writable directories Tiger_FSScan_Unowned=Y # files with undefined owners/groups +# The following variables change the way the GET_MOUNTS (gen_mounts) script works: +Tiger_FSScan_WarnUnknown=Y # Warn about unknown filesystems used +Tiger_FSScan_Local='' # Filesystems considered to be local to the system, pipe-separated +Tiger_FSScan_NonLocal='' # Filesystems considered to be non-local to the system, pipe-separated # # Should we scan read-only filesystems # --- tiger-3.2.2.orig/config.in +++ tiger-3.2.2/config.in @@ -133,8 +133,14 @@ # TODO: WORKDIR should be removed on exit if it is located in a temporary # directory if [ ! -d "$WORKDIR" ] ; then + case "$WORKDIR" in + /var/run/* | /tmp* | /var/tmp/* ) + mkdir -p "$WORKDIR" + ;; + *) echo "Configured working directory $WORKDIR does not exist" >&2 exit 1 + esac fi @@ -222,10 +228,11 @@ # [ -n "$RCFILE" -a -f $RCFILE ] && { + tmpf=$(tempfile) $GREP -v '^#' $RCFILE | - $SED -e 's/^\(.*\)=/export \1; \1=/' > $WORKDIR/rcfile.$$ - . $WORKDIR/rcfile.$$ - $RM -f $WORKDIR/rcfile.$$ + $SED -e 's/^\(.*\)=/export \1; \1=/' > $tmpf + . $tmpf + $RM -f $tmpf } HOSTNAME=`$GETHOSTNAME` --- tiger-3.2.2.orig/scripts/find_files +++ tiger-3.2.2/scripts/find_files @@ -17,6 +17,9 @@ # # find_files - 06/14/93 # +# 08/09/2008 jfs Have GET_MOUNTS use local like getdisks does and do not warn +# for non-local filesystems +# # 07/22/2005 jfs Fixed check of GET_MOUNTS # # 04/03/2004 rbrad Added GETDISKS to haveallcmds. @@ -273,7 +276,7 @@ # but better than banging the heads around. # echo "$FINDXDEV" - echo "`$GET_MOUNTS`" + echo "`$GET_MOUNTS local all`" else echo "$FINDPRUNE" echo "/" --- tiger-3.2.2.orig/scripts/check_crontabs +++ tiger-3.2.2/scripts/check_crontabs @@ -109,13 +109,12 @@ # while read owner command do - com="`echo \"$command\" | $SED -e 's/[0-9]*>//g' | $TR -d '()\;\`&!|'`" # Can't 'set' this because of shell meta-characters. cmd="`echo \"$com\" | $AWK '{print $1}'`" - base=`$BASENAME "$cmd"` + base=`$BASENAME -- "$cmd"` case "$base" in sh|csh|ksh|tcsh|zsh|bash|if|cd) [ "$2" != "-c" ] && cmd="`echo \"$com\" | $AWK '{print $2}'`";; @@ -189,7 +188,7 @@ $GREP -v "^#" | while read user do - message WARN cron006w "User $user is allowed cron usage." + message WARN cron006w "" "User $user is allowed cron usage." done fi if [ -f "$CRONDENY" ] @@ -198,7 +197,7 @@ $GREP -v "^#" | while read user do - message INFO cron007i "User $user is denied cron usage." + message INFO cron007i "" "User $user is denied cron usage." done fi if [ ! -f "$CRONALLOW" -a ! -f "$CRONDENY" ] --- tiger-3.2.2.orig/scripts/check_xinetd +++ tiger-3.2.2/scripts/check_xinetd @@ -98,9 +98,9 @@ if [ "`$GREP -i 'disable' $xinetd_dir/$file | $AWK '{print $NF}'`" = "no" ] ; then service=`$GREP -w 'server' $file | $GREP '=' | $AWK '{print $NF}'` - message INFO xnet004i "Service $file is enabled using: $service." + message INFO xnet004i "" "Service $file is enabled using: $service." else - message INFO xnet005i "Service $file is disabled." + message INFO xnet005i "" "Service $file is disabled." fi done } @@ -115,13 +115,13 @@ then check_xinetconfig $xinetd_directory else - message ERROR xnet002e "The location included in $XINETDCONF is not a directory" + message ERROR xnet002e "" "The location included in $XINETDCONF is not a directory" fi done else if [ ! -f "$XINETDCONF" ] ; then - message ERROR xnet001e "It appears that xinetd is not installed, cannot find file $XINETDCONF." + message ERROR xnet001e "" "It appears that xinetd is not installed, cannot find file $XINETDCONF." else - message ERROR xnet003e "Cannot read file $XINETDCONF." + message ERROR xnet003e "" "Cannot read file $XINETDCONF." fi fi --- tiger-3.2.2.orig/scripts/check_apache +++ tiger-3.2.2/scripts/check_apache @@ -90,19 +90,23 @@ # First check if Apache is bound to use only an IP address [ -f $APACHECONFDIR/httpd.conf ] && { - $GREP ^Listen $APACHECONFDIR/httpd.conf | - while read listen ipaddr - do - port=`echo $ipaddr | $CUT -f : -d 2` - ipaddr=`echo $ipaddr | $SED -e 's/:.*$//'` - done + listen=`$GREP ^Listen $APACHECONFDIR/httpd.conf | head -1 | $AWK '{print $2}'` + if [ -n "$listen" ]; then + if echo "$listen" | grep -q ':' ; then + port=`echo "$listen" | $CUT -d : -f 2` + ipaddr=`echo "$listen" | $SED -e 's/:.*$//'` + else + port="$listen" + ipaddr="" + fi + fi # TODO: this check should warn only if this is a multihomed host # (we probably need to check this in other places so a utils function # 'amImultihome' might be useful) if [ -z "$port" -o -z "$ipaddr" ]; then - message WARN apa001w "The Apache server is not configured to be bound to an specific IP address." + message WARN apa001w "" "The Apache server is not configured to be bound to an specific IP address." else - message INFO apa001w "The Apache server is configured to listen only on address $ipaddr port $port." + message INFO apa001w "" "The Apache server is configured to listen only on address $ipaddr port $port." fi } # Now check options @@ -130,9 +134,9 @@ # Before reseting check the '/' configuration if [ "$directory" = "/" ] ; then [ $denyfirst -ne 1 -o $alldenied -ne 0 ] && \ - message WARN apa002w "There is no limitation to access filesystem locations (configuration for '/')" + message WARN apa002w "" "There is no limitation to access filesystem locations (configuration for '/')" [ "$options" != "None" -a "$options" != "none" ] && \ - message WARN apa002w "Options flag for the filesystem should be 'None' (configuration for '/')" + message WARN apa002w "" "Options flag for the filesystem should be 'None' (configuration for '/')" fi directory="Any (default)" denyfirst=0 @@ -149,20 +153,20 @@ # followed back to the root dir # Sample: ln -s /etc/passwd if [ ! -z "`echo $options | $GREP -i ifownermatch`" ]; then - message INFO apa003i "$directory directory configuration permits symlink following only if owner of the symlink matches." + message INFO apa003i "" "$directory directory configuration permits symlink following only if owner of the symlink matches." else - message WARN apa004w "$directory directory configuration permits symlink following." + message WARN apa004w "" "$directory directory configuration permits symlink following." fi fi # of followsymlinks # TODO: we could list executable files in the directory if [ ! -z "`echo $options | $GREP -i execcgi`" ]; then - message WARN apa005w "$directory directory can hold executable CGI." + message WARN apa005w "" "$directory directory can hold executable CGI." fi # TODO we could check which directories do not have an index.html file if [ ! -z "`echo $options | $GREP -i indexes`" ]; then - message WARN apa006w "$directory directory will provide content listing if there are no index.html files." + message WARN apa006w "" "$directory directory will provide content listing if there are no index.html files." fi fi # of the options --- tiger-3.2.2.orig/systems/Linux/2/update_advisories.sh +++ tiger-3.2.2/systems/Linux/2/update_advisories.sh @@ -22,7 +22,7 @@ DEB_ADV_DIR=~jfs/debian/www/webwml/english/security/ if [ -d $DEB_ADV_DIR ] then - find $DEB_ADV_DIR -name "*data" -exec cat \{\} \; | perl retrieve-advisories.pl >debian_advisories + find $DEB_ADV_DIR -name "*data" -a -type f -exec cat \{\} \; | perl retrieve-advisories.pl >debian_advisories else echo "Cannot access the $DEB_ADV_DIR directory." echo "Cannot generate the advisories data for Tiger." --- tiger-3.2.2.orig/systems/Linux/2/deb_checkmd5sums +++ tiger-3.2.2/systems/Linux/2/deb_checkmd5sums @@ -17,6 +17,7 @@ # # Linux/deb_checkmd5sums - 24/08/2001 # +# 09/09/2008 - jfs - Use prelink to calculate checksums if present (Debian bug #445531) # 06/22/2007 - jfs - Fix Debian bug 50611 by properly reading md5sum's output # 08/17/2006 - jfs - Fix Ubuntu bug 50611 by excluding dev/ and # lib/udev/devices/ from the md5sum test, thanks to Richard Laager @@ -105,6 +106,12 @@ haveallcmds MD5SUM CAT CUT SED GREP BASENAME || exit 1 +# Prelink +PRELINK=/usr/sbin/prelink +if [ -x "$PRELINK" ] ; then + MD5SUM="$PRELINK -y --md5" +fi + # From the localepurge binary: LOCALEDIR=/usr/share/locale MANDIR=/usr/share/man --- tiger-3.2.2.orig/systems/Linux/2/check_patches +++ tiger-3.2.2/systems/Linux/2/check_patches @@ -24,6 +24,8 @@ # Changed TigerInstallDir to . # 04/15/2003 jfs Added some TODOS # 01/15/2004 jfs Fixed dependancies +# 10/19/2008 jfs Use UUID instead of UID since UID is not defined in all shells +# and config already setis UUID # #----------------------------------------------------------------------------- # TODO: @@ -103,7 +105,7 @@ elif [ -n "$APT" -a -x "$APT" ] then tmplog="$WORKDIR/apt-get.out.tmp.$$" - [ "$UID" -gt 0 ] && message ERROR ptch05e "" "This script is not running as super-user, it will probably be unable to update the package database from it's sources." + [ "$UUID" -gt 0 ] && message ERROR ptch05e "" "This script is not running as super-user, it will probably be unable to update the package database from it's sources." $APT update 1> /dev/null $APT -s upgrade | $GREP "^Inst" | awk '{print $2}' > $tmplog --- tiger-3.2.2.orig/systems/Linux/2/gen_mounts +++ tiger-3.2.2/systems/Linux/2/gen_mounts @@ -32,11 +32,28 @@ # Linux/2/gen_mounts - 07/22/2005 - Changed extraction from mount command # so it can cope with whitespaces in mount locations, added sanity check # and fix a bug that mangled $fs (Debian bug #315435) +# Linux/2/gen_mounts - 08/29/2005 - Added vzfs (VPS filesystem) to local fs, +# Savannah bug #14299 # Linux/2/gen_mounts - 05/20/2006 - Added cifs to non local FS (Debian bug #329813) # Linux/2/gen_mounts - 11/16/2006 - Added selinuxfs to local FS (Debian bug #397832) # Linux/2/gen_mounts - 06/22/2007 - Added fusectl to local FS (Debian bug #409386) # Linux/2/gen_mounts - 06/26/2007 - Added Vmware's vmblock as non-local FS -# +# Linux/2/gen_mounts - 09/08/2008 - Added reiser4 as a local FS (Debian bug #498203) +# - Added securityfs as a non-local FS (Ubuntu bug #155211) +# - Added fuse.gvfs-fuse-daemon as a local FS (Ubuntu bug #155211) +# - Added fuseblk as a local FS +# - Added fuse.truecrypt as a local FS +# - Added fuse.encfs as a local FS (Debian bug #483727) +# - Added debugfs as a non-local FS, to skip it from checks (Debian bug #469685) +# - Added afs as a non-local FS (Savannah bug #14028) +# - Added configfs, gfs and gfs2 as a non-local FS (Debian bug #490344) +# - Added inotifyfs, hugetlb and subfs as a non-local FS +# - Make futexfs a non-local FS (Debian bug #490822) +# - Added bind as a non-local FS (Debian bug #451879) +# - Skip udev fs even if its in a tmpfs FS, prevent analysis +# of unexistant symlinks (See Debian bug 434333) +# Linux/2/gen_mounts - 11/27/2008 - Added ecryptfs, used by ecryptfs-utils (See Debian bug 506512) +# - Fix bashism (Debian bug #505939) #----------------------------------------------------------------------------- # @@ -89,7 +106,9 @@ [ "$1" = "ext2" ] && LOCAL=0 [ "$1" = "ext3" ] && LOCAL=0 [ "$1" = "auto" ] && LOCAL=0 + [ "$1" = "vzfs" ] && LOCAL=0 # VPS virtual partition [ "$1" = "reiserfs" ] && LOCAL=0 + [ "$1" = "reiser4" ] && LOCAL=0 [ "$1" = "xfs" ] && LOCAL=0 [ "$1" = "jfs" ] && LOCAL=0 [ "$1" = "minix" ] && LOCAL=0 @@ -99,12 +118,19 @@ [ "$1" = "coherent" ] && LOCAL=0 [ "$1" = "xenix" ] && LOCAL=0 [ "$1" = "hpfs" ] && LOCAL=0 - [ "$1" = "rootfs" ] && LOCAL=0 - [ "$1" = "shm" ] && LOCAL=0 - [ "$1" = "tmpfs" ] && LOCAL=0 + [ "$1" = "rootfs" ] && LOCAL=0 # Provides an empty root directory for the bootstrap phase + [ "$1" = "shm" ] && LOCAL=0 # IPC-shared memory regions + [ "$1" = "tmpfs" ] && LOCAL=0 # Temporary files (kept in RAM unless swapped) + # Exception: udev uses a tmpfs and it has many symlinks that point nowhere, it should be skipped + [ "$1" = "tmpfs" ] && [ "$2" = "udev" ] && LOCAL=1 [ "$1" = "auto" ] && LOCAL=0 [ "$1" = "selinuxfs" ] && LOCAL=0 [ "$1" = "fusectl" ] && LOCAL=0 + [ "$1" = "fuseblk" ] && LOCAL=0 # Used in Ubuntu 'hardy' + [ "$1" = "fuse.truecrypt" ] && LOCAL=0 # Encrypted filesystem, used in Ubuntu 'hardy' + [ "$1" = "fuse.encfs" ] && LOCAL=0 # Encrypted filesystem + [ "$1" = "fuse.gvfs-fuse-daemon" ] && LOCAL=0 # Used in Ubuntu 'hardy' + [ "$1" = "ecryptfs" ] && LOCAL=0 # Encrypted filesystem used by ecryptfs-utils # Filesystems of other OS [ "$1" = "msdos" ] && LOCAL=1 [ "$1" = "umsdos" ] && LOCAL=1 @@ -121,27 +147,43 @@ [ "$1" = "smbfs" ] && LOCAL=1 [ "$1" = "cifs" ] && LOCAL=1 [ "$1" = "coda" ] && LOCAL=1 + [ "$1" = "AFS" ] && LOCAL=1 # Andrew Filesystem + [ "$1" = "afs" ] && LOCAL=1 # Andrew Filesystem [ "$1" = "rpc_pipefs" ] && LOCAL=1 - # Skip these as they are virtual filesystems - [ "$1" = "proc" ] && LOCAL=1 - [ "$1" = "devpts" ] && LOCAL=1 - [ "$1" = "usbfs" ] && LOCAL=1 + [ "$1" = "gfs" ] && LOCAL=1 # Red Hat's Global Filesystem + # http://sources.redhat.com/cluster/wiki/ + [ "$1" = "gfs2" ] && LOCAL=1 # Red Hat's Global Filesystem + # Note: gfs is considered non-local even though remoutely mounted in a SAN as this filesystem could + # be used exclusively, if your system uses gfs or gfs2 and you want to scan the filesystem + # set it at Tiger_FSScan_Local + [ "$1" = "proc" ] && LOCAL=1 # General access point to kernel data structures + [ "$1" = "bind" ] && LOCAL=1 # Used to remount directories, define as virtual + # as otherwise files would be checked twice + [ "$1" = "devpts" ] && LOCAL=1 # Pseudoterminal support (Open Group's Unix98 standard) + [ "$1" = "usbfs" ] && LOCAL=1 # USB devices [ "$1" = "usbdevfs" ] && LOCAL=1 [ "$1" = "devfs" ] && LOCAL=1 - [ "$1" = "sysfs" ] && LOCAL=1 + [ "$1" = "sysfs" ] && LOCAL=1 # General access point to system data + [ "$1" = "securityfs" ] && LOCAL=1 # Used by Ubuntu, see http://lwn.net/Articles/153366/ [ "$1" = "none" ] && LOCAL=1 [ "$1" = "autofs" ] && LOCAL=1 - [ "$1" = "binfmt_misc" ] && LOCAL=1 + [ "$1" = "binfmt_misc" ] && LOCAL=1 # Miscellaneous executable formats [ "$1" = "cramfs" ] && LOCAL=1 [ "$1" = "ramfs" ] && LOCAL=1 [ "$1" = "romfs" ] && LOCAL=1 - [ "$1" = "mqueue" ] && LOCAL=1 - [ "$1" = "sockfs" ] && LOCAL=1 - [ "$1" = "bdev" ] && LOCAL=1 + [ "$1" = "mqueue" ] && LOCAL=1 # POSIX message queues + [ "$1" = "sockfs" ] && LOCAL=1 # Sockets + [ "$1" = "bdev" ] && LOCAL=1 # Block devices [ "$1" = "pipefs" ] && LOCAL=1 - [ "$1" = "eventpollfs" ] && LOCAL=1 - [ "$1" = "futexfs" ] && LOCAL=0 - [ "$1" = "vmblock" ] && LOCAL=1 + [ "$1" = "eventpollfs" ] && LOCAL=1 # Efficient event polling mechanism + [ "$1" = "inotifyfs" ] && LOCAL=1 + [ "$1" = "hugetlbf" ] && LOCAL=1 + [ "$1" = "subfs" ] && LOCAL=1 + [ "$1" = "futexfs" ] && LOCAL=1 # futex (Fast Userspace Locking) mechanism + [ "$1" = "vmblock" ] && LOCAL=1 # Vmware filesystem + [ "$1" = "debugfs" ] && LOCAL=1 # Debugging filesystem see + # http://lwn.net/Articles/115405/ + [ "$1" = "configfs" ] && LOCAL=1 # Other filesystems we don't support [ "$1" = "adfs" ] && LOCAL=1 [ "$1" = "affs" ] && LOCAL=1 @@ -151,10 +193,27 @@ [ "$1" = "capifs" ] && LOCAL=1 # Some special filesystems [ "$1" = "unknown" ] && [ "$2" = "/dev" ] && LOCAL=1 + + # Handle the Tiger_FSScan_Local and Tiger_FSScan_Nonlocal variables, if defined + if [ ! -z "$Tiger_FSScan_Local" ] ; then + # List of known filesystems the admin considers to be local to the system + if echo $1 | $EGREP -q $Tiger_FSScan_Local; then + LOCAL=0 + fi + fi + if [ ! -z "$Tiger_FSScan_NonLocal" ] ; then + # List of known filesystems the admin considers to be not local to the system + if echo $1 | $EGREP -q $Tiger_FSScan_NonLocal; then + LOCAL=1 + fi + fi + # The rest we warn about if [ "$LOCAL" -eq 2 ] ; then - echo "--CONFIG-- [con010c] Filesystem '$1' used by '$2' is not recognised as a local filesystem" >&2 - LOCAL=1 + if [ -z "$Tiger_FSScan_WarnUnknown" ] || [ "$Tiger_FSScan_WarnUnknown" = "Y" ] ; then + echo "--CONFIG-- [con010c] Filesystem '$1' used by '$2' is not recognised as a valid filesystem" >&2 + fi + LOCAL=1 fi return $LOCAL } @@ -163,6 +222,7 @@ [ -z "$GETFS" ] && GETFS=`which mount` [ -z "$SED" ] && SED=`which sed` [ -z "$BASENAME" ] && BASENAME=`which basename` +[ -z "$EGREP" ] && EGREP=`which egrep` $GETFS | while read line --- tiger-3.2.2.orig/systems/Linux/2/debian_advisories +++ tiger-3.2.2/systems/Linux/2/debian_advisories @@ -2446,6 +2446,31 @@ boa 0.94.8.3-1 m68k boa 2000-10-09 boa 0.94.8.3-1 powerpc boa 2000-10-09 boa 0.94.8.3-1 sparc boa 2000-10-09 +quagga-doc 0.98.3-7.5 all DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 alpha DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 amd64 DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 arm DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 hppa DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 i386 DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 ia64 DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 m68k DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 mips DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 mipsel DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 powerpc DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 s390 DSA-1382-1 quagga 2007-10-1 +quagga 0.98.3-7.5 sparc DSA-1382-1 quagga 2007-10-1 +phpmyadmin 2.9.1.1-6 all DSA-1403-1 phpmyadmin 2007-11-8 +xfs 1.0.1-6 alpha DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 amd64 DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 arm DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 hppa DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 i386 DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 ia64 DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 mips DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 mipsel DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 powerpc DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 s390 DSA-1342-1 xfs 2007-7-30 +xfs 1.0.1-6 sparc DSA-1342-1 xfs 2007-7-30 gtk2-engines-pixbuf 2.6.4-3.2 alpha DSA-1256-1 gtk+2.0 2007-1-31 gtk2-engines-pixbuf 2.6.4-3.2 amd64 DSA-1256-1 gtk+2.0 2007-1-31 gtk2-engines-pixbuf 2.6.4-3.2 arm DSA-1256-1 gtk+2.0 2007-1-31 @@ -2457,6 +2482,39 @@ gtk2-engines-pixbuf 2.6.4-3.2 powerpc DSA-1256-1 gtk+2.0 2007-1-31 gtk2-engines-pixbuf 2.6.4-3.2 s390 DSA-1256-1 gtk+2.0 2007-1-31 gtk2-engines-pixbuf 2.6.4-3.2 sparc DSA-1256-1 gtk+2.0 2007-1-31 +libsndfile1-dev 1.0.16-2 alpha DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 alpha DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 alpha DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 amd64 DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 amd64 DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 amd64 DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 arm DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 arm DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 arm DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 hppa DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 hppa DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 hppa DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 i386 DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 i386 DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 i386 DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 ia64 DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 ia64 DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 ia64 DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 mips DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 mips DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 mips DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 mipsel DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 mipsel DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 mipsel DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 powerpc DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 powerpc DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 powerpc DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 s390 DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 s390 DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 s390 DSA-1442-1 libsndfile 2007-12-29 +sndfile-programs 1.0.16-2 sparc DSA-1442-1 libsndfile 2007-12-29 +libsndfile1 1.0.16-2 sparc DSA-1442-1 libsndfile 2007-12-29 +libsndfile1-dev 1.0.16-2 sparc DSA-1442-1 libsndfile 2007-12-29 squirrelmail 1.4.4-11 all DSA-1290-1 squirrelmail 2007-5-13 php4-pear 4.3.10-21 all DSA-1296-1 php4 2007-5-21 php4 4.3.10-21 all DSA-1296-1 php4 2007-5-21 @@ -2872,6 +2930,18 @@ libwpd-tools 0.8.7-6 sparc DSA-1268-1 libwpd 2007-3-17 libwpd8-dev 0.8.7-6 sparc DSA-1268-1 libwpd 2007-3-17 libwpd8c2a 0.8.7-6 sparc DSA-1268-1 libwpd 2007-3-17 +tar 1.14-2.4 alpha DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 amd64 DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 arm DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 hppa DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 i386 DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 ia64 DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 m68k DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 mips DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 mipsel DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 powerpc DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 s390 DSA-1438-1 tar 2007-12-28 +tar 1.14-2.4 sparc DSA-1438-1 tar 2007-12-28 imagemagick 6.0.6.2-2.9 alpha DSA-1260-1 imagemagick 2007-2-14 libmagick6 6.0.6.2-2.9 alpha DSA-1260-1 imagemagick 2007-2-14 libmagick6-dev 6.0.6.2-2.9 alpha DSA-1260-1 imagemagick 2007-2-14 @@ -2920,6 +2990,121 @@ libmagick6 6.0.6.2-2.9 sparc DSA-1260-1 imagemagick 2007-2-14 libmagick6-dev 6.0.6.2-2.9 sparc DSA-1260-1 imagemagick 2007-2-14 perlmagick 6.0.6.2-2.9 sparc DSA-1260-1 imagemagick 2007-2-14 +phpmyadmin 2.9.1.1-4 all DSA-1370-1 phpmyadmin 2007-9-9 +freetype2-demos 2.1.7-8 amd64 DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 amd64 DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 amd64 DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 arm DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 arm DSA-1334-1 freetype 2007-7-18 +freetype2-demos 2.1.7-8 arm DSA-1334-1 freetype 2007-7-18 +freetype2-demos 2.1.7-8 hppa DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 hppa DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 hppa DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 i386 DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 i386 DSA-1334-1 freetype 2007-7-18 +freetype2-demos 2.1.7-8 i386 DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 ia64 DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 ia64 DSA-1334-1 freetype 2007-7-18 +freetype2-demos 2.1.7-8 ia64 DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 m68k DSA-1334-1 freetype 2007-7-18 +freetype2-demos 2.1.7-8 m68k DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 m68k DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 mipsel DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 mipsel DSA-1334-1 freetype 2007-7-18 +freetype2-demos 2.1.7-8 mipsel DSA-1334-1 freetype 2007-7-18 +freetype2-demos 2.1.7-8 powerpc DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 powerpc DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 powerpc DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 s390 DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 s390 DSA-1334-1 freetype 2007-7-18 +freetype2-demos 2.1.7-8 s390 DSA-1334-1 freetype 2007-7-18 +libfreetype6-dev 2.1.7-8 sparc DSA-1334-1 freetype 2007-7-18 +freetype2-demos 2.1.7-8 sparc DSA-1334-1 freetype 2007-7-18 +libfreetype6 2.1.7-8 sparc DSA-1334-1 freetype 2007-7-18 +wesnoth-data 0.9.0-7 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-ei 0.9.0-7 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-httt 0.9.0-7 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-music 0.9.0-7 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-sotbe 0.9.0-7 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-tdh 0.9.0-7 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-trow 0.9.0-7 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 alpha DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 alpha DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 alpha DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 amd64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 amd64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 amd64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 arm DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 arm DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 arm DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 hppa DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 hppa DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 hppa DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 i386 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 i386 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 i386 DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 ia64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 ia64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 ia64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 m68k DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 m68k DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 m68k DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 mips DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 mips DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 mips DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 mipsel DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 mipsel DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 mipsel DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 powerpc DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 powerpc DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 powerpc DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 s390 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 s390 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 s390 DSA-1421-1 wesnoth 2007-12-6 +wesnoth 0.9.0-7 sparc DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 0.9.0-7 sparc DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 0.9.0-7 sparc DSA-1421-1 wesnoth 2007-12-6 +wesnoth-data 1.2-3 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-ei 1.2-3 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-httt 1.2-3 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-music 1.2-3 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-trow 1.2-3 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-tsg 1.2-3 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-ttb 1.2-3 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth-utbs 1.2-3 all DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 alpha DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 alpha DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 alpha DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 amd64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 amd64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 amd64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 arm DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 arm DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 arm DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 hppa DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 hppa DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 hppa DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 i386 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 i386 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 i386 DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 ia64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 ia64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 ia64 DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 mips DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 mips DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 mips DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 mipsel DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 mipsel DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 mipsel DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 powerpc DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 powerpc DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 powerpc DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 s390 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 s390 DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 s390 DSA-1421-1 wesnoth 2007-12-6 +wesnoth 1.2-3 sparc DSA-1421-1 wesnoth 2007-12-6 +wesnoth-editor 1.2-3 sparc DSA-1421-1 wesnoth 2007-12-6 +wesnoth-server 1.2-3 sparc DSA-1421-1 wesnoth 2007-12-6 php4-pear 4.3.10-19 all DSA-1264-1 php4 2007-3-7 php4 4.3.10-19 all DSA-1264-1 php4 2007-3-7 libapache-mod-php4 4.3.10-19 alpha DSA-1264-1 php4 2007-3-7 @@ -3151,6 +3336,98 @@ php4-sybase 4.3.10-19 sparc DSA-1264-1 php4 2007-3-7 php4-xslt 4.3.10-19 sparc DSA-1264-1 php4 2007-3-7 wordpress 2.0.10-1 all DSA-1285-1 wordpress 2007-5-01 +wesnoth-data 0.9.0-6 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-ei 0.9.0-6 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-httt 0.9.0-6 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-music 0.9.0-6 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-sotbe 0.9.0-6 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-tdh 0.9.0-6 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-trow 0.9.0-6 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 alpha DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 alpha DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 alpha DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 amd64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 amd64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 amd64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 arm DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 arm DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 arm DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 hppa DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 hppa DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 hppa DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 i386 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 i386 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 i386 DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 ia64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 ia64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 ia64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 m68k DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 m68k DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 m68k DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 mipsel DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 mipsel DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 mipsel DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 powerpc DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 powerpc DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 powerpc DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 s390 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 s390 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 s390 DSA-1386-1 wesnoth 2007-10-15 +wesnoth 0.9.0-6 sparc DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 0.9.0-6 sparc DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 0.9.0-6 sparc DSA-1386-1 wesnoth 2007-10-15 +wesnoth-data 1.2-2 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-ei 1.2-2 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-httt 1.2-2 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-music 1.2-2 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-trow 1.2-2 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-tsg 1.2-2 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-ttb 1.2-2 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth-utbs 1.2-2 all DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 alpha DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 alpha DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 alpha DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 amd64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 amd64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 amd64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 arm DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 arm DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 arm DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 hppa DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 hppa DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 hppa DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 i386 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 i386 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 i386 DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 ia64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 ia64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 ia64 DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 mips DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 mips DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 mips DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 mipsel DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 mipsel DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 mipsel DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 powerpc DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 powerpc DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 powerpc DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 s390 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 s390 DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 s390 DSA-1386-1 wesnoth 2007-10-15 +wesnoth 1.2-2 sparc DSA-1386-1 wesnoth 2007-10-15 +wesnoth-editor 1.2-2 sparc DSA-1386-1 wesnoth 2007-10-15 +wesnoth-server 1.2-2 sparc DSA-1386-1 wesnoth 2007-10-15 +inotify-tools 3.3-2 alpha DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 amd64 DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 arm DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 hppa DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 i386 DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 ia64 DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 mips DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 mipsel DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 powerpc DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 s390 DSA-1440-1 inotify-tools 2007-12-28 +inotify-tools 3.3-2 sparc DSA-1440-1 inotify-tools 2007-12-28 quagga-doc 0.98.3-7.4 all DSA-1293-1 quagga 2007-5-17 quagga 0.98.3-7.4 alpha DSA-1293-1 quagga 2007-5-17 quagga 0.98.3-7.4 amd64 DSA-1293-1 quagga 2007-5-17 @@ -3164,6 +3441,216 @@ quagga 0.98.3-7.4 powerpc DSA-1293-1 quagga 2007-5-17 quagga 0.98.3-7.4 s390 DSA-1293-1 quagga 2007-5-17 quagga 0.98.3-7.4 sparc DSA-1293-1 quagga 2007-5-17 +xfs 1.0.1-7 alpha DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 amd64 DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 arm DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 hppa DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 i386 DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 ia64 DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 mips DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 mipsel DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 powerpc DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 s390 DSA-1385-1 xfs 2007-10-9 +xfs 1.0.1-7 sparc DSA-1385-1 xfs 2007-10-9 +php4-pear 4.3.10-22 all DSA-1331-1 php4 2007-7-7 +php4 4.3.10-22 all DSA-1331-1 php4 2007-7-7 +libapache-mod-php4 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +libapache2-mod-php4 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-cgi 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-cli 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-common 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-curl 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-dev 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-domxml 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-gd 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-imap 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-ldap 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-mcal 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-mhash 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-mysql 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-odbc 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-recode 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-snmp 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-sybase 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +php4-xslt 4.3.10-22 alpha DSA-1331-1 php4 2007-7-7 +libapache-mod-php4 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +libapache2-mod-php4 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-cgi 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-cli 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-common 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-curl 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-dev 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-domxml 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-gd 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-imap 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-ldap 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-mcal 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-mhash 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-mysql 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-odbc 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-recode 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-snmp 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-sybase 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +php4-xslt 4.3.10-22 amd64 DSA-1331-1 php4 2007-7-7 +libapache-mod-php4 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +libapache2-mod-php4 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-cgi 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-cli 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-common 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-curl 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-dev 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-domxml 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-gd 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-imap 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-ldap 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-mcal 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-mhash 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-mysql 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-odbc 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-recode 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-snmp 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-sybase 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +php4-xslt 4.3.10-22 arm DSA-1331-1 php4 2007-7-7 +libapache-mod-php4 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +libapache2-mod-php4 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-cgi 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-cli 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-common 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-curl 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-dev 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-domxml 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-gd 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-imap 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-ldap 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-mcal 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-mhash 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-mysql 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-odbc 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-recode 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-snmp 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-sybase 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +php4-xslt 4.3.10-22 i386 DSA-1331-1 php4 2007-7-7 +libapache-mod-php4 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +libapache2-mod-php4 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-cgi 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-cli 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-common 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-curl 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-dev 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-domxml 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-gd 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-imap 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-ldap 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-mcal 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-mhash 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-mysql 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-odbc 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-recode 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-snmp 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-sybase 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +php4-xslt 4.3.10-22 ia64 DSA-1331-1 php4 2007-7-7 +libapache-mod-php4 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +libapache2-mod-php4 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-cgi 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-cli 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-common 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-curl 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-dev 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-domxml 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-gd 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-imap 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-ldap 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-mcal 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-mhash 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-mysql 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-odbc 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-recode 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-snmp 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-sybase 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +php4-xslt 4.3.10-22 m68k DSA-1331-1 php4 2007-7-7 +libapache-mod-php4 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +libapache2-mod-php4 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-cgi 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-cli 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-common 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-curl 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-dev 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-domxml 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-gd 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-imap 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-ldap 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-mcal 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-mhash 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-mysql 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-odbc 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-recode 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-snmp 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-sybase 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +php4-xslt 4.3.10-22 mipsel DSA-1331-1 php4 2007-7-7 +libapache-mod-php4 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +libapache2-mod-php4 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-cgi 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-cli 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-common 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-curl 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-dev 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-domxml 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-gd 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-imap 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-ldap 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-mcal 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-mhash 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-mysql 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-odbc 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-recode 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-snmp 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-sybase 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +php4-xslt 4.3.10-22 s390 DSA-1331-1 php4 2007-7-7 +libapache-mod-php4 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +libapache2-mod-php4 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-cgi 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-cli 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-common 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-curl 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-dev 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-domxml 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-gd 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-imap 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-ldap 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-mcal 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-mhash 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-mysql 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-odbc 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-recode 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-snmp 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-sybase 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +php4-xslt 4.3.10-22 sparc DSA-1331-1 php4 2007-7-7 +xpdf-common 3.00-13.7 all DSA-1347-1 xpdf 2007-8-4 +xpdf 3.00-13.7 all DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 alpha DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 alpha DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 amd64 DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 amd64 DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 arm DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 arm DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.6 hppa DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.6 hppa DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 i386 DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 i386 DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 ia64 DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 ia64 DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 m68k DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 m68k DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 mips DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 mips DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 mipsel DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 mipsel DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 powerpc DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 powerpc DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 s390 DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 s390 DSA-1347-1 xpdf 2007-8-4 +xpdf-reader 3.00-13.7 sparc DSA-1347-1 xpdf 2007-8-4 +xpdf-utils 3.00-13.7 sparc DSA-1347-1 xpdf 2007-8-4 libsane 1.0.7-4 alpha DSA-379-1 sane-backends 2003-9-11 libsane-dev 1.0.7-4 alpha DSA-379-1 sane-backends 2003-9-11 libsane 1.0.7-4 arm DSA-379-1 sane-backends 2003-9-11 @@ -9170,6 +9657,266 @@ perl-base 5.6.1-8.8 sparc DSA-620-1 perl 2004-12-30 perl-debug 5.6.1-8.8 sparc DSA-620-1 perl 2004-12-30 perl-suid 5.6.1-8.8 sparc DSA-620-1 perl 2004-12-30 +backup-manager-doc 0.7.5-4 all DSA-1518-1 backup-manager 2008-3-15 +backup-manager 0.7.5-4 all DSA-1518-1 backup-manager 2008-3-15 +gs 8.01-6 all DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 alpha DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 amd64 DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 arm DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 hppa DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 i386 DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 ia64 DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 m68k DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 mips DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 mipsel DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 powerpc DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 s390 DSA-1510-1 ghostscript 2008-2-27 +gs-gpl 8.01-6 sparc DSA-1510-1 ghostscript 2008-2-27 +phpmyadmin 2.9.1.1-7 all DSA-1557-1 phpmyadmin 2008-4-24 +openssh-blacklist 0.1.1 all DSA-1576-1 openssh 2008-5-14 +xsltproc 1.1.19-3 alpha DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 alpha DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 alpha DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 alpha DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 amd64 DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 amd64 DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 amd64 DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 amd64 DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 arm DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 arm DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 arm DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 arm DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 hppa DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 hppa DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 hppa DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 hppa DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 i386 DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 i386 DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 i386 DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 i386 DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 ia64 DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 ia64 DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 ia64 DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 ia64 DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 mips DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 mips DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 mips DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 mips DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 mipsel DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 mipsel DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 mipsel DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 mipsel DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 powerpc DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 powerpc DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 powerpc DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 powerpc DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 s390 DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 s390 DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 s390 DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 s390 DSA-1624-1 libxslt 2008-7-31 +libxslt1-dev 1.1.19-3 sparc DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-3 sparc DSA-1624-1 libxslt 2008-7-31 +python-libxslt1 1.1.19-3 sparc DSA-1624-1 libxslt 2008-7-31 +libxslt1-dbg 1.1.19-3 sparc DSA-1624-1 libxslt 2008-7-31 +xsltproc 1.1.19-2 alpha DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 alpha DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 alpha DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 alpha DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 amd64 DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 amd64 DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 amd64 DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 amd64 DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 arm DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 arm DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 arm DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 arm DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 hppa DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 hppa DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 hppa DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 hppa DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 i386 DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 i386 DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 i386 DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 i386 DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 ia64 DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 ia64 DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 ia64 DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 ia64 DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 mips DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 mips DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 mips DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 mips DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 mipsel DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 mipsel DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 mipsel DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 mipsel DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 powerpc DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 powerpc DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 powerpc DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 powerpc DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 s390 DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 s390 DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 s390 DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 s390 DSA-1589-1 libxslt 2008-5-28 +xsltproc 1.1.19-2 sparc DSA-1589-1 libxslt 2008-5-28 +python-libxslt1 1.1.19-2 sparc DSA-1589-1 libxslt 2008-5-28 +libxslt1-dev 1.1.19-2 sparc DSA-1589-1 libxslt 2008-5-28 +libxslt1-dbg 1.1.19-2 sparc DSA-1589-1 libxslt 2008-5-28 +maradns 1.0.27-2 alpha DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 amd64 DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 arm DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 hppa DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 i386 DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 ia64 DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 m68k DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 mips DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 mipsel DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 powerpc DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 s390 DSA-1445-1 maradns 2008-1-03 +maradns 1.0.27-2 sparc DSA-1445-1 maradns 2008-1-03 +libexiv2-doc 0.10-1.5 all DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 alpha DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 alpha DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 amd64 DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 amd64 DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 arm DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 arm DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 hppa DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 hppa DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 i386 DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 i386 DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 ia64 DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 ia64 DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 mips DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 mips DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 mipsel DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 mipsel DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 powerpc DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 powerpc DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 s390 DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 s390 DSA-1474-1 exiv2 2008-1-23 +libexiv2-dev 0.10-1.5 sparc DSA-1474-1 exiv2 2008-1-23 +exiv2 0.10-1.5 sparc DSA-1474-1 exiv2 2008-1-23 +libflac-doc 1.1.2-8 all DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 alpha DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 alpha DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 alpha DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 alpha DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 alpha DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 alpha DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 amd64 DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 amd64 DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 amd64 DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 amd64 DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 amd64 DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 amd64 DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 arm DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 arm DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 arm DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 arm DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 arm DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 arm DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 hppa DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 hppa DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 hppa DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 hppa DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 hppa DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 hppa DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 i386 DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 i386 DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 i386 DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 i386 DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 i386 DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 i386 DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 ia64 DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 ia64 DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 ia64 DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 ia64 DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 ia64 DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 ia64 DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 mips DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 mips DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 mips DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 mips DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 mips DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 mips DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 mipsel DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 mipsel DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 mipsel DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 mipsel DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 mipsel DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 mipsel DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 powerpc DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 powerpc DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 powerpc DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 powerpc DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 powerpc DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 powerpc DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 s390 DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 s390 DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 s390 DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 s390 DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 s390 DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 s390 DSA-1469-1 flac 2008-1-20 +libflac7 1.1.2-8 sparc DSA-1469-1 flac 2008-1-20 +libflac-dev 1.1.2-8 sparc DSA-1469-1 flac 2008-1-20 +flac 1.1.2-8 sparc DSA-1469-1 flac 2008-1-20 +xmms-flac 1.1.2-8 sparc DSA-1469-1 flac 2008-1-20 +liboggflac3 1.1.2-8 sparc DSA-1469-1 flac 2008-1-20 +liboggflac-dev 1.1.2-8 sparc DSA-1469-1 flac 2008-1-20 +ikiwiki 1.33.4 all DSA-1523-1 ikiwiki 2008-3-17 +ikiwiki 1.33.5 all DSA-1553-1 ikiwiki 2008-4-20 +libvorbis-dev 1.1.0-2 alpha DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 alpha DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 alpha DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 alpha DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 amd64 DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 amd64 DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 amd64 DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 amd64 DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 arm DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 arm DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 arm DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 arm DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 hppa DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 hppa DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 hppa DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 hppa DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 i386 DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 i386 DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 i386 DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 i386 DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 ia64 DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 ia64 DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 ia64 DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 ia64 DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 m68k DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 m68k DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 m68k DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 m68k DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 mips DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 mips DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 mips DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 mips DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 mipsel DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 mipsel DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 mipsel DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 mipsel DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 powerpc DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 powerpc DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 powerpc DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 powerpc DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 s390 DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 s390 DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 s390 DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 s390 DSA-1471-1 libvorbis 2008-1-21 +libvorbisenc2 1.1.0-2 sparc DSA-1471-1 libvorbis 2008-1-21 +libvorbis0a 1.1.0-2 sparc DSA-1471-1 libvorbis 2008-1-21 +libvorbisfile3 1.1.0-2 sparc DSA-1471-1 libvorbis 2008-1-21 +libvorbis-dev 1.1.0-2 sparc DSA-1471-1 libvorbis 2008-1-21 +phpbb2-languages 2.0.21-7 all DSA-1488-1 phpbb2 2008-02-09 +phpbb2 2.0.21-7 all DSA-1488-1 phpbb2 2008-02-09 +phpbb2-conf-mysql 2.0.21-7 all DSA-1488-1 phpbb2 2008-02-09 mantis 0.17.1-2.5 all DSA-161-1 mantis 2002-9-4 micq 0.4.3-4.1 alpha DSA-211-1 micq 2002-12-13 micq 0.4.3-4.1 arm DSA-211-1 micq 2002-12-13 --- tiger-3.2.2.orig/systems/Linux/2/getdisks +++ tiger-3.2.2/systems/Linux/2/getdisks @@ -16,10 +16,11 @@ # Please see the file `COPYING' for the complete copyright notice. # # getdisks - 06/24/93 +# 09/08/2008 - jfs - Do not warn for non-local filesystems here # #----------------------------------------------------------------------------- # -$GET_MOUNTS local | +$GET_MOUNTS local all | $AWK '{printf("%s ",$1)} END {printf("\n")}' --- tiger-3.2.2.orig/systems/Linux/2/gen_cron +++ tiger-3.2.2/systems/Linux/2/gen_cron @@ -77,10 +77,16 @@ $GETUSERHOME "$file" >/dev/null 2>/dev/null if [ $? = 0 ]; then + # Parse the crontab file: + # - Replace '@' commands (Debian-specific), since we don't care on + # times we just replace them with '0 0 0 0 0' + # - Remove variable definitions $SED -e 's/#.*$//' -e '/^$/d' $CRONSPOOL/$name | + $SED -e 's/^@[A-Za-z]*/0 0 0 0 0/' | + $SED -e '/^[A-Za-z]*.*=/d' | while read a b c d e command do - echo "$name $command" + [ -n "$command" ] && echo "$name $command" done >> $outfile else echo "--WARN-- Found cron file for unknown user $file." --- tiger-3.2.2.orig/debian/server.ignore +++ tiger-3.2.2/debian/server.ignore @@ -0,0 +1,21 @@ +# Mysql database server +Program mysqld \(pid [[:digit:]]+, parent [[:digit:]]+\) is using a deleted file: .* /var/log/mysql/mysql\.err\.[[:digit:]]+ \(deleted\) +# Apache web server +Server /usr/sbin/apache \(pid [[:digit:]]+\) is using deleted files +Program apache \(pid [[:digit:]]+, parent [[:digit:]]+\) is using a deleted file: .* /tmp/session_mm_apache0.sem \(deleted\) +The parent process of server /usr/sbin/apache \(pid [[:digit:]]+\) is using deleted files +# Cupds printer daemon +Server /usr/sbin/cupsd \(pid [[:digit:]]+\) is using deleted files +Program cupsd \(pid [[:digit:]]+, parent [[:digit:]]+\) is using a deleted file: .* /var/log/cupsd/error_log\..* \(deleted\) +#Mailman list manager +Program python \(pid [[:digit:]]+, parent [[:digit:]]+\) is using a deleted file: .* /var/log/mailman/.* \(deleted\) +# Squid proxy +Server \(squid\) .* \(pid [[:digit:]]+\) is using deleted files +# SSH users accessing remotely with X11 forwarding 'on' +The process `sshd' is listening on socket 6[[:digit:]]+ (TCP on loopback interface) is run by .* +# Identd +The process .identd. is listening on socket 113 \(TCP on every interface\) is run by identd\. +# Avahi daemon +The process .avahi-daemon. is listening on socket [[:digit:]]+ \(UDP on every interface\) is run by avahi\. +# Bind +The process .named. is listening on socket [[:digit:]]+ \(UDP on every interface\) is run by bind\. --- tiger-3.2.2.orig/debian/rules +++ tiger-3.2.2/debian/rules @@ -0,0 +1,99 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# GNU copyright 1997 to 1999 by Joey Hess. + +# We depend on baashisms +SHELL=/bin/bash + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +# This is the debhelper compatibility version to use. +# export DH_COMPAT=5 + +build: build-stamp +build-stamp: + dh_testdir + + autoconf + ./configure --with-tigerhome=/usr/lib/tiger --with-tigerwork=/var/lib/tiger/work --with-tigerlog=/var/log/tiger --with-tigerbin=/usr/sbin --with-tigerconfig=/etc/tiger --prefix=/usr --mandir=/usr/share/man + $(MAKE) all + + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp + + [ -f Makefile ] && $(MAKE) distclean || $(MAKE) -f Makefile.in distclean + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/tiger. + $(MAKE) install DESTDIR=debian/tiger/ + # Just in case + chmod a+x debian/tiger/usr/lib/tiger/systems/Linux/2/{deb,gen,check}_* + chmod a+x debian/tiger/usr/lib/tiger/scripts/check_* + # This is not needed + -rm -rf debian/tiger/usr/lib/tiger/man/ + # Remove the systems that do not apply. + # Currently only Linux and default + # AIX/ default/ HPUX/ IRIX/ Linux/ NeXT/ SunOS/ UNICOS/ UNICOSMK + # TODO: make this for all dirs save for Linux and default (i.e. + # make this 'mv' more generic) + -find debian/tiger/ -type d -a -name "CVS" |xargs rm -rf + mv debian/tiger/usr/lib/tiger/systems/{AIX,HPUX,IRIX,NeXT,SunOS,UNICOS,UNICOSMK,Tru64,MacOSX} debian/tiger-otheros/usr/lib/tiger/systems/ + #install -m 755 debian/tiger debian/tiger/usr/sbin/ + #install -m 755 debian/tigexp debian/tiger/usr/sbin/ + #install -m 755 tigercron debian/tiger/usr/lib/tiger/ + install -m 600 cronrc debian/tiger/etc/tiger/ + # Do not install tigerrc, it is handled by ucf since it is edited by Debconf prompts: + #install -m 600 tigerrc debian/tiger/etc/tiger/ + -rm -f debian/tiger/etc/tiger/tigerrc + install -m 600 debian/tiger.default debian/tiger/etc/default/tiger + install -m 600 debian/debian.ignore debian/tiger/etc/tiger/tiger.ignore + install -m 644 version.h debian/tiger/usr/lib/tiger/ + + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install +# dh_testversion + dh_testdir + dh_testroot + dh_installdebconf + dh_installdocs + dh_installexamples tigerrc* site* cronrc debian/server.ignore + dh_installmenu + dh_installcron + dh_installman man/tiger.8 man/tigexp.8 man/tigercron.8 + dh_installinfo + dh_installchangelogs CHANGES + dh_link + dh_strip -XHPUX -XSunOS -XAIX -XIRIX -XNeXT -XMacOSX + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps -XHPUX -XSunOS -XAIX -XIRIX -XNeXT -XMacOSX + dh_gencontrol + dh_md5sums + dh_builddeb + +update-dsa: +# Updated Debian Security Advisories +# This target should only be run by the Debian maintainer (which needs +# to fix the update_advisories appropiately) + cd systems/Linux/2 && sh update_advisories.sh +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- tiger-3.2.2.orig/debian/postinst +++ tiger-3.2.2/debian/postinst @@ -0,0 +1,68 @@ +#!/bin/sh -e + +# System configuration file: +CONFIG=/etc/tiger/tigerrc +# Package-provided configuration file: +PKGCONFIG=/usr/share/doc/tiger/examples/tigerrc.gz + +test $DEBIAN_SCRIPT_DEBUG && set -v -x + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +case "$1" in + install) + ;; + upgrade) + ;; + configure) + # Obtain the configured value + . /usr/share/debconf/confmodule + db_get tiger/mail_rcpt || true + MAIL_RCPT="$RET" + + # Create temporary file for use in UCF + tempfile=`tempfile` || { echo "Cannot create temporary file, aborting" >&2; exit 1; } + + # Determine if we are using a compressed configuration file or not + CAT=cat + if echo $PKGCONFIG | grep -q .gz; then + CAT=zcat + fi + if [ ! -e "$PKGCONFIG" ] ; then + echo "ERROR in maintainer script, cannot find package configuration file at $PKGCONFIG" >&2 + exit 1 + fi + $CAT $PKGCONFIG | sed -e "s/^Tiger_Mail_RCPT=.*$/Tiger_Mail_RCPT=\"$MAIL_RCPT\"/" > $tempfile + + # Use UCF to handle file changes + ucf $tempfile $CONFIG + ucfr tiger $CONFIG + rm -f $tempfile + ;; + abort-upgrade) + ;; + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + + +#DEBHELPER# + +exit 0 --- tiger-3.2.2.orig/debian/config +++ tiger-3.2.2/debian/config @@ -0,0 +1,9 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +db_input medium tiger/mail_rcpt || true +db_input medium tiger/policy_adapt || true +db_go || true + +exit 0 --- tiger-3.2.2.orig/debian/dirs +++ tiger-3.2.2/debian/dirs @@ -0,0 +1,7 @@ +etc/tiger +etc/tiger/templates +etc/default +usr/sbin +usr/lib/tiger +var/lib/tiger/work +var/log/tiger --- tiger-3.2.2.orig/debian/postrm +++ tiger-3.2.2/debian/postrm @@ -0,0 +1,58 @@ +#! /bin/sh +# postrm script for tiger +# +# see: dh_installdeb(1) + +set -e + +CONFIG=/etc/tiger/tigerrc + +case "$1" in + purge) + for dir in /var/log/tiger/ /var/lib/tiger/work /var/lib/tiger/ /var/run/tiger/ + do + [ -d "$dir" ] && { + find $dir -type d -o -exec rm -f {} \; + find $dir -type d -depth -exec rmdir {} \; + } + done +# Do we have any tigerXX files under /var/log/? if so we should remove +# them. This were created due to bug #164682 ... + find /var/log/ -type f -name "tiger*" | xargs rm -f + + # Clear some other cruft + rm -f /usr/lib/tiger/bin/.bintype || true + + # we mimic dpkg as closely as possible, so we remove configuration + # files with dpkg backup extensions too: + for ext in '~' '%' .bak .ucf-new .ucf-old .ucf-dist; do + rm -f ${CONFIG}${ext} + done + +# Remove configuration files, if they still exist + for conf in /etc/cron.d/tiger /etc/default/tiger \ + /etc/tiger/cronrc /etc/tiger/tiger.ignore \ + /etc/tiger/tigerrc /etc/default/tiger.default ; do + [ -f "$conf" ] && rm -f "$conf" + done + + # Clear config file from the ucf database + if which ucf >/dev/null; then + ucf --purge $CONFIG + fi + if which ucfr >/dev/null; then + ucfr --purge tiger $CONFIG + fi + + + ;; + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) +# Do nothing + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 0 +esac + +#DEBHELPER# --- tiger-3.2.2.orig/debian/debian.ignore +++ tiger-3.2.2/debian/debian.ignore @@ -0,0 +1,31 @@ +Login ID nobody is disabled, but still has a valid shell \(/bin/sh\) +Login ID mail's home directory \(/var/mail\) has group `mail' write access. +Login ID \w+'s parent directory \(/home\) has group `staff' write access. +Log file /var/log/wtmp permission should be 644 +Log file /var/log/btmp does not exist +Log file /var/run/utmp permission should be 644 +Log file /var/log/loginlog does not exist +Log file /var/log/messages permission should be 640 +The owner of /var/log/wtmp should be root (owned by utmp). +/var/log/wtmp should not have group write. +The owner of /var/run/utmp should be root (owned by utmp). +/var/run/utmp should not have group write. +/var/log/XFree86.0.log should not have world read. +/etc/fstab should not have group read. +/etc/fstab should not have world read. +/etc/inetd.conf should not have group read. +/etc/inetd.conf should not have world read. +/etc/pam.d/sudo should not have world read. +The directory /dev/ataraid resides in a device directory. +The directory /dev/cciss resides in a device directory. +The directory /dev/fd resides in a device directory. +The directory /dev/input resides in a device directory. +The directory /dev/pts resides in a device directory. +The directory /dev/rd resides in a device directory. +The directory /dev/usb resides in a device directory. +The directory /dev/ida resides in a device directory. +/dev/null has world permissions +/dev/ptmx has world permissions +/dev/gpmctl has world permissions +/dev/gpmdata has world permissions +File ".fetchmail-UIDL-cache" in the mail spool, owned by "fetchmail". --- tiger-3.2.2.orig/debian/TODO.Debian +++ tiger-3.2.2/debian/TODO.Debian @@ -0,0 +1,40 @@ + +TODO stuff for Debian's tiger: + +- Make the cron configuration selectable by the user (make it possible to + switch it on/off through Debconf), see #349391 + +- Make the tigercron script print information on when checks where started / + stopped, see #338664 + +- Make Source package=tara and upgrade to 2.4. + ISSUE: tara package did not include properly the Debian directories + and stuff, diff might get garbled (new files were placed in the / directory, + how were the sources patched?) + +- Get access to the ARSC patch (send an email to developers) since the + CHANGES.ARSC details patches that have not (yet) been included in the + package. I could derive some from the description but only a few. + +- Write a manpage for tigerrc + +- Make a transition from templates at /var/log/tiger to /etc/tiger/templates + +- Provide templates for known false positives in tiger + +- Consider providing scripts in new packages + for the different OS (AIX, HP-UX...) so that a Debian system can be used + for host-scanning different OS + ISSUE: provide the compiled C programs for those target platforms + +- Add new scripts based on TITAN's which is, unfortunately, + non-free (even if it is so for a good cause). + +- Add a checklist based on scripts to be used for host hardening. + +- Translate some checks into Bastille plugins + +DONE (previous TODO) + +- Checkout all the changes made by the Tara team, including improved + scripts and fixes for some platforms --- tiger-3.2.2.orig/debian/docs +++ tiger-3.2.2/debian/docs @@ -0,0 +1,19 @@ +USING +BUGS.EXTERN +DESCRIPTION +CREDITS +README +README.1st +README.hostids +README.ignore +README.linux +README.logo +README.signatures +README.sources +README.time +README.unsupported +README.writemodules +TODO +tiger_logo_half.jpg +tiger_logo.jpg +tiger_logo_small.jpg --- tiger-3.2.2.orig/debian/tigexp +++ tiger-3.2.2/debian/tigexp @@ -0,0 +1,4 @@ +#!/bin/sh +# Wrapper script for tiger + +cd /usr/lib/tiger && ./tigexp $* --- tiger-3.2.2.orig/debian/tiger.links +++ tiger-3.2.2/debian/tiger.links @@ -0,0 +1 @@ +usr/sbin/tigexp usr/lib/tiger/tigexp --- tiger-3.2.2.orig/debian/watch +++ tiger-3.2.2/debian/watch @@ -0,0 +1,7 @@ +# Watch control file for uscan for Tiger +version=3 +# Savannah site +http://download.savannah.gnu.org/releases/tiger/tiger-(.*)\.tar\.gz +# +# Old site, no longer available and no longer upstream +# ftp://www.net.tamu.edu/pub/security/TAMU/tiger-(.*)\.tar\.gz --- tiger-3.2.2.orig/debian/tiger.default +++ tiger-3.2.2/debian/tiger.default @@ -0,0 +1,6 @@ +# +# Default settings for /etc/cron.d/tiger +# + +# Nice level to use for Tiger when running through cron +NICETIGER=10 --- tiger-3.2.2.orig/debian/compat +++ tiger-3.2.2/debian/compat @@ -0,0 +1 @@ +5 --- tiger-3.2.2.orig/debian/changelog +++ tiger-3.2.2/debian/changelog @@ -0,0 +1,1386 @@ +tiger (1:3.2.2-8ubuntu1) jaunty; urgency=low + + * Merge from debian unstable, remaining changes (LP: #303893): + - debian/postrm: + + Clean directories correctly when purging. + - config.in: + + Auto-create the work directory if it's in /var/run, /tmp, or /var/tmp. + + Use temporary file instead of hardcoded rcfile for temporary work. + + -- Nick Ellery Sun, 30 Nov 2008 22:59:52 -0800 + +tiger (1:3.2.2-8) unstable; urgency=low + + * Acknowledge NMU (Closes: #502672) + * Fix Makefiles so that the explanation index file is generated and distributed + properly (Closes: #507028) + * system/Linux/2/gen_mounts: + - Added ecryptfs, used by ecryptfs-utils (Closes: 506512) + - Fix bashism (Closes: #505939) + * Update Standards-Version to 3.8.0: + - Added a Homepage field in debian/control + * Use debhelper version 5 + * Lintian fix: + - Comment out DH_COMPAT definition in debian/rules + - Fixed debian/watch file used by uscan by adding a version and a proper + location for upstream updates + + -- Javier Fernandez-Sanguino Pen~a Thu, 27 Nov 2008 23:47:16 +0100 + +tiger (1:3.2.2-7.1ubuntu1) jaunty; urgency=low + + * Merge from debian unstable, remaining changes: + - Clean directories correctly when purging. + + -- Nick Ellery Wed, 05 Nov 2008 05:01:38 +0000 + +tiger (1:3.2.2-7.1) unstable; urgency=medium + + * Non-maintainer upload. + * Patched Makefile.in to make clean and distclean targets use + doc/Makefile.in when recursing the clean target. (Closes: #503282) + + -- Jonny Lamb Fri, 24 Oct 2008 16:14:23 +0100 + +tiger (1:3.2.2-7) unstable; urgency=low + + * Fix bashism in check_patches script (Closes: #502672) + + -- Javier Fernandez-Sanguino Pen~a Sun, 19 Oct 2008 12:45:38 +0200 + +tiger (1:3.2.2-6ubuntu1) intrepid; urgency=low + + * Merge from Debian Unstable. Remaining Ubuntu changes: + - Clean directories correctly when purging. + + -- Luca Falavigna Sat, 04 Oct 2008 02:57:42 +0200 + +tiger (1:3.2.2-6) unstable; urgency=medium + + * Bring changes from CVS to gen_mounts, amongst other fixes: + - Adds definitions for the following filesystems: reiser4, securityfs, + fuse.gvfs-fuse-daemon, fuseblk, fuse.truecrypt, fuse.encfs, debugfs, afs, + configfs, gfs, gfs2, inotifyfs, hugetlb, subfs, futexfs and bind. + (Closes: #498203, #483727, #469685, #490344, #490822, #451879) + (LP: #155211) + - Make it possible to define system-specific local and non-local + filesystems through the use of the Tiger_FSScan_Local and + Tiger_FSScan_NonLocal variables in tigerrc. + - Make it possible to prevent the 'unknown filesystem' warnings through + the use of a new tigerrc variable: Tiger_FSScan_WarnUnknown + * Use prelink to calculate checksums if present (Closes: #445531, #349391) + * Use /var/lib/tiger/work instead of /var/run/tiger/work to be + FHS-compliant. It also avoids spamming people using a tmpfs /var/run + with warning messages every time it creates its directory. (Closes: #486591) + * Use tempfile in the config script to create the RC file if available, the + $$ construct is used in a safe directory (WORKDIR) but this way people + doing a cursory look at the code will not report (or try to fix, as in + Ubuntu) inexistant temp race conditions. + * Add code in Makefile.in and doc/Makefile.in (new file) to make it possible + to build and remove the HTML files generated from the text files so that + we do not distributed autogenerated content. + * Also change Makefile.in to make 'all' actually be useful so that the build + targets builds binaries (binaries were being built on install instead) + * Update list of Debian advisories to current date. + * Add a ignore for Debian to prevent Tiger from complaining about fetchmail + processes. + * Add additional samples for server processes to debian/server.ignore + * Remove double linefeed in debian/changelog + * Use UCF to handle configuration file changes to prevent prompting when + upgrading to tiger versions that change the tigerrc. (Closes: #341595) + * Remove stale left file created in /usr/lib/tiger/bin if it exists on purge + * Lintian fixes: + - Remove coreutils Depends as it is an Essential package + - Remove code in postinst related to an ancient bug and associate + debconf prompts. + - Make the following scripts executable: systems/Linux/1/check, + systems/Linux/1/gendlclients, systems/Linux/1/getdisks, + systems/Linux/2/update_advisories.sh + + -- Javier Fernandez-Sanguino Pen~a Tue, 09 Sep 2008 00:28:35 +0200 + +tiger (1:3.2.2-5) unstable; urgency=low + + * Acknowledge NMU, which was not acknowledged in the previous package + version. + - Fix bashism in 'tigercron' script (Closes: #468700) + - Bump Standards-Version to 3.7.3. + + -- Javier Fernandez-Sanguino Pen~a Sun, 31 Aug 2008 14:47:18 +0200 + +tiger (1:3.2.2-4) unstable; urgency=low + + * Fix a temp race condition in the genmsgidx script if the system + has a tempfile function (Closes: 496415) + + -- Javier Fernandez-Sanguino Pen~a Tue, 26 Aug 2008 12:00:16 +0200 + +tiger (1:3.2.2-3.1ubuntu1) intrepid; urgency=low + + * Merge from debian unstable, remaining changes: (LP: #241046) + - Continue to Clean directories correctly when purging. + - Modify Maintainer value to match Debian-Maintainer-Field Spec + + -- Steve Stalcup Thu, 01 May 2008 04:27:01 +0100 + +tiger (1:3.2.2-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix bashism in 'tigercron' script (Closes: #468700) + * Bump Standards-Version to 3.7.3. + + -- Chris Lamb Sat, 12 Apr 2008 04:35:43 +0100 + +tiger (1:3.2.2-3) unstable; urgency=low + + * Fix encoding of changelog and copyright files (Closes: #454024) + + -- Javier Fernandez-Sanguino Pen~a Mon, 11 Feb 2008 22:28:40 +0100 + +tiger (1:3.2.2-2) unstable; urgency=low + + * Remove all configuration files on purge, including tiger.default if + it exists (which is not a conffile since 1:3.2.1-36 and might be + a leftover) (Closes: #455108) + + -- Javier Fernandez-Sanguino Pen~a Sun, 09 Dec 2007 15:36:44 +0100 + +tiger (1:3.2.2-1ubuntu1) hardy; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/dirs, debian/postrm, debian/rules: + + Use /var/lib/tiger/work instead of /var/run/tiger/work as the default + work directory. + + Clean directories correctly when purging. + - debian/config.in: + + Auto-create the work directory if it's in /var/run, /tmp, + or /var/tmp. + + Use temporary file instead of hardcoded rcfile for temporary work. + - debian/control: + + Set Maintainer fields. + * Sync debian/po/pt.po with Debians as they are the same. + + -- Kenneth Drake Wed, 21 Nov 2007 19:14:44 +0000 + +tiger (1:3.2.2-1) unstable; urgency=low + + * New upstream release + * Remove debian/ dir from upstream's tarball to prevent FTBFS + (Closes: #450479) + * Fix scripts: + - scripts/check_crontabs, scripts/check_apache, scripts/check_xinetd: + Change message calls so that they can be filtered (Closes: #411534) + - scripts/check_apache: Fix the way the configuration file is handled + to obtain the IP address and port (Closes: 436904) + - systems/Linux/2/gen_cron: Handles properly the case when the special + @daily,@reboot, etc. definitions are used instead of real times. Also + fix bug deailing with variables in crontab contents (Closes: 418440) + * Add 'fuse' to the list of valid filesystems (Closes: #449439) + * Add Dependency on bsdmainutils to get the COLUMN command (Closes: 448975) + * Add Portuguese translation, thanks LuA-sa LourenA§o (Closes: 440372) + * Modify update-advisories to skip directories with 'data' in the name + * Update the advisories list + + -- Javier Fernandez-Sanguino Pen~a Thu, 08 Nov 2007 02:20:09 +0100 + +tiger (1:3.2.1-38) unstable; urgency=low + + * systems/Linux/2/gen_mounts, vmblock is now recognised as a non-local FS. + + -- Javier Fernandez-Sanguino Pen~a Wed, 27 Jun 2007 00:46:54 +0200 + +tiger (1:3.2.1-37ubuntu1) gutsy; urgency=low + + * Merge from Debian unstable, remaining changes: + - Move the default work directory to /var/lib/tiger/work. + - Auto-create the work directory if it's in /var/run, /tmp, or /var/tmp. + - Clean directories correctly when purging. + - Update maintainer in field debian/control. + + -- Michele Angrisano Sun, 01 Jul 2007 19:32:18 +0200 + +tiger (1:3.2.1-37) unstable; urgency=low + + * systems/Linux/2/check_rcumask: Fix syntax error (Closes: #430224) + + -- Javier Fernandez-Sanguino Pen~a Sat, 23 Jun 2007 15:52:58 +0200 + +tiger (1:3.2.1-36ubuntu1) gutsy; urgency=low + + * Merge from Debian unstable. Remaining Ubuntu changes: + - Auto-create the work directory if it's in /var/run, /tmp, or /var/tmp + - Move the default work directory to /var/lib/tiger/work. + - Clean directories correctly when purging. + - Modify Maintainer value to match Debian-Maintainer-Field Spec + + -- Andrea Veri Fri, 22 Jun 2007 11:33:20 +0200 + +tiger (1:3.2.1-36) unstable; urgency=low + + * Fix the location of Tiger's default file (Closes: #426182) + * Updated the Debian advisories listing (as of today, latest DSA is 1316) + * Changed the maintainer's email address + * system/Linux/2/check_lilo: run the boot loader check if on amd64 (Closes: #412669) + * system/Linux/2/deb_checkmd5sums: Fix the script so that it understands + properly the "new" md5sum format (Closes: #412822) + * Add new suid files to the list of SUIDs at system/Linux/2/suid_list + (Closes: #417330) + * scripts/check_devices: Extend the list of EXPECTEDDIRS for Linux to cover + udev-specific dirs (Closes: #417940, #420488) + * systems/Linux/2/check_rcumask: Skip comment lines defining umask + (Closes: 418531) + * scripts/check_ftpusers: Skip this check if there is no FTP daemon + installed (Closes: #420486) + * scripts/check_printcap: Skip this test if CUPS is installed + (Closes: #420487) + * system/Linux/2/gen_mounts: Added fusectl to the local filesystems + (Closes: #409386) + * Debconf translations: + - Included Dutch translation provided by Bart Cornelis (Closes: #414768) + - Included Portuguese translation provided by Luísa Lourenço (Closes: #415534) + + -- Javier Fernandez-Sanguino Pen~a Fri, 22 Jun 2007 01:04:17 +0200 + +tiger (1:3.2.1-35ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - Auto-create the work directory if it's in /var/run, /tmp, or /var/tmp + - Move the default work directory to /var/lib/tiger/work. + - See launchpad bug #44329 + - Clean directories correctly when purging. + + + -- Stephan Hermann Thu, 21 Dec 2006 17:10:03 +0100 + +tiger (1:3.2.1-35) unstable; urgency=low + + * [scripts/check_rootkit] + Send stderr output of chkrootkit to /dev/null to avoid the 'warning, got + bogus unix line' messages that netstat might output (Closes: #223847) + * Update advisories + + -- Javier Fernandez-Sanguino Pen~a Thu, 30 Nov 2006 21:42:23 +0100 + +tiger (1:3.2.1-34) unstable; urgency=low + + * Linux/2/gen_mounts - Added selinuxfs to local FS (Closes: #397832) + * scripts/check_accounts - Redirect find errors in home directories + to /dev/null, prevents root being sent errors when using NFS mounted + home directories with root_squash. Thanks to Matus Harvan for the + patch (Closes: #386163) + * Update Debian advisories lists. + + -- Javier Fernandez-Sanguino Pen~a Fri, 10 Nov 2006 16:01:21 +0100 + +tiger (1:3.2.1-33) unstable; urgency=low + + * Fix typo in check_rootkit script, thanks to Michael Cihar (Closes: #385475) + + -- Javier Fernandez-Sanguino Pen~a Thu, 31 Aug 2006 23:04:43 +0200 + +tiger (1:3.2.1-32) unstable; urgency=low + + * Modify config so that it will attempt to create a working directory if + it does not exist (Closes: #366919) + * [scripts/check_rootkit] Introduce Tiger_CHKROOTKIT_ARGS so that + admins can ajust the behaviour of CHKROOTKIT (defaults to '-q') + (Closes: #320341) + * Include output of chkrootkit when a file is INFECTED (Closes: #277533) + + -- Javier Fernandez-Sanguino Pen~a Wed, 30 Aug 2006 14:13:42 +0200 + +tiger (1:3.2.1-31ubuntu1) edgy; urgency=low + + * Auto-create the work directory if it's in /var/run, /tmp, or /var/tmp + * Move the default work directory to /var/lib/tiger/work. + - See launchpad bug #44329 + * Clean directories correctly when purging. + + -- Matthias Urlichs Wed, 30 Aug 2006 09:27:31 +0200 + +tiger (1:3.2.1-31) unstable; urgency=low + + * systems/Linux/2/deb_checkmd5sums: Fix Ubuntu bug 50611 by excluding dev/ + and lib/udev/devices/ from the md5sum test, thanks to Richard Laager + for the patch (Closes: #383400) + * systems/Linux/2/check_neverlogin: handle users prepended with domains + (DOMAIN\user) properly (Closes: #344890) + * Update advisories from Debian as of today. + * Simplify dependencies (just use coreutils) (Closes: #368713) + + -- Javier Fernandez-Sanguino Pen~a Thu, 17 Aug 2006 07:51:17 +0200 + +tiger (1:3.2.1-30) unstable; urgency=low + + * Fix deb_nopackfiles to kip directories that are symbolic links, this + happens with /usr/X11R6/bin as the latest Xorg package versions just + symlink this to /usr/bin/ (Closes: #367931, #373790) + * Fix deprecated syntax with sort that made the cron job spout warnings. + Thanks to Cyril Chaboisseau and Adam James for providing a patch + (Closes: #369501) + * Fix check_listeningprocs to prevent it from botching when udp6 services + are up (Closes: #375165) + * Updated information of DSAs (should someday include information based + on the DTSA archive but I'd rather use OVAL...) + * Add some more TODOs + + -- Javier Fernandez-Sanguino Pen~a Wed, 5 Jul 2006 02:30:25 +0200 + +tiger (1:3.2.1-29) unstable; urgency=low + + * Fix check_accounts to properly review the contents of .forward files. + Thanks to Rainer Schopf for the fix (Closes: #329610) + * Added cifs to the non local filesystems in gen_mounts (Closes: #329813) + * Use TAIL in Linux scripts conforming to POSIX 1003.2-1992 (Closes: #339090) + * check_accounts: Add quotation marks to Tiger_Admin_Accounts to prevent + errors if empty (Closes: #342181) + * check_devices: Handle the special case of having " in filenames by + quoting the character (Closes: #355096) + * Nice Tigercron by default, users wishing to change the nice can adjust + it in /etc/default/tiger (Closes: #334186, #325257, #339655) + * Disable signature checks in the default tigerrc since those provided are + not updated, debsums is prefered in Debian (Closes: #327486) + * Update the list of advisories in debian_advisories + * Debconf translations: + - Added Vietnamese translation provided by Clytie Siddall (Closes: #322301) + - Added Swedish translation provided by Daniel Nylander (Closes: #343731) + * Use debhelper compatibility version 4 (it was about time!) + * Lintian fix: eliminate duplicate Recommends/Depends on binutils + + -- Javier Fernandez-Sanguino Pen~a Thu, 20 Apr 2006 23:05:48 +0200 + +tiger (1:3.2.1-28) unstable; urgency=low + + * Added a dependency on "| debconf-2.0" as requested by Joey Hess + * Use Debhelper compatibility version 4 + * Updated to latest CVS code: + - gen_passwd_sets: Create a src file if using LDAP (Closes: #319815) + + -- Javier Fernandez-Sanguino Pen~a Thu, 4 Aug 2005 19:16:22 +0200 + +tiger (1:3.2.1-27) unstable; urgency=low + + * Updated to latest CVS code, with some new fixes and patches including: + - check_accounts: Check for null $uids before using them in comparisons + (Closes: #312080) + - check_runprocs: Use comm instead of fname (Closes: #308486) + - Linux/gen_mounts: Changed extraction from mount command + so it can cope with whitespaces in mount locations, added sanity + check and fix a bug that mangled $fs (Closes: #315435) + - Makefile.in: install files needed to run tiger -G (Closes: #319468) + * German translation update of debconf templates provided by Erik Schanze + (Closes: #311857) + * Updated to latest batch of Debian advisories + + -- Javier Fernandez-Sanguino Pen~a Fri, 22 Jul 2005 16:50:33 +0200 + +tiger (1:3.2.1-26) unstable; urgency=low + + * Updated to latest CVS code, with some new fixes and patches including: + - check_listeningprocs (generic and Linux versions): Proper check for + processes in loopback (Closes: #307695) + - Linux/check_passwdspec: Better fix for pwd=! (Closes #308141) + - Linux/deb_checkmd5sums: Prevent issues with /usr/bin/[ by adjusting + GREP calls (Closes #305484) + - Linux/gen_mounts: Added auto, udev when using on /dev, + capifs and nfsd. (Closes: #305670 #307802 #307887 #308585) + Note to self: Bug mount manpages since none of these are listed + there... + - Linux/gen_passwd: Add LDAP password support with patch provided by Micha + Kersloot (Closes: #307505) + - Documentation improvements (README.Sources and TODO) + + -- Javier Fernandez-Sanguino Pen~a Sat, 14 May 2005 12:52:09 +0200 + +tiger (1:3.2.1-25) unstable; urgency=low + + * Updated to latest CVS code: + - Add afs as a non-local filesystem, and auto as a local filesystem + (Closes: #305670) + - Improve manpage wording + * Provide a default value for Tiger_Running_Procs instead of leaving + it empty + + -- Javier Fernandez-Sanguino Pen~a Thu, 21 Apr 2005 20:09:45 +0200 + +tiger (1:3.2.1-24) unstable; urgency=medium + + * Updated to CVS code: + - Fixed Linux/2/gen_mounts code which broke with the patches + implemented before the previous upload. + + -- Javier Fernandez-Sanguino Pen~a Mon, 18 Apr 2005 18:23:30 +0200 + +tiger (1:3.2.1-23) unstable; urgency=low + + * Updated to CVS code, this changes: + - gen_mounts now considers valid and non-local many more filesystems + (as described in mount(5)) including devfs (Closes: #304956, #304555, + #304557) + - check_listeningprocs will now check against both fname and comm and + strips the arguments of the command (this is an improvement over the + fix done in #288086) + - check_network_config properly checks ICMP redirects and the message + generation is fixed now it also now checks for local iptables rules + (Closes: #304957) + - several typo fixes in doc/linux.txt + * Updated DSA listing + + -- Javier Fernandez-Sanguino Pen~a Sat, 16 Apr 2005 22:19:50 +0200 + +tiger (1:3.2.1-22) unstable; urgency=low + + * Added some more valid but non-local filesystems ('none', 'binfmt_misc', + 'autofs') to gen_mounts (Closes: #302646) + + -- Javier Fernandez-Sanguino Pen~a Sat, 2 Apr 2005 13:07:07 +0200 + +tiger (1:3.2.1-21) unstable; urgency=low + + * Added the sysfs as a valid (local, but not reviewed) filesystem + (Closes: #302612) + + -- Javier Fernandez-Sanguino Pen~a Sat, 2 Apr 2005 01:52:34 +0200 + +tiger (1:3.2.1-20) unstable; urgency=low + + * Upgraded to latest CVS sources: + - Depend on binutils (Closes: #301451) + - (check_rootdir) Do not warn on the inode if the root filesystem is not + ext2|3 (Closes: #298305) + - (check_runprocs) Use comm instead of fname so that the names of the + processes are not truncated (Closes: #288086) + - (check_lilo) Only run if running on the x86 architecture (Closes: #288737) + - (check_single) Only run if running on the x86 architecture (Closes: #288737) + - (check_passwdspec) Fixed password aging check. Separate all checks + so that they prevent bugs if pwd="!" (Closes: #297889) + - (deb_checkmd5sums) Do not warn if the md5 file is not present in the + list file (Closes: #299935) + - (deb_nopackfiles) Remove uneeded {} (Closes: #297889) + - Also fixes a number of documentation typos fixed by Nicolas Francois + * Updated advisories + + -- Javier Fernandez-Sanguino Pen~a Thu, 31 Mar 2005 17:14:50 +0200 + +tiger (1:3.2.1-19) unstable; urgency=low + + * tigercron + - Fixed invalid From: header based on Robert Loomans' patch. This bug + was introduced by the previous release. (Closes: #287780) + + -- Javier Fernandez-Sanguino Pen~a Thu, 30 Dec 2004 09:00:19 +0100 + +tiger (1:3.2.1-18) unstable; urgency=low + + * systems/Linux/2/check_lilo: + - Fixed grub.conf naming (Closes: #286641) + * scripts/check_passwd: + - Delete temporary passwd files only on exit (Closes: #284899) + * debian/server.ignore: + - Added a sample ignore line for users accessing a remote server + with X11Forwarding set to 'on' (Closes: #284220) + * scripts/check_passwdformat: + - Maximum user and group length set to 32 (Closes: #283446) + (probably needs to be moved to systems/Linux/2/ since it's + Debian-specific) + * tigercron, tigerrc: + - Added Tiger_Mail_FROM feature (Closes: #243517) + * Disabling signature checks since they cannot be relied on (use + Tripwire, Aide, Samhain, Integrit, bsign or any other intecrity checker + instead), moreover deb_checkmd5sums already does it for Debian... + (Closes: #274625) + * Added Czech debconf translation provided by Miroslav Kure (Closes: #287301) + + -- Javier Fernandez-Sanguino Pen~a Mon, 27 Dec 2004 19:18:53 +0100 + +tiger (1:3.2.1-17) unstable; urgency=low + + * Quoted homedir uses in check_rhosts and check_netrc (Closes: #282211) + + -- Javier Fernandez-Sanguino Pen~a Sun, 21 Nov 2004 11:56:57 +0100 + +tiger (1:3.2.1-16) unstable; urgency=low + + * Updated advisories + * Fixed gen_group_sets to work properly in NIS environments for Linux + and Tru64 (Closes: #281608) + * Fixed eval in check_accounts so that find is _only_ executed for users + which are not part of Tiger_Admin_Accounts, this prevents Tiger from + going and using remote filesystems (i.e. /var/autofs/ because in + Debian 'operator' has /var as his home dir). It also should speed + up this check a lot. This shows why Tiger_Admin_Accounts is a bad + idea and Tiger_Accounts_Trust should be used instead (or add a + Tiger_Accounts_Admin) (Closes: #280653, #280654) + + -- Javier Fernandez-Sanguino Pen~a Wed, 17 Nov 2004 15:15:21 +0100 + +tiger (1:3.2.1-15) unstable; urgency=low + + * Lintian fixes: + - Updated Standards-Version + - Removed cvs conflict copy files + - Changelog is now UTF-8 + * Use C locales to avoid scripts/check_system from breaking up (Close: #270108) + * deb_checkmd5sums's regexep now excludes usr/share/doc/ (Closes: #264111) + + -- Javier Fernandez-Sanguino Pen~a Mon, 13 Sep 2004 11:12:08 +0200 + +tiger (1:3.2.1-14) unstable; urgency=low + + [ as suggested by Tilman Koschnick ] + * Allow delete() to remove files from LOGDIR so that reports generated + by tiger -e are removed proplerly (Closes: #262523) + * Symlink /usr/lib/tiger/tigexp to /sbin/tigexp so that tiger -e works + (Closes: #262518) + + -- Javier Fernandez-Sanguino Pen~a Sun, 1 Aug 2004 18:19:18 +0200 + +tiger (1:3.2.1-13) unstable; urgency=low + + * Updated to CVS changes which fix a problem in the gen_passwd_sets + script which would make duplicates appear in the passwd files. + Thus generating a lot of false positives (in the check_passwd script) + Also removes some other duplicates in the check_passwdformat script + and updates the Debian advisories listing. + + -- Javier Fernandez-Sanguino Pen~a Sun, 27 Jun 2004 21:25:27 +0200 + +tiger (1:3.2.1-12) unstable; urgency=low + + * Updated to latest CVS code fixing: + - [check_known] Do not call LS directly with all files but use a for loop + (Closes: #246600) + - [deb_nopackfiles] Made the dirlist variable so that directories which + do not exist are not checked for (Closes: #254574) + + -- Javier Fernandez-Sanguino Pen~a Sun, 27 Jun 2004 13:58:24 +0200 + +tiger (1:3.2.1-11) unstable; urgency=low + + * Updated to latest CVS code which fixes: + - [check_accounts] Try to avoid eval problems if user/shells/directories + contain non-empty (but invalid) characters (such as space) + (Similar changes in some other scripts to avoid breakage in similar + situations) + (Closes: #246987) + - [check_passwd] Define Tiger_Passwd_Hashes if not defined + (Closes: #246885) + - [deb_checkmd5sums] Fixed patch provided by Chung-chieh Shan + (Closes: #234811) + + * Remove check_finddeleted from the default configuration since it + is prone to a lot of false positives, also, it depends on LSOF + (which is only recommended). I will reenable this sometime in + the future and (maybe) provide a Debian-specific script to just + monitor for daemons that are using outdated libraries + (Closes: #249331) + * Send filesystem scans error output to /dev/null (need to fix this + in scripts/find_files by not following symbolic links that point + nowhere, this is an interim fix) + + -- Javier Fernandez-Sanguino Pen~a Thu, 20 May 2004 09:31:23 +0200 + +tiger (1:3.2.1-10) unstable; urgency=low + + * Removed evals from tigerrc and make proper sourcing in + Tiger_PATH_OK_Group_Write (Closes: #236419) + + -- Javier Fernandez-Sanguino Pen~a Sat, 6 Mar 2004 11:00:55 +0100 + +tiger (1:3.2.1-9) unstable; urgency=medium + + * Added Danish debconf translation (Closes: #235066) + * Fixed errors in check_finddeleted (Closes: #235951) + * Added some more common servers to the server.ignore example + * Fix error in deb_checkmd5sums with patch from Chung-chieh Shan + which avoids failure on packages whose names contain "." (Closes: #234811) + * Minor change in check_passwd to detect if no shell is defined for + a given user (as suggested by raoul bhatia) + + -- Javier Fernandez-Sanguino Pen~a Wed, 3 Mar 2004 13:13:05 +0100 + +tiger (1:3.2.1-8) unstable; urgency=low + + * check_rcumask: Proper warning if no umask settings are defined + (Closes: #234661) + + -- Javier Fernandez-Sanguino Pen~a Wed, 25 Feb 2004 20:39:16 +0100 + +tiger (1:3.2.1-7) unstable; urgency=low + + * Updated from CVS which includes a number of improvements including + the following (relevant to Debian bugs): + - Added more information on check_finddeleted regarding + how to use it and remove spurious errors. This script + will not give false positives any longer on some special + characterr) files like /dev/console or /dev/null and has + reduced its output to something more managable (there is + only one message per deleted file now) + (Closes: #232704,#231148, #225112) + - Fixed password definitions adding the 'g-Z' 'A-Z' and + '.' sets (Closes: #227596) + - Many scripts now controls YPCAT errors to printing errors in + hosts that are not properly configured. + (i.e. nsswitch.conf is defined to use NIS but there's no NIS + host) Errors are redirected to /dev/null when YPCAT is not + required as many systems do not include it, specially in Debian. + (Closes: #225910) + - Check_crontab will only warn if neither cron.allow + or cron.deny exist (Debian bug #226362) + * Default cronrc no longer runs check_finddeleted as often since it's + prone to false positives (even if it can be customised through the + ignore mechanism, see /usr/share/doc/tiger/examples/server.ignore) + * Added French template translation provided by Christian Perrier + (Closes: #226883, #224700) + * Fully translated the spanish template. + * Updated to include latest Debian advisories. + * debian/rules now uses mandir (/usr/share/man/) in configure call. + + -- Javier Fernandez-Sanguino Pen~a Tue, 24 Feb 2004 21:21:19 +0100 + +tiger (1:3.2.1-6) unstable; urgency=low + + * The cron.d taks will only run if tigercron is executable, this avoids + cron.d from running tiger if it has been removed but not purged + (thanks to Thomas Lange for noticing this mistake) + * Included patch from Nicholas François which makes Tiger not warn + on manpage files purged through localepurge (Closes: #219728) + * Added To: line in tigercron (Closes: #218363) + * Added Japanese translation contributed by Hideki Yamane (Closes: #224185) + + -- Javier Fernandez-Sanguino Pen~a Sat, 20 Dec 2003 13:49:38 +0100 + +tiger (1:3.2.1-5) unstable; urgency=low + + * Updated from CVS to fix reported bugs: + * fixed typo in check_lilo (Closes: #221470) + * This update also provides a number of fixes/enhancements which + will be available in the next release: + * check_crontabs adds more information in messages + * check_inetd does not report the services as not protected if + TCP wrappers are undefined + * per interface promiscuous detection with 'ip' for more accurate + results in check_known + * check_passwd message fix + * shadow password check is no longer in check_passwdformat (move to + account checks) + * check_rootdir checks ownership + * check_services will not misreport for services not defined + * check_ssh needs to run through bash + * check_xinetd fixes syntax error + * YP -> YPCAT in all operating systems + * Proper definitions for AIX + * HPUX fixes + * Tiger now runs check_xinetd or check_inetd depending on which + configuration file is available. + + -- Javier Fernandez-Sanguino Pen~a Sat, 6 Dec 2003 22:10:02 +0100 + +tiger (1:3.2.1-4) unstable; urgency=low + + * Updated from CVS sources to fix reported bugs + * Updated check_root so mesg check is not done when running + in cron (Closes: #218056, #220924) + * Updated check_lilo now locates grub file properly (Closes: #218771) + * Updated check_passwd fixes syntax error (Closes: #219086) + * deb_checkmd5sums detect local diversions and avoid problems with + duplicate conffiles (Closes: #219727, #220325) + * check_release fixed typeset bashism (Closes: #219764) + * deb_checkmd5sums now uses -F to avoid warning on /usr/bin/[ + (Closes: #220946) + * config add sendmail_cf location + * Updated advisories list. + + -- Javier Fernandez-Sanguino Pen~a Sun, 16 Nov 2003 13:10:08 +0100 + +tiger (1:3.2.1-3) unstable; urgency=low + + * Updated from CVS sources to latest Tiger changes including: + - Check_rootkit no longer complains if chkrootkit is not installed + (Closes: #215885) + - Fixes check_network_config return values (Closes: #215891) + - Fixes inittab's false positives (Closes: #215872) + - Fixes bashisms ini scripts (Closes: #215896) + - Fixes initdefs delete() in order for check_chkrootkit removal to work + properly (Closes: #215882) + * Debian/rules now sets SHELL=/bin/bash (Closes: #198856) + * Updated to latest advisories + * Now depends also on coreutils (X | corerutils) (Closes: #215487) + * Added device baseline to debian.ignore (Closes: #194956) + * Removed check_sendmail from check.tbl so that it does not get run by + check_system (Closes: #2158739) + + -- Javier Fernandez-Sanguino Pen~a Sun, 19 Oct 2003 23:56:50 +0200 + +tiger (1:3.2.1-2) unstable; urgency=low + + * The "Happy Birthday! (to me)" Release, now uploaded to unstable. + * New upstream version, which includes is fully integrated with + TARA 3.0.3 and provides quite a number of bugfixes, checks and new + documentation. + * Changes relevant to reported Debian bugs include: + - Adds support for diversions and conffiles in deb_checkmd5sums + (Closes: #211329, #162589) + - Provides documentation for check_logfiles (Closes: #195192) + - Adds support for HP-UX in several scripts (Closes: #195200, #197220) + - Changes gen_passwd_sets under Linux to identify des or md5 + (Closes: #197221) + - Removes debug messages from check_rootdir (Closes: #197219) + - Added tigercron.8 manpage (Closes: #148291) + - OS-specific scripts are run before generic ones, since the Linux + version of check_listeningprocs is different than the generic one + it will be prefered and run (Closes: #200778) + - Deb_nopackfiles no longer uses long arguments in the grep call + and has been speed-optimized (Closes: #201577) + - Deb_nopackfiles also now sends FIND errors to void since they + are not used and might confuse users who do not have X + installed (Closes: #207904) + - check_path now uses -L to follow symlinks (Closes: #161993) + - Adds new password check for empty passwords (Closes: #197228) + - Fixed typo in accounts.txt spotted by Philipp Weis (Closes: #211793) + - check_passwdformat provides an improved message and allows daemon + in uid 1 (Closes: #211328) + - also, check_passwdformat now will not warn on lenght issues for + locked users. (Closes: #211327) + * Added -XMacOSX to exclude the new OS provided upstream. + * Modified debian/rules to move the MacOSX and Tru64 directories to + tiger-otheros + * Added patch for new po-debconf format (Closes: #186800) + * (but changed it so that the 'root' user is not translatable) + * Updated to latest Debian advisories. + * Forced to start using epochs due to how I messed the experimental + packages (3.2.1rcX > 3.2.1!) + + -- Javier Fernandez-Sanguino Pen~a Fri, 10 Oct 2003 19:19:36 +0200 + +tiger (3.2.1-1) experimental; urgency=low + + * New upstream version, which includes is fully integrated with + TARA 3.0.3 and provides quite a number of bugfixes, checks and new + documentation. + * Changes relevant to reported Debian bugs include: + - Adds support for diversions and conffiles in deb_checkmd5sums + (Closes: #211329, #162589) + - Provides documentation for check_logfiles (Closes: #195192) + - Adds support for HP-UX in several scripts (Closes: #195200, #197220) + - Changes gen_passwd_sets under Linux to identify des or md5 + (Closes: #197221) + - Removes debug messages from check_rootdir (Closes: #197219) + - Added tigercron.8 manpage (Closes: #148291) + - OS-specific scripts are run before generic ones, since the Linux + version of check_listeningprocs is different than the generic one + it will be prefered and run (Closes: #200778) + - Deb_nopackfiles no longer uses long arguments in the grep call + and has been speed-optimized (Closes: #201577) + - Deb_nopackfiles also now sends FIND errors to void since they + are not used and might confuse users who do not have X + installed (Closes: #207904) + - check_path now uses -L to follow symlinks (Closes: #161993) + - Adds new password check for empty passwords (Closes: #197228) + * Added -XMacOSX to exclude the new OS provided upstream. + * Added patch for new po-debconf format (Closes: #186800) + + -- Javier Fernandez-Sanguino Pen~a Fri, 19 Sep 2003 02:33:00 +0200 + +tiger (3.2-4) unstable; urgency=low + + * Updated to latest debian advisories + * Modified postinst so it does not break when a user enters an e-mail + address which includes a @ by using sed instead of Perl (Closes: #194955) + * Included a check to only ask the debconf tiger/mess question if + there is any cruft from previous versions. + * Fixed check_logfiles including some of the things provided by Ryan + Bradetich and some other fixes to make it output less false positives + on Debian GNU/Linux (Closes: #195199) + * Fixed regular expression in Linux's config to support some older versions + of fileutils (Closes: #197218) + + -- Javier Fernandez-Sanguino Pen~a Fri, 20 Jun 2003 21:16:02 +0200 + +tiger (3.2-3) unstable; urgency=low + + * Modified util/difflogs to sort files in order to not report + spurious differentes. + * Fixed tigercron (again), since the previous fix was not done + ok. + + -- Javier Fernandez-Sanguino Pen~a Mon, 12 May 2003 22:52:15 +0200 + +tiger (3.2-2) unstable; urgency=low + + * Fix tigercron which was broken upstream (when the echo + was removed). This broke the IDS functionality since + tigercron never checked for changes! + + -- Javier Fernandez-Sanguino Pen~a Sun, 11 May 2003 21:26:04 +0200 + +tiger (3.2-1) unstable; urgency=low + + * New upstream version + - False positives in services fixed (Closes: #132278) + - Check_exports produces proper output (Closes: #162453) + - Checks have been separated, now each check file prints it's + comment (Closes: #165766) + - Using the new ignore mechanism (better than the differential + mechanism) this package now provides a baseline for Debian GNU/Linux, + hopefully this will make Matt test again this package :-) + (Closes: #164308, #172375) + - The new ignore mechanism can now be used to avoid false positives, + please customize as needed and read the notes on the + check_listeningprocs script (Closes: #136991) + - Tigexp now gets modified by the Makefile (Closes: #189864) + * Fixed dh_make boilerplate + * Changed debian/rules to 'mv' the systems to tiger-otheros + * Added tiger.ignore to conffiles + * Modified Makefile so that it installs scripts with proper (fixed) + permissions + * Updated Debian advisories (with update-advisories) + * Fixed syntax error in check_issue (thanks to lintian!) + * Added logo to the docs (!) + * Fixed error in IRIX script + + -- Javier Fernandez-Sanguino Pen~a Sat, 10 May 2003 00:47:51 +0200 + +tiger (3.2rc3-3) experimental; urgency=low + + * Added -q option to be used when running tigercron + + -- Javier Fernandez-Sanguino Pen~a Sat, 26 Apr 2003 13:41:35 +0200 + +tiger (3.2rc3-2) experimental; urgency=low + + * Fixed cron to tigercon in the cron.d file + + -- Javier Fernandez-Sanguino Pen~a Wed, 23 Apr 2003 22:02:07 +0200 + +tiger (3.2rc3-1) experimental; urgency=low + + * New release candidate. + + -- Javier Fernandez-Sanguino Pen~a Wed, 23 Apr 2003 13:30:32 +0200 + +tiger (3.2rc2-1) experimental; urgency=low + + * Experimental version, fixes bugs but might introduce new ones. + + -- Javier Fernandez-Sanguino Pen~a Mon, 21 Apr 2003 17:57:40 +0200 + +tiger (3.2rc1-1) experimental; urgency=low + * New upstream version + - False positives in services fixed (Closes: #132278) + - Check_exports produces proper output (Closes: #162453) + - Checks have been separated, now each check file prints it's + comment (Closes: #165766) + - Using the new ignore mechanism (better than the differential + mechanism) this package now provides a baseline for Debian GNU/Linux, + hopefully this will make Matt test again this package :-) + (Closes: #164308, #172375) + - The new ignore mechanism can now be used to avoid false positives, + please customize as needed and read the notes on the + check_listeningprocs script (Closes: #136991) + - Tigexp now gets modified by the Makefile (Closes: #189864) + + -- Javier Fernandez-Sanguino Pen~a Wed, 16 Apr 2003 00:29:45 +0200 + +tiger (3.1-5) unstable; urgency=low + + * Included some of the changes that will be in the next Tiger release + * Config now sets the locale to POSIX (just in case it breaks some tests) + * Check_listeningprocs now works with multiple program names (Closes: #164898) + * Recovered the fixes from 3.0-2 which has made an old bug surface + (Closes: #164307, #166176, #166744) + * Updated to latest advisories + * Removed debugging output from systems/Linux/2/check_neverlogin + + -- Javier Fernandez-Sanguino Pen~a Mon, 28 Oct 2002 17:51:03 +0100 + +tiger (3.1-4) unstable; urgency=medium + + * Fixed LOGDIR in tigercron.in which was making templates not work. + * Remove all the /var/log/tiger* files.. sorry for the mess :( + * Added a new configuration note in order to ask the user for the + removal of the previous files instead of removing them without asking. + + -- Javier Fernandez-Sanguino Pen~a Mon, 14 Oct 2002 15:30:03 +0200 + +tiger (3.1-3) unstable; urgency=low + + * Removed DSA update in the package build (Closes: #164216) + * Updated to latest DSAs + + -- Javier Fernandez-Sanguino Pen~a Fri, 11 Oct 2002 09:09:43 +0200 + +tiger (3.1-2) unstable; urgency=low + + * Added Build-Depends on autoconf since it's the only new thing + for building that has been included upstream. (Closes: #163969) + + -- Javier Fernandez-Sanguino Pen~a Thu, 10 Oct 2002 12:48:25 +0200 + +tiger (3.1-1) unstable; urgency=low + + * New upstream release which includes some fixes for Debian bugs + such as the "don't regenerate index" (Closes: #162590) + * Made debian/rules update automatically the advisories file (which + is now named debian_advisories so the previous chmod -x is not needed) + * Automatically remove CVS dirs from the package (Closes: #154343) + * Fixed bashisms in check_rcumask (Closes: #159444) + * Changed check_passwd to not send false positives in Debian, it should + be fixed, however to support PAM too (Closes: #162593) + * Updated DSAs are now available + + -- Javier Fernandez-Sanguino Pen~a Thu, 25 Jul 2002 19:37:41 +0200 + +tiger (3.0-3) unstable; urgency=low + + * Updated to latest advisories. + + -- Javier Fernandez-Sanguino Pen~a Wed, 7 Aug 2002 10:33:47 +0200 + +tiger (3.0-2) unstable; urgency=low + + * Changed Linux' config file so that it sets LSGROUPS to nothing + Due to a change in fileutils-4.1.1 which changed the standard + behavior from "showing groups (but really doing nothing)" to + "not showing the owner" ! (Closes: #155588) + * Modified config to set the environment properly (this was the + first workaround I tried for the previous bug, didn't fix it but + it seems better to leave the locale's environment, just in case...) + + -- Javier Fernandez-Sanguino Pen~a Tue, 6 Aug 2002 17:06:01 +0200 + +tiger (3.0-1) unstable; urgency=low + + * New upstream release (based on savannah sources) + * Fix in order for deb_checkmd5sums to work with all sources (it was + limited due to a stupid bug) + * Included latest DSA advisories + * The new package provides a *very* short diff since changes regarding + Debian are added to the upstream sources too. + + -- Javier Fernandez-Sanguino Pen~a Tue, 18 Jun 2002 13:28:18 +0200 + +tiger (2.2.4p2-5) unstable; urgency=low + + * Added a GPL header to all the important scripts/files used by the + program (this means /, /scripts and /systems/{default,Linux}. + This was a requirement for adding tiger as a new project to the + savannah site. + (probably next upstream version and Debian diff file will be + reduced since I intend to make the current Debian codebase + upstream's 2.2.4p3) + * Added a new check scripts/check_runprocs (not currently configured to + run since it needs sysadmin to configure tigerrc properly to determine + which processes should be checked for) + * Added some more information to the README.Debian file and rewrote + some paragraphs. + * Written some notes on how to use Tiger as a host IDS. + * Chmod'ed many scripts in order to avoid lintian warnings. + * Changed tiger so it first reads tigerrc in the local directory + (useful for testing the package without installing or to use the tar.gz + in other environments) + * Fixed the scripts/check_anon in order to test if ftphome/etc/passwd + exists before grep'ing it. + + -- Javier Fernandez-Sanguino Pen~a Tue, 11 Jun 2002 23:02:12 +0200 + +tiger (2.2.4p2-4) unstable; urgency=low + + * Incorporated TARA changes including: + - Changed acc006 from FAIL to WARN (scripts/check_accounts). + - Added -H option for HTML output. + - Fixed scripts/check_cron for problems in entries. + - Fixed scripts/check_exports to avoid false positives. + - Fixed scripts/check_path due to problems with parse_csh. + - Change scripts/check_perm to not warn when owner is bin and + changed calls of echo to message(). + - Made some of the changes provided by ARC in scripts/check_inetd + (save for the SORT and JOIN changes which do not seem to work) + - Changed scripts/sub/check_devs to work with IRIX 6.5 + - Changed GROUPS to GROUPSS as ARC team does since it (might) + be a readonly variable in some shells (see bash(1)). Even though + it is not used in any script. + + * Created a new package to provide all the scripts for other operating + systems (Warning: you still need to compile the C programs: getpermit, + md5, realpath, snefru and testsuid in those platforms for tiger to work + fully). + * Added Tiger_Check_SYSTEM to the distributed tigerrc + * Added some Linux specific checks (gdm, xdm) in scripts/check_root + * Created (new) systems/Linux/2/check_inittab script (for ctraltdel issue + from Bastille). + * Created (new) systems/Linux/2/check_rcumask script to check umask settings + for the RC boot scripts. + * Created (new) scripts/check_ftpusers script to check for administrative + users that are allowed access in the FTP server. + * Created (new) scripts/check_tcpd script to check for changes in the + way inetd services are being protected through the use of tcp_wrappers. + This script has been written based on check_inetd. + * Modified scripts/check_sendmail to check for sendmail.cf's banner + * Note. This new scripts have not been added to the cron entry. They will + only be run when running the 'tiger' script. + + * Written some README files: howto write modules (README.writemodules),. + how much time does it take for scripts to run (README.time), and + information on making signatures (README.signatures) + + * Changed tigexp to work if issued -F with no second argument + + -- Javier Fernandez-Sanguino Pen~a Sun, 26 May 2002 01:58:53 +0200 + +tiger (2.2.4p2-3) unstable; urgency=low + + * Fixed typo in spanish template description. + + -- Javier Fernandez-Sanguino Pen~a Tue, 14 May 2002 13:49:33 +0200 + +tiger (2.2.4p2-2) unstable; urgency=low + + * Fixed filesystem permissions (execution bit) for Linux specific + scripts + * Changed scripts/check_anon to avoid error when checking for + $ftphome/etc/passwd. + * Updated security advisories. + + -- Javier Fernandez-Sanguino Pen~a Fri, 10 May 2002 09:55:41 +0200 + +tiger (2.2.4p2-1) unstable; urgency=low + + * This is the "I finally merged with Bryan Gartner's tarball" release + * Cosmetic upgrade in version number due to too many changes in the + sytem specific checks (AIX, Solaris et al.) derivated from tara sources. + (thus this release might be labeled "new upstream", avoid 2.2.4p1 since + it is used in TAMU's distribution) + * Updated to latest debian DSAs. + * Next release will have a new package to provide all the scripts for + other Operating systems so that a central Debian server can be used + with network filesystems as a single point of script distribution. + * Included tara's new check and scripts checks: devices, issue, + lilo, logfiles, network, patches, release, root, rootdir, single and + tripwire_run (this last one is deactivated in Debian since + the package, if installed, will do the checks) + * Included the following systems without changes: AIX-4, IRIX-{4,5,6}, + Linux-1, Next-3, UNICOS, UNICOSMK + * Instead of cp'ing all the SunOS files I ln -s all directories that + were equal in order to reduce space in the source package (and diff) + * Included the two new utils to convert into HTML + * Changed realpath.c, snefru.c as described in CHANGES.ARSC + * Merged patches from ASCR in files: check_accounts, check_cron, check_group, + check_inetd, check_passwd, check_sendmail, systems/Linux/2/gen_mounts, + tiger. + * Updated scripts (not changed in Debian): check_path + * Fixed Linux's gen_cron to include CRONSPOOL and fixed + systems/Linux/2/config to properly configure it (was set to /usr + instead of /var) since it was not used this was not detected until now. + * Updated the tiger configuration file (tigerrc) + * Updated the manpage tiger.8 + * Moved check_listening from Linux-specific to all the generic location + (since it will work in any UNIX system with NETSAT). + Changed tigerrc accordingly adding Tiger_Check_LISTENING variable + and renaming the previous variables for this check. + * De-activated RedHat's specific (and written in Perl) check_network + script. TODO: rewrite it in shell script and remove RedHat-specific + stuff. + * Moved the Linux specific checks provided by Paul Telford to + systems/Linux/2/ since they are not appropiate to other systems + (for consistency) + * Fixed check_release as provided by Paul Telford (some typos and not + correctly programmed) + * Applied some of the changes described in the Changes.ARSC. It seems these + were not included in the TARA distribution (for some reason). + REMINDER: ask for these to the ARSC team. + * Fixed check_sendmail's pattern matching (wrong reports on dates) and made + it properly Y2k. + * Fixed (again) the postinst... let's see if I get it right this time... + * Moved the FQDN check from 'tiger' to 'config' (since it is used by both + tiger and tigercron) + + -- Javier Fernandez-Sanguino Pen~a Tue, 30 Apr 2002 16:16:31 +0200 + +tiger (2.2.4-22) unstable; urgency=low + + * This is the "Yes, I was on vacation fixing bugs release (I)" + * Applied patch Marcel that fixes some long-standing issues, did not change + BASEDIR to basedir since it should work that way but *did* change typo + which made diff's against previous run not to work (Closes: #139221) + * Fixed Linux/2/gen_export_sets tpo (Closes: #139667) + * Modified Linux/2/config so that findcmd() looks first for binaries generated + by Tiger, including realpath (Closes: #139669) + * Modified deb_checkmd5sum to "understand" locale.nopurge configuration. + Currently experimental, but seems to work fine. Admins that fixed this + through templates will, however, have to remake them (Closes: #123891) + * Since realpath's Linux does not work as tiger's realpath -d, removed it + from the Recommends: (use tiger's instead) + * Added -u option in gen_listeningprocs (UDP sockets are not shown if using + netstat, this was an unreported bug) + * Added warning to the tigerrc regarding user's Tiger_ListeningProc (will + not work if using NETSTAT and not LSOF) + * Added the Tiger_Check_EVERYLISTENING option which will report if a + service is listening on *all* interfaces, default is Y, if set to 'N' + only processes run by users different from Tiger_ListeningProcs will be + reported. Changed gen_listeningprocs for this to work (Closes: #138855) + * Changed the name of gen_listeningprocs to check_listeningprocs (more + proper and consistent) + * Provided some more documentation in the tiger.8 manpage detailing which + modules are available + * Check_listeningprocs has been modified to allow it to not warn on + processes when using the Tiger_Listening_ValidProc variable in + /etc/tigerrc this allows admins to remove processes which can dynamically + change TCP/IP port (Closes: #134085) + * Changed Tiger_Listening_Proc to Tiger_Listening_ValidUser (more precise). + WARNING: Postinst will not change this from the config file! + * The changes introduced in check_listeningprocs as well as the + check-against-template behavior configuration will (hopefully) reduce greatly + false positives if properly configured (Closes: #126635) + * Set Tiger_Check_CRACK to 'N' by default and removed cron job since this + feature does not work. Added 'john' Recommends: since the Debian package + does provide that feature by itself. + * Added check_sendmail to SCRIPTS in the Makefile (it was not being + installed, unreported bug) + + -- Javier Fernandez-Sanguino Pen~a Wed, 27 Mar 2002 14:31:14 +0100 + +tiger (2.2.4-21) unstable; urgency=low + + * Changed deb_nopackfile so it also checks the diversions file + (Closes: #129343) + * Fixed deb_md5sums to work with files with namespaces by using + quotes properly (Closes: #129339) + * Updated Debian Advisories (cvs, xsane...) + + -- Javier Fernandez-Sanguino Pen~a Mon, 4 Mar 2002 21:15:25 +0100 + +tiger (2.2.4-20) unstable; urgency=low + + * Fixed check_known's grep which did not work on Solaris boxes... + * Fixed systems/SunOS/ so that it can find the CUT command too + * Changed scripts/check_known to use HEAD instead of TAIL in the + mail spool checks (Closes: #135202) + * Changed scripts/check_anon to check if the ftp user is in the + system's passwords (Closes: #135205) + * Added proper dependecies (based on systems/Linux/2/config) + (Closes: #128796) + * Added an Tiger_Output_FQDN option so that it uses hostname -f + as the system name for reports (Closes: #129526) + * Added version.h to the package in order for tiger to determine + the current Tiger version. + * Fixed debconf note (Closes: #136298) + * Added an alternative (and better) template location: /etc/tiger/templates + * Updated Debian DSA's + + -- Javier Fernandez-Sanguino Pen~a Fri, 1 Mar 2002 09:50:19 +0100 + +tiger (2.2.4-19) unstable; urgency=medium + + * Fixed gen_listeningprocs typo and added SORT to reduce output + + -- Javier Fernandez-Sanguino Pen~a Wed, 9 Jan 2002 19:20:19 +0100 + +tiger (2.2.4-18) unstable; urgency=low + + * Fixed the deb_nopackfiles so it uses -x -F and will not be confused by + strange file names (i.e. [) this also avoids filenames being interpreted + as regular expressions (Closes: #126569) + * Fixed deb_md5sums so it does not follow symlinks (sometimes they get + followed to unexistant files) + * Modified check_accounts so that it does not give warnings for accounts + of uid < 999 (system accounts in Debian GNU/Linux) by introducing a new + tigerrc variable (Tiger_Accounts_Trust) + * Added tiger-2.2.3p1-patch from TAMU + * Added some more info to the debian/copyright file + * Added the fix_tiger_GROUPS.sh script to a "contrib" area + * Added -p option to netstat and reduced output with grep -v STREAM :) + * Improved gen_listeningprocs so only uniq processes are shown listening + to the same socket, also, UDP sockets are now listed too with lsof and + netstat + * Fixed check_inetd so it does not do a 'set' when an empty line is found + * Modified difflogs intensively since it was not working properly, added + a new feature and varialbes in tigerrc so that cron jobs can be compared + against "template" (policy-compliant?) runs. This can reduce false positives + even if they cannot be reduced in a given module. + * Added configurable Tiger_Listening_Procs for gen_listeningprocs to + customize for local security policy (Closes: #126635) + * Added debconf note (borrowed from snort) to configure mails receiver + (Closes: #122256) + * Added debconf note to warn the user to adapt to security policy + * Fixed lintian errors. + * Update DSAs + + -- Javier Fernandez-Sanguino Pen~a Wed, 26 Dec 2001 13:48:13 +0100 + +tiger (2.2.4-17) unstable; urgency=high + + * Fixed typo in systems/Linux/2/gen_passwds_setgs (aggggh!! introduced + when nisplus was commented out) + + -- Javier Fernandez-Sanguino Pen~a Wed, 26 Dec 2001 10:18:53 +0100 + +tiger (2.2.4-16) unstable; urgency=medium + + * Added -rf to prerm script when purging. + * Commented nisplus from the gen_passwd_sets since there is no NISCAT in + Linux + * Fixed scripts/check_known so it works properly in NIS environments. + now uses the passwd_set properly instead of passwd_source + + -- Javier Fernandez-Sanguino Pen~a Fri, 21 Dec 2001 09:57:28 +0100 + +tiger (2.2.4-15) unstable; urgency=low + + * Changed gen_passwd_sets for Linux so it now recognises NIS/NISPLUS and + does not depend on shadow passwords being installed (Closes: #113132, + #125792) + * /etc/cron.d/tiger now listed in conffiles (Closes: #124142) + + -- Javier Fernandez-Sanguino Pen~a Thu, 20 Dec 2001 10:33:16 +0100 + +tiger (2.2.4-14) unstable; urgency=high + + * Updated the services file and modified the check_inetd scripts so now it + only warns if several services share port numbers (the check was + originally made to only handle one service per port) (Closes: #123730) + + -- Javier Fernandez-Sanguino Pen~a Thu, 13 Dec 2001 10:36:37 +0100 + +tiger (2.2.4-13) unstable; urgency=low + + * Fixed tigercron shell problem which made it not work properly + (Closes: #123116) + * Setup tigerrrc so that Tiger_DPKG_Optimize defaults to 'Y' + + -- Javier Fernandez-Sanguino Pen~a Mon, 10 Dec 2001 11:34:06 +0100 + +tiger (2.2.4-12) unstable; urgency=high + + * Fixed cronrc so CPU consuming tasks are run once a day + (Closes: #122378) + * Fixed check_passwd so that uids and usernames are looked for correctly + (Closes: #122391) + * Updated services file (Closes: #122338) + * Fixed file control list (Closes: #122337) + * Updated Debian Security Advisories + * Provided new (untested) method to bypass DPKG in some tests through + the $Tiger_DPKG_Optimize variable in tigerrc (default N) (Closes: #122678) + * Changed deb_nopackfiles and deb_checkadvisories to work in optimize and + non-optimize method (using grep, cut, et al in the /var/lib/dpkg area) + * Fixed Debian specific scripts (==) + * Fixed Linux's gen_export_sets (nobody yelled yet, but it did not work + in the previous release) + * Fixed deb_checkadvisories so it correctly located the list of packages + (Note: takes too much time currently to finish) + + -- Javier Fernandez-Sanguino Pen~a Fri, 7 Dec 2001 10:12:36 +0100 + +tiger (2.2.4-11) unstable; urgency=medium + + * Changed file_access_list for Linux so /etc/aliases can be world readable (Closes: #112159) + * Fixed getuserhome command so it does not return directories beginning + with ~. This fixes tiger from incorrectly guessing the ftp directory + (Closes: #121800, #114008) + * Fixed /var/run/utmp file permissions to follow Debian standards (Closes: #121501, #112217) + * Fixed config.tbl since Debian-specific scripts were not being run. + * Fixed gen_passwd_sets so it now understands MD5 passwds (Closes: #112170, #117342) + * Fixed disk device checks in check_perm so that it does not complain + for /dev/hd* which belong to group 'disk' (Closes: #112218) + * Changed the postrm script so all files are removed on purge (Closes: #116267) + * Changed MAILER from mail to sendmail so we can send 'Subject' and 'From' + (Closes: #120679, #121681) + * Fixed tigercron so mails get sent properly with a From line, since the + information is now sent to the mailer and not to the Tiger log no + mails should be sent out if they do not include useful information + (tiger takes care of diffing out reports) (Closes: #114334, #113588) + * Added Recommends on mail transport agent since it's used for cron reporting. + * Fixed gen_export_sets for Linux so it properly warns when using + Linux's /etc/exports + * Added a tag in tigerrc to disable reporting when nothing important + happens (Closes: #113588) + * Changed check_passwd so it now says how many times uids or usernames + appear repeated (Closes: #117117) + + -- Javier Fernandez-Sanguino Pen~a Sun, 2 Dec 2001 16:21:16 +0100 + +tiger (2.2.4-10) unstable; urgency=low + + * Updated the Debian Security Advisories checked for. + * Removed non-Linux systems (Closes: #111038) + * SCRH line of findcmd is now fixed (Closes: #112216) + * Fixed services file for Linux (Closes: #115031, #114033) + + -- Javier Fernandez-Sanguino Pen~a Sun, 2 Dec 2001 16:21:16 +0100 + +tiger (2.2.4-9) unstable; urgency=low + + * Added From: header to the tiger cron output + + -- Javier Fernandez-Sanguino Pen~a Wed, 26 Sep 2001 01:11:06 +0200 + +tiger (2.2.4-8) unstable; urgency=low + + * Fixed tigercron so that it includes the hostname in the mail subject (Closes: #113462) + + -- Javier Fernandez-Sanguino Pen~a Tue, 25 Sep 2001 15:19:30 +0200 + +tiger (2.2.4-7) unstable; urgency=low + + * Fixed script/check_rhosts so it does not warn about comments + * Added some new issues in Debian systems which tiger does not + check properly + * Really fixed SRCH line (Closes: #112870) + * Added some more info regarding false positives in Debian in the README.Debian file + + -- Javier Fernandez-Sanguino Pen~a Sun, 23 Sep 2001 00:55:42 +0200 + +tiger (2.2.4-6) unstable; urgency=low + + * Fixed Linux/2/config not being able to find SNEFRU, by adding + /usr/lib/tiger/bin to the SRCH line (Closes: #112870) + * Fixed Linux/2/config not finding CUT since it was not exported (Closes: #112871) + * Updated data from Debian Advisories from the WML sources + + -- Javier Fernandez-Sanguino Pen~a Thu, 20 Sep 2001 10:46:58 +0200 + +tiger (2.2.4-5) unstable; urgency=low + + * Fixed debian/control file (Closes: #112532) + + -- Javier Fernandez-Sanguino Pen~a Mon, 17 Sep 2001 18:09:35 +0200 + +tiger (2.2.4-4) unstable; urgency=low + + * Added subjet to tiger's cron report (Closes: #112222, #112161) + * Fixed mail check in order to compare against uid and not username + (hopefully it will work with Debian and other Unices but I'm not sure + ls -n is available there) (Closes: #112162) + * Binaries now get compiled at build time + * Removed ./c from Makefile + * Subsituted corrupted .c files on c/ (md5.c and snefru.c) (Closes: #112216) + * Modified scripts/check_know so it checks on uids and not on names (Closes: #112162) + + -- Javier Fernandez-Sanguino Pen~a Fri, 14 Sep 2001 20:34:30 +0200 + +tiger (2.2.4-3) unstable; urgency=high + + * Fixed cron entry (Closes: #111795) + + -- Javier Fernandez-Sanguino Pen~a Mon, 10 Sep 2001 18:27:21 +0200 + +tiger (2.2.4-2) unstable; urgency=low + + * Removed tigerrc(8) reference in manpage (Closes: #110528) + * Installed tigexp in sbin (Closes: #110535) + * Updated the services file for Linux with a new script that updates it + from the system /etc/services. Should close some of the false positives + regarding #110531 + + -- Javier Fernandez-Sanguino Pen~a Wed, 29 Aug 2001 16:03:29 +0200 + +tiger (2.2.4-1) unstable; urgency=low + + * Initial Release. + * Changed GROUPS variable to GROUPC since it seems to conflict with bash + * Modified Makefile so it installs correctly + * Provided a new check for open sockets and Debian specific checks for + md5sums of installed files and package associatons of installed files. + + -- Javier Fernandez-Sanguino Pen~a Thu, 23 Aug 2001 15:07:16 +0200 + --- tiger-3.2.2.orig/debian/templates +++ tiger-3.2.2/debian/templates @@ -0,0 +1,24 @@ +Template: tiger/mail_rcpt +Type: string +Default: root +_Description: Who should receive the daily mails? + The user you enter below will receive all the emails that 'tiger' sends + during the day when running the cron jobs. This does not mean that when + executing the 'tiger' program standalone this user will receive the + reports. Also note that any administrator will be able to access the + reports since they are available in the /var/log/tiger/ directory. + +Template: tiger/policy_adapt +Type: note +_Description: Take a minute to customize 'tiger' + You should customize the files at /etc/tiger/ to adapt to your local + security policy. Firstly, customizing the kind of checks that will be made + in this system, as well as the information needed for tests in order to + reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at + what times these tests will be executed (in /etc/tiger/cronrc). And + thirdly, since some modules warnings might not be problems regarding your + current security policy, define a given template file at + /etc/tiger/templates/ using runs from each of the modules. Once defined, + all the runs will be checked against each one of the templates available + (one per module) and only new warnings will be issued. + --- tiger-3.2.2.orig/debian/tiger-otheros.dirs +++ tiger-3.2.2/debian/tiger-otheros.dirs @@ -0,0 +1 @@ +usr/lib/tiger/systems/ --- tiger-3.2.2.orig/debian/copyright +++ tiger-3.2.2/debian/copyright @@ -0,0 +1,46 @@ +This package was debianized by Javier Fernandez-Sanguino Peña + on Thu, 23 Aug 2001 15:07:16 +0200. + +It was downloaded from ftp://sunsite.unc.edu/pub/Linux/system/security +(original site is at http://www.net.tamu.edu/ftp/security/TAMU +more information at http://www.net.tamu.edu/network/tools/tiger.html) + +The TARA version which has been also integrated in this package +(even if the name of the upstream source has not been changed) is +available for download from http://www.arsc.com + + +Upstream Authors: + Douglas Lee Schales + Dave Hess + Khalid Warraich + Dave Safford +[modifications for support of Redhat Linux 2.x. made by] + Robert L. Ziegler (rlz@mediaone.net) +[modifications for NeXT, IRIX, SunOS 5.x, AIX 4, UNICOS systems + as well as a big number of bug fixes and new scripts, made by the + group from Advanced Research Corporation for tara, composed of:] + Liam Forbes + Nathan Bills and + Mike Kienenberger +[new checks for RedHat and Debian GNU/Linux 2.x. made by] + Paul Telford + Bryan Gartner +[modifications for support of Debian GNU/Linux 2.x. made by] + Javier Fernandez-Sanguino Peña + + +Copyright: (c) 1993 Texas A&M University Supercomputer Center + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 1, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + +You can find a copy of the GPL license in your Debian system under +the /usr/share/common-licenses directory. --- tiger-3.2.2.orig/debian/cron.d +++ tiger-3.2.2/debian/cron.d @@ -0,0 +1,9 @@ +# +# Regular cron jobs for the tiger package +# +# Configuration file +DEFAULT=/etc/default/tiger +# default setting, overriden in the above file +NICETIGER=10 +# +0 * * * * root test -x /usr/sbin/tigercron && { [ -r "$DEFAULT" ] && . "$DEFAULT" ; nice -n$NICETIGER /usr/sbin/tigercron -q ; } --- tiger-3.2.2.orig/debian/control +++ tiger-3.2.2/debian/control @@ -0,0 +1,39 @@ +Source: tiger +Section: admin +Priority: optional +Maintainer: Ubuntu MOTU Developers +XSBC-Original-Maintainer: Javier Fernandez-Sanguino Pen~a +Build-Depends: debhelper (>= 4.1.13), autoconf, po-debconf (>= 0.5.0) +Standards-Version: 3.8.0 +Homepage: http://savannah.nongnu.org/projects/tiger/ + +Package: tiger +Architecture: any +Depends: diff (>=2.0), net-tools, binutils, bsdmainutils, debconf | debconf-2.0, ucf, ${shlibs:Depends} +Recommends: sendmail | mail-transport-agent, john, chkrootkit +Suggests: lsof +Description: Report system security vulnerabilities + TIGER, or the 'tiger' scripts, is a set of Bourne shell + scripts, C programs and data files which are used to perform + a security audit of UNIX systems. TIGER has one primary goal: + report ways 'root' can be compromised. + . + Debian's TIGER incorporates new checks primarily oriented towards + Debian distribution including: md5sums checks of installed files, + location of files not belonging to packages, check of security + advisories and analysis of local listening processes. + +Package: tiger-otheros +Architecture: any +Depends: tiger +Description: Scripts to run Tiger in other operating systems + TIGER, or the 'tiger' scripts, is a set of Bourne shell + scripts, C programs and data files which are used to perform + a security audit of UNIX systems. TIGER has one primary goal: + report ways 'root' can be compromised. + . + This package provides all the scripts for operating systems other + than Linux provided for in the Tiger distribution. It is provided + in the hope it will be useful for admins that wish to run tiger + in a distributed environment sharing this files through the network + (e.g. NFS). --- tiger-3.2.2.orig/debian/README.Debian +++ tiger-3.2.2/debian/README.Debian @@ -0,0 +1,164 @@ +Tiger for Debian +---------------------- + +PLEASE NOTE: + +Some of the checks do not apply completely to Debian systems +or Debian's defaults are somewhat different. This might lead to +somethings being reported as a security issue when they really +aren't (known in the security field as 'false positives') +In some cases this might be Tiger's problem (of it being an old UNIX +auditing program) or it might be Debian's. If you feel a security report +is not appropriate to your system discuss it in the +debian-security@lists.debian.org mailing list. + +If you really think it's a BUG of Tiger, then send a bug-report +for the package (using either the 'bug' or 'reportbug' programs). +Please make sure you look at current (open) bugs at +http://bugs.debian.org/tiger + +Also, Debian might not ship the most up-to-date system signatures +for other OS (_not_ Debian GNU/Linux), please retrieve them from +http://www.net.tamu.edu/ftp/security/TAMU/tiger-sigs/ + +Changes in behavior: +-------------------- + +First of all make sure to read, understand and customize +/etc/tiger/tigerrc and /etc/tiger/cronrc to adapt to your local security +policy, as the warning on installation says "You cannot expect to tiger to work +fully to your needs without adapting it". Bugs regarding false positives +which can be fixed by the proper configuration and/or use of templates (see below) +will be set to "wishlist", even if the bug submitter thinks they are +"serious". + +All and all, Debian's Tiger works quite fine out-of-the box, even if there's +still room for improvement. + +Using Templates +............... + +Tiger in Debian can compare against "templates" when running through +a cron job. That is, you can take a given log from a previous run +(at /var/log/tiger) rename it with a ".template" instead of a ".[number]" +and place it under /etc/tiger/templates. + +Tiger checks will compare against it. That way Tiger will only report issues +when they changed from the template (if configured in /etc/tiger/tigerrc). +NOTE: Previous to 2.2.4-20 templates could be placed in /var/log/tiger, +this behaviour is preserved but templates at /etc/tiger/ are used +first if available. + +Another (less secure) method is to have Tiger only report changes from previous +runs, please note that in this setup problems will only be reported *once* +in cron jobs, regardless of importance. This is the default behavior, that +is, this will (should, at least from version 2.2.4-22 and above) work +just after installation. + +KNOWN ISSUES +------------- +(these are *not* BUGS) + +- shells on Debian default users. PENDING discussion on debian-security, in +any case it should check if the services are enabled (i.e. the user is useful +here). Maybe Debian policy could ask for ids in /etc/passwd disabled +with /dev/null as shell and enable them when services are installed? (CHANGE +script/check_accounts) + + +- Debian specific checks take quite some time to finish, I have changed the +Cron job to do this only once in a day, and you can optimize the check by +changing the $Tiger_DPKG_Optimize variable in /etc/tiger. In any case +finding packages in Debian takes quite some time... (due to the *very* +large package list) + +Known BUGS in Debian systems: +---------------------------- +(please check bugs.debian.org/tiger also) + +- Debian's /etc/services definition leads to false positives due +to ports being repeated in there. In order to remove them see +the "Using templates" above. This cannot be completely fixed without +extensive revision of the check_services file ("the a3fs vs ircd bug"). + +- signature files are replaced with installed md5sums in /var/lib/ +Tiger could be distributed with predefined signatures (BTW, signatures +should depend on distribution and not on kernel, oh well...) + +- Tiger does not seem to look for CRACK before doing password testing +(this package should Depend: on some password cracker, but note that +the 'john' package already can do password testing run by cron). The +test is disabled from cronrc but it will still give some erros when +the full report is run (using 'tiger') + +- incorrect reports for /etc/cron.hourly (does not exist) + +- should not check /proc dir when checking for tests (this is a virtual dir) + +TODO +---- + +- Possible new checks: + . check all files and see if they are of the same user/group as their root dir + . look for files with no uid in /etc/passwd and gid in /etc/group + +- The Debian security group could update signature files for binaries which + are in the Debian stable release and have been found vulnerable (packages + in stable-updates) so that Tiger can (if not online) check a Debian system + and tell the administrator he *must* upgrade them from security.debian.org + For an example look at information on doc/signatures. Tigexp is very useful + here and could be very informative. + +- (Nice feature) Provide internationalisation support. + +- Compare against checks introduces in TITAN an re-code those that are + appropriate for Tiger (almost all) + (NOTE: I have added some checks, however TITAN seems to not that much + good work - Linux version - after all) + + +TESTING +------- + + . Check for files not in /usr/local and /home + not owned by any package (easy with dpkg -S) (Note: Currently looks only + in binary paths /bin /usr/bin... not in all the filesystem) + . Check for md5sums of files installed by packages by looking into + /var/lib/dpkg/info/*md5sums. The check currently does not include + /usr/share/doc. Should it check /usr/share/locale, and /etc or should they + be removed too? + BTW, I coded it after knowing about debsums which seems to run a bit faster. + (maybe debsums code should be included here or used if it exists) + . users in Debian are assigned to a group and are umask 022 by default + (should not warn due to some files in home having group read if no other + user is in the group). CHANGED script/check_accounts + +DONE +---- + + . Check for non-running processes (a simple software watchdog) + . Check for open TCP/IP sockets and warn when user running the socket is + not root, otherwise inform on open sockets. Works with lsof and netstat + (since its not Debian specific it has been renamed to deb_) + . Check of security advisories taken from the WWW webml sources. The + package version is checked against the one in the advisory. Some checks are + very redundant since users should not have packages older than the released + ones, oh well... + . Understand Linux NFS exports file + + +Known FIXED BUGS: +---------------- +- md5.c is corrupted by default the Tiger binaries will not be recompiled +each time (BTW, IMHO this is not a good idea anyway). Fetched original sources +and replaced them. + +- rhosts # accepted (FIXED scripts/check_rhosts) + +- Tiger now understands and will not give false warnings when "localepurge" has +been installed and a lot of files removed (FIXED scripts/Linux/2/deb_checkmd5sums) + +-- Javier Fernandez-Sanguino Peña +Last updated: Wed, 12 Jun 2002 00:08:59 +0200 + + --- tiger-3.2.2.orig/debian/po/cs.po +++ tiger-3.2.2/debian/po/cs.po @@ -0,0 +1,96 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: tiger\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2004-12-26 20:33+0100\n" +"Last-Translator: Miroslav Kure \n" +"Language-Team: Czech \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-2\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Kdo má dostávat denní po¹tu?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"U¾ivatel, kterého zde zadáte, bude dostávat emaily, je¾ \"tygr\" bìhem dne " +"zasílá. Týká se to pouze pøi spu¹tìní \"tygra\" z cronu - na ruèní spou¹tìní " +"nemá vliv. K tìmto zprávám bude mít pøístup i administrátor, proto¾e jejich " +"kopie se ukládají do adresáøe /var/log/tiger/." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Najdìte si chvilku na pøizpùsobení \"tygra\"" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"Soubory v adresáøi /etc/tiger/ byste si mìli pøizpùsobit své místní " +"bezpeènostní politice. V prvé øadì se jedná o /etc/tiger/tigerrc, kde " +"nastavíte testy, které se budou spou¹tìt, spolu s dal¹ími informacemi, " +"kterými omezíte fale¹né poplachy. Ve druhé øadì je potøeba v souboru /etc/" +"tiger/cronrc nastavit, kdy se mají testy sou¹tìt. Za tøetí, proto¾e podle " +"va¹í politiky nemusí být varování nìkterých modulù dùle¾ité, mù¾ete v /etc/" +"tiger/templates/ nadefinovat pøíslu¹nou ¹ablonu. Pøi samotném spu¹tìní bude " +"výstup kontrolován oproti nadefinovaným ¹ablonám (v¾dy jedna ¹ablona pro " +"jeden modul) a budou hlá¹ena pouze nová varování." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Odstranit ¹ablony z chybových verzí \"tygra\"" + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "Pùvodní verze balíku tiger z Debianu 3.1 obsahovaly chybu, díky které se " +#~ "¹ablony místo ve /var/log/tiger/ vytváøely ve /var/log/. S tím ov¹em " +#~ "program nepoèítá a ¹ablony se nepou¾ijí. Tyto soubory mù¾ete zachovat, " +#~ "pou¾ít jako ¹ablony a pøesunout je na správné místo ruènì. Balík to " +#~ "neprovede automaticky, aby omylem nesmazal exisující ¹ablony. Pokud " +#~ "naleznu takto ¹patnì umístìné soubory, mám je odstranit?" --- tiger-3.2.2.orig/debian/po/de.po +++ tiger-3.2.2/debian/po/de.po @@ -0,0 +1,100 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans# +# Developers do not need to manually edit POT or PO files. +# Erik Schanze , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version: tiger_1:3.2.1-26_de\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2005-06-03 22:49+0200\n" +"Last-Translator: Erik Schanze \n" +"Language-Team: German \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.9.1\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Wer soll die täglichen E-Mails empfangen?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"Der Benutzer, den Sie unten eingeben, wird alle von 'tiger' versandten E-" +"Mails erhalten, wenn die Cron-Jobs laufen. Das bedeutet nicht, dass der " +"Benutzer Berichte erhält, wenn Sie 'tiger' als einzelnes Programm aufrufen. " +"Beachten Sie auch, dass jeder Administrator auf die Berichte zugreifen kann, " +"weil sie im Verzeichnis /var/log/tiger/ verfügbar sind." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Nehmen Sie sich die Zeit, 'tiger' einzurichten." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"Sie sollten die Dateien im Verzeichnis /etc/tiger/ an Ihre Sicherheits- " +"Richtlinie anpassen. Zuerst sollten Sie die Tests einrichten, die auf Ihrem " +"System gemacht werden und die Daten für die Tests (in der Datei /etc/tiger/" +"tigerrc) bereitstellen, um Falschmeldungen zu vermeiden. Dann sollten Sie " +"(in der Datei /etc/tiger/cronrc) einstellen, zu welchen Zeiten die Tests " +"gemacht werden. Danach sollten Sie aus den Durchläufen der Module Schablonen " +"(im Verzeichnis /etc/tiger/templates/) erstellen, wenn Module Warnungen " +"ausgeben, die für Ihre Sicherheits-Richtlinie nicht problematisch sind. Sind " +"die Schablonen erstellt, wird jeder Durchlauf mit den verfügbaren Schablonen " +"(eine pro Modul) verglichen und es werden nur neue Warnungen angezeigt." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Schablonen einer fehlerhaften 'tiger'-Version entfernen" + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "Anfänglich enthielt die 'tiger'-Version in Debian 3.1 einen Fehler, bei " +#~ "dem die Schablonen im Verzeichnis /var/log/ anstelle von /var/log/tiger/ " +#~ "angelegt wurden. Die Schablonen werden aber im Verzeichnis /var/log/" +#~ "tiger/ erwartet und die anderen werden bei neueren Versionen von 'tiger' " +#~ "nicht funktionieren. Sie wollen vielleicht eine Kopie (als Schablonen) " +#~ "behalten und sie selbst an die richtige Stelle legen. Das Paket tut das " +#~ "nicht automatisch, um nicht frühere Schablonen zu entfernen. Sollen diese " +#~ "Dateien gelöscht werden, wenn welche gefunden werden?" --- tiger-3.2.2.orig/debian/po/pt.po +++ tiger-3.2.2/debian/po/pt.po @@ -0,0 +1,92 @@ +# Portuguese translation of tiger's debconf messages. +# Copyright (C) 2007 Javier Fernandez-Sanguino +# This file is distributed under the same license as the tiger package. +# Luísa Lourenço , 2007 +# +msgid "" +msgstr "" +"Project-Id-Version: tiger 1:3.2.1-35\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2007-03-19 15:41+0000\n" +"Last-Translator: Luísa Lourenço \n" +"Language-Team: Portuguese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Quem deve receber os mails diários?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"O utilizador que inserir abaixo irá receber todos os emails que o 'tiger' " +"envia durante o dia quando executa as tarefas cron. Isto não significa que " +"quando executa o programa isolado 'tiger', este utilizador irá receber os " +"relatórios. Note também que qualquer administrador poderá aceder a estes " +"relatórios visto estarem disponíveis na directoria /var/log/tiger/." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Tire um minuto para personalizar o 'tiger'" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"Deve personalizar os ficheiros em /etc/tiger/ para adoptarem a sua politica " +"de segurança local. Primeiro, personalize o tipo de verificações que irão " +"ser feitas neste sistema, assim como a informação necessária para testes " +"para reduzir falsos positivos (em /etc/tiger/tigerrc). Segundo, personalize " +"as alturas a quedevem estes testes ser executados (em /etc/tiger/cronrc). E " +"em terceiro, visto que alguns avisos de módulos podem não ser problemas " +"acerca da sua politica de segurança actual, defina um ficheiro modelo em /" +"etc/tiger/templates/ usando execuções em cada um dos módulos. Assim que " +"definidos, todas as execuções serão verificadas para cada modelo disponível " +"(um por módulo) e só alguns novos avisos aparecerão." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Remover modelos em versões do 'tiger' com bugs" + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "Inicialmente as versões do Debian 3.1 do tiger eram distribuídas com um " +#~ "bug que causava modelos serem criados sobre o /var/log/ em vez do /var/" +#~ "log/tiger/. Operações normais assumem que os modelos estão em /var/log/" +#~ "tiger/ e estes modelos não irão ser úteis em novas versões do Tiger. " +#~ "Poderá querer preservar uma cópia desses modelos (para usar como modelos) " +#~ "e move-los manualmente sobre a sua localização apropriada. O pacote não " +#~ "irá fazer isto automaticamente para evitar remover modelos anteriores. " +#~ "Devem estes ficheiros ser removidos caso sejam encontrados?" --- tiger-3.2.2.orig/debian/po/fr.po +++ tiger-3.2.2/debian/po/fr.po @@ -0,0 +1,102 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: tiger 1:3.2.1-2\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2003-10-31 15:51+0100\n" +"Last-Translator: Nicolas Bertolissio \n" +"Language-Team: French \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Destinataire des courriels quotidiens :" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"L'utilisateur que vous indiquerez recevra tous les courriels envoyés par " +"« tiger » lors de l'exécution des tâches périodiques. Cet utilisateur ne " +"recevra pas les rapports lors de l'exécution directe du programme « tiger ». " +"Veuillez aussi noter que tout administrateur pourra accéder aux rapports " +"puisqu'ils seront disponibles dans le répertoire /var/log/tiger/." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Prenez le temps de personnaliser « tiger »" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"Vous devriez personnaliser les fichiers dans /etc/tiger/ pour les adapter à " +"votre politique de sécurité locale. Commencez par personnaliser (dans /etc/" +"tiger/tigerrc) les vérifications qui sont faites sur le système, ainsi que " +"les informations nécessaires aux tests. Cela permettra de réduire le nombre " +"de faux positifs. Ensuite, personnalisez (dans /etc/tiger/cronrc) l'heure à " +"laquelle ces tests sont exécutés. Puis, si les avertissements de certains " +"modules peuvent être ignorés au regard de votre politique de sécurité " +"actuelle, définissez un fichier de modèle dans /etc/tiger/templates/ après " +"avoir utilisé chaque module. Par la suite, après chaque exécution, le " +"résultat sera comparé à ces fichiers de modèles et seuls les nouveaux " +"avertissements seront signalés." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Supprimer les modèles des versions boguées de « tiger » ?" + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "Les versions 3.1 de Tiger initialement distribuées dans Debian créaient " +#~ "les modèles dans /var/log/ au lieu de /var/log/tiger/. Le fonctionnement " +#~ "normal suppose que les modèles sont dans /var/log/tiger/. Les modèles " +#~ "situés dans /var/log ne seront pas utilisés par les versions de Tiger " +#~ "plus récentes. Vous pouvez souhaiter en conserver une copie (pour servir " +#~ "de référence) et les déplacer manuellement au bon endroit. Cela ne sera " +#~ "pas effectué automatiquement pour éviter de supprimer les modèles " +#~ "précédents. Cette option permet de supprimer ces anciens fichiers s'ils " +#~ "existent." --- tiger-3.2.2.orig/debian/po/templates.pot +++ tiger-3.2.2/debian/po/templates.pot @@ -0,0 +1,56 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" --- tiger-3.2.2.orig/debian/po/nl.po +++ tiger-3.2.2/debian/po/nl.po @@ -0,0 +1,92 @@ +# Dutch po-debconf translation of Tiger +# Copyright (C) 2007 Javier Fernandez-Sanguino +# This file is distributed under the same license as the Tiger package. +# Bart Cornelis +# +msgid "" +msgstr "" +"Project-Id-Version: tiger\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2007-03-06 18:07+0100\n" +"Last-Translator: Bart Cornelis \n" +"Language-Team: debian-l10n-dutch \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Wie moet de dagelijkse e-mails ontvangen?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"De hier aangegeven gebruiker zal alle e-mails ontvangen die tiger verstuurt " +"wanneer deze wordt aangeroepen door cron. Dit geldt dus niet voor berichten " +"die tiger genereert als het expliciet aangeroepen wordt. Overigens kan de " +"beheerder de rapporten altijd inkijken in de map /var/log/tiger." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Gelieve de tijd te nemen op 'tiger' aan uw wensen aan te passen." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"U kunt de bestanden in /etc/tiger/ best aanpassen aan uw lokale " +"beveiligingsbeleid. U kunt eerst de soorten checks die op dit systeem " +"uitgevoerd dienen te worden in te stellen, alsmede de informatie die deze " +"testen nodig hebben om het aantal valse positieven te verminderen (in /etc/" +"tiger/tigerrc). Daarnaast kunt u de tijdstippen waarop deze tests uitgevoerd " +"worden aanpassen (in /etc/tiger/cronrc). Tenslotte kunt u template-bestanden " +"aangeven (in /etc/tiger/templates) via de resultaten van uitgevoerde tests, " +"eens een template gedefiniëerd is zal tiger de gegenereerde " +"waarschuwingingen vergelijken met deze in de beschikbare templates (1 per " +"module) en worden enkel nieuwe waarschuwingen aangegeven. Dit laat toe om " +"waarschuwingen die geen probleem zijn voor uw beveiligingsbeleid te negeren." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Templates in problematische 'tiger'-versies verwijderen." + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "Debian's 3.1 versie van het 'tiger'-pakket is oorspronkelijk uitgegeven " +#~ "met een fout de templates aanmaakte in /var/log i.p.v. /var/log/tiger/ . " +#~ "Normale operatie neemt aan dat de templates zich in /var/log/tiger " +#~ "bevinden, en deze templates worden niet gebruikt in de nieuwere versies " +#~ "van tiger. Omdat u mogelijk een kopie hiervan wilt bewaren (om als " +#~ "templates te gebruiken), of deze handmatig naar de juiste locatie wilt " +#~ "verplaatsen, verwijdert dit pakket de vorige templates niet automatisch. " +#~ "Wilt u dat deze bestanden verwijderd worden indien aanwezig?" --- tiger-3.2.2.orig/debian/po/ja.po +++ tiger-3.2.2/debian/po/ja.po @@ -0,0 +1,98 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2003-11-23 10:45+0900\n" +"Last-Translator: Hideki Yamane \n" +"Language-Team: Japanese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=EUC-JP\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Æü¼¡¥ì¥Ý¡¼¥È¤Î¥á¡¼¥ë¤ò郎¼õ¤±¼è¤ê¤Þ¤¹¤«?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"cronjob ¤¬Æ°¤¤¤Æ¤¤¤ë´Ö 'tiger' ¤¬Á÷¤ë¥á¡¼¥ë¤ò¼õ¤±¼è¤ë¥æ¡¼¥¶¤ò°Ê²¼¤ÇÆþÎϤ·¤Æ¤¯" +"¤À¤µ¤¤¡£ 'tiger' ¥×¥í¥°¥é¥à¤¬Ã±ÆȤǼ¹Ԥµ¤ì¤¿¾ì¹ç¤Ë¤³¤Î¥æ¡¼¥¶¤¬¥ì¥Ý¡¼¥È¤ò¼õ¤±" +"¼è¤ë¤È¤¤¤¦°ÕÌ£¤Ç¤Ï¤¢¤ê¤Þ¤»¤ó¡£´ÉÍý¼Ô¤Ç¤¢¤ì¤Ð /var/log/tiger/ ¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥¢" +"¥¯¥»¥¹¤Ç¤­¤ë¤Î¤Ç¥ì¥Ý¡¼¥È¤òÆɤá¤ë¤È¤¤¤¦¤³¤È¤Ë¤âÃí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "'tiger' ¤Î¥«¥¹¥¿¥Þ¥¤¥º¤Ë¤Ï¿¾¯»þ´Ö¤¬¤«¤«¤ê¤Þ¤¹" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"¥í¡¼¥«¥ë¤Î¥»¥­¥å¥ê¥Æ¥£¥Ý¥ê¥·¡¼¤ËŬ¹ç¤µ¤»¤ë¤¿¤á¤Ë¤Ï /etc/tiger/ °Ê²¼¤Î¥Õ¥¡¥¤¥ë" +"¤ò¥«¥¹¥¿¥Þ¥¤¥º¤·¤Ê¤±¤ì¤Ð¤Ê¤ê¤Þ¤»¤ó¡£¤Þ¤º»Ï¤á¤Ë false positive ¤ò¸º¤é¤¹¤¿¤á¡¢" +"¥Æ¥¹¥È¤ËɬÍפȤʤë¾ðÊó¤Î¥«¥¹¥¿¥Þ¥¤¥º¤Ï¤â¤Á¤í¤ó¤Î¤³¤È¡¢¤³¤Î¥·¥¹¥Æ¥à¤Ç¹Ô¤ï¤ì¤ë" +"¥Á¥§¥Ã¥¯¤Î¼ïÎ༫ÂΤâÁªÂò¤·¤Þ¤¹ (/etc/tiger/tigerrc) ¡£2ÈÖÌܤˡ¢¤³¤ì¤é¤Î¥Æ¥¹¥È" +"¤¬²¿²ó¼Â¹Ô¤µ¤ì¤ë¤« (/etc/tiger/cronrc) ¡£3ÈÖÌܤˡ¢¥â¥¸¥å¡¼¥ë¤¬È¯¤¹¤ë·Ù¹ð¤Î´ö" +"¤Ä¤«¤Ï¡¢¸½ºß¤Î¥»¥­¥å¥ê¥Æ¥£¥Ý¥ê¥·¡¼¤Ë¾È¤é¤¹¤ÈÌäÂê¤È¤Ï¤Ê¤é¤Ê¤¤¤Î¤Ç¡¢¤½¤ì¤¾¤ì¤Î" +"¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤¹¤ë /etc/tiger/templates/ ¤Ë¤¢¤ë¥Æ¥ó¥×¥ì¡¼¥È¥Õ¥¡¥¤¥ë¤òÄêµÁ¤·" +"¤Þ¤¹¡£°ìÅÙÄêµÁ¤¹¤ë¤È (¥â¥¸¥å¡¼¥ë¤´¤È¤Ë) ÍøÍѲÄǽ¤Ê¥Æ¥ó¥×¥ì¡¼¥È¤½¤ì¤¾¤ì¤ËÂФ·" +"¤Æ¥Á¥§¥Ã¥¯¤¬¹Ô¤ï¤ì¡¢¿·¤·¤¤·Ù¹ð¤À¤±¤¬¼è¤ê¾å¤²¤é¤ì¤Þ¤¹¡£" + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "¥Ð¥°¤Î¿¤¤¥Ð¡¼¥¸¥ç¥ó¤Î 'tiger' ¤Î¥Æ¥ó¥×¥ì¡¼¥È¤òºï½ü¤·¤Þ¤¹" + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "ºÇ½é¤ËÇÛÉÛ¤µ¤ì¤¿ Debian ¤Î tiger ¥Ð¡¼¥¸¥ç¥ó 3.1 ¤Ç¤Ï¥Æ¥ó¥×¥ì¡¼¥È¤¬ /var/" +#~ "log/tiger/ ¤Ç¤Ï¤Ê¤¯ /var/log/ ¤Ëºî¤é¤ì¤ë¤È¤¤¤¦¥Ð¥°¤¬¤¢¤ê¤Þ¤¹¡£Ä̾ï¤Ï /var/" +#~ "log/tiger/ °Ê²¼¤Ë¥Æ¥ó¥×¥ì¡¼¥È¤¬¤¢¤ë¤È²¾Äꤷ¤Æ¤¤¤ë¤Î¤Ç¡¢¤³¤ì¤é¤Î¥Æ¥ó¥×¥ì¡¼" +#~ "¥È¤Ï¿·¤·¤¤ tiger ¤Ç¤ÏÍøÍѤµ¤ì¤Þ¤»¤ó¡£¤³¤ì¤é¤Î¥³¥Ô¡¼¤ò (¥Æ¥ó¥×¥ì¡¼¥È¤È¤·¤Æ" +#~ "»È¤¦¤¿¤á¤Ë) Êݸ¤·¤ª¤­¡¢¸å¤Û¤É¼êÆ°¤ÇÀµ¤·¤¤°ÌÃ֤ذÜÆ°¤·¤Æ¤ª¤­¤¿¤¤¤È»×¤¦¤«¤â" +#~ "¤·¤ì¤Þ¤»¤ó¡£¥Ñ¥Ã¥±¡¼¥¸¤Ï°ÊÁ°¤Î¥Æ¥ó¥×¥ì¡¼¥È¤¬ºï½ü¤µ¤ì¤ë¤Î¤òÈò¤±¤ë¤¿¤á¡¢¤³¤Î" +#~ "ºî¶È¤ò¼«Æ°Åª¤Ë¤Ï¼Â¹Ô¤·¤Þ¤»¤ó¡£¤É¤¦¤·¤Æ¤â¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Þ¤¹¤«?" --- tiger-3.2.2.orig/debian/po/sv.po +++ tiger-3.2.2/debian/po/sv.po @@ -0,0 +1,100 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: tiger 1:3.2.1-28 \n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2005-12-17 18:39+0100\n" +"Last-Translator: Daniel Nylander \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Vem ska ta emot dagliga e-postmeddelanden?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"Användaren du anger nedan kommer att ta emot all e-post som \"tiger\" " +"skickar under dagen vid körning av cron-jobb. Detta betyder inte att denna " +"användaren tar emot rapporter vid fristående körningar av programmet \"tiger" +"\". Notera även att alla administratörer kommer att ha möjligheten att " +"tillåt rapporter eftersom de är tillgängliga i katalogen /var/log/tiger/." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Spendera någon minut på att anpassa \"tiger" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"Du bör anpassa filerna i /etc/tiger för att passa din lokala " +"säkerhetspolicy. Anpassa först den typ av kontroll som ska göras i systemet, " +"såväl den information som behövs för tester för att eliminera falska-" +"positiva (i /etc/tiger/tigerrc). För det andra, anpassa vilka tider dessa " +"tester ska köras (i /etc/tiger/cronrc) och för det tredje, eftersom vissa " +"varningar från moduler kanske inte är problem i din nuvarande " +"säkerhetspolicy, definiera en angiven mallfil i /etc/tiger/templates/ med " +"körningar från varje modul. När de är definierade kommer alla körningar att " +"kontrolleras mot en av de tillgängliga mallarna (en per modul) och endast " +"nya varningar kommer att visas." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Ta bort mallar i buggiga versioner av \"tiger" + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "Initialt sett var tiger-versionerna i Debian 3.1 utsända med en bugg som " +#~ "kunde orsaka att mallar skapades under /var/log/ istället för i /var/log/" +#~ "tiger/. Normal körning antar att mallarna finns under /var/log/tiger/ och " +#~ "dessa mallar kommer inte vara användbara i senare versioner av Tiger. Du " +#~ "kanske vill behålla en kopia av dessa (för att använda som nya mallar) " +#~ "och flytta dom manuellt under deras korrekta plats. Paketet kommer inte " +#~ "att göra detta automatiskt för att undvika att ta bort föregående mallar. " +#~ "Ska vi ta bort dessa filer om de påträffas?" --- tiger-3.2.2.orig/debian/po/es.po +++ tiger-3.2.2/debian/po/es.po @@ -0,0 +1,103 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: tiger 3.2.1-7\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2004-02-42 21:52+0200\n" +"Last-Translator: Javier Fernandez-Sanguino \n" +"Language-Team: Debian-Spanish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "¿Quién debería recibir los correos diarios?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"El usuario que introduzca abajo recibirá todos los correos que 'tiger' envíe " +"a lo largo del día durante la ejecución de las tareas programadas en el " +"cron. Esto no significa que cuando se ejecute 'tiger' de forma independiente " +"vaya a recibir los informes. También tome nota de que cualquier " +"administrador podrá acceder a los informes dado que están disponibles en el " +"directorio /var/log/tiger/." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Tomese un momento para configurar 'tiger'" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"Debería configurar los ficheros en /etc/tiger/ para adaptarlos a su política " +"de seguridad local. En primer lugar, adapte el tipo de pruebas que se " +"realizarán en su sistema, así como la información que éstos necesitan para " +"reducir falsos positivos (en /etc/tiger/tigerrc). En segundo lugar, ajuste " +"los momentos en los que se realizarán los tests (en /etc/tiger/cronrc). Y en " +"último lugar, dado que los errores que tiger considera pueden no serlos en " +"función de su política de seguridad actual, defina una plantilla en /etc/" +"tiger/templates/ utilizando ejecuciones previas para los módulos. Una vez la " +"defina, todas las ejecuciones subsiguientes se comprobarán contra las " +"plantillas disponibles (una por módulo) y sólo se indicarán los nuevos " +"errores." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Eliminar plantillas de versiones rotas de 'tiger'" + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "Se distribuyó una versión de Debian Tiger 3.1 que tenía una errata que " +#~ "hacía que se crearan plantillas bajo «/var/log» en lugar de bajo «/var/log/" +#~ "tiger». Para funcionar correctamente, las plantillas deben estar bajo «/" +#~ "var/log/tiger» y por tanto las plantillas antiguas no son útiles para " +#~ "versiones más modernas de Tiger. Puede que quiera guardar una copia de " +#~ "éstas o moverlas de forma manual a su nueva ubación. Este paquete no " +#~ "realizará esta operación de forma automática para evitar la eliminación " +#~ "de las plantillas ya existentes.¿Debería borrar estos ficheros si los " +#~ "encuentro?" --- tiger-3.2.2.orig/debian/po/POTFILES.in +++ tiger-3.2.2/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] templates --- tiger-3.2.2.orig/debian/po/da.po +++ tiger-3.2.2/debian/po/da.po @@ -0,0 +1,103 @@ +# translation of tiger_1:3.2.1-7-da.po to Danish +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans# +# Developers do not need to manually edit POT or PO files. +# Claus Hindsgaul , 2004. +# +msgid "" +msgstr "" +"Project-Id-Version: tiger_1:3.2.1-7-da\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2004-02-27 11:22+0100\n" +"Last-Translator: Claus Hindsgaul \n" +"Language-Team: Danish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.3\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Hvem skal modtage de daglige breve?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"Den bruger, du angiver herunder, vil modtage alle de breve, 'tiger' sender i " +"løbet af dagen, når den kører sine cron-jobs. Dette vil ikke betyde at " +"brugeren vil modtage rapporter hver gang 'tiger'-programmet bliver kørt af " +"andre. Bemærk også at enhver administrator vil have adgang til rapporterne, " +"da de ligger i mappen /var/log/tiger/." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Brug et øjeblik på at sætte 'tiger' op" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"Du bør redigere filerne i /etc/tiger/, så de modsvarer din lokale " +"sikkerhedspolitik. For det første bør du justere hvilke slags tjek, der skal " +"udføres på dette system, ligesom du bør give de nødvendige oplysninger til " +"at reducere antallet af falske positive (i /etc/tiger/tigerrc). For det " +"andet bør du angive hvornår tjekkene skal udføres (i /etc/tiger/cronrc). For " +"det tredje bør du definere en given skabelonfil i /etc/tiger/templates ud " +"fra kørsler med hvert af modulerne, da visse moduler advarer om ting, der " +"ikke nødvendigvis anses for problematiske i forhold til netop din " +"sikkerhedspolitik. Så snart de er defineret, vil alle kørsler blive holdt op " +"med hver enkelt af de tilgængelige skabeloner (en for hvert modul), og kun " +"nye advarsler vil blive udsendt." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Fjern skabeloner fra fejlbehæftede 'tiger'-versioner" + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "I starten blev Debians Tiger-version 3.1 distribueret med en fejl, der " +#~ "gjorde at skabelonerne blev oprettet under /var/log/ i stedet for /var/" +#~ "log/tiger. Under almindelig drift antages det at skabelonerne ligger " +#~ "under /var/log/tiger/ og disse skabeloner vil ikke være til gavn for " +#~ "nyere Tiger-versioner. Hvis du ønsker det, kan du gemme en kopi af dem " +#~ "(til brug som skabeloner) og selv flytte dem til deres korrekte " +#~ "placering. Pakken vil undlade at gøre dette automatisk, for at undgå at " +#~ "fjerne tidligere skabeloner. Skal disse filer fjernes, hvis de findes?" --- tiger-3.2.2.orig/debian/po/vi.po +++ tiger-3.2.2/debian/po/vi.po @@ -0,0 +1,93 @@ +# Vietnamese translation for tiger. +# Copyright © 2005 Free Software Foundation, Inc. +# Clytie Siddall , 2005. +# +msgid "" +msgstr "" +"Project-Id-Version: tiger 1/3.2.1-26\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2005-08-10 16:52+0930\n" +"Last-Translator: Clytie Siddall \n" +"Language-Team: Vietnamese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=1; plural=0\n" +"X-Generator: LocFactoryEditor 1.2.2\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Ai nên nhận các thÆ° hàng ngày?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"NgÆ°á»i dùng được nhập vào đây sẽ nhập má»i thÆ° mà trình tiger gởi trong khi " +"chạy công việc định kỳ (cron) hàng ngày. Không có nghÄ©a là ngÆ°á»i dùng này sẽ " +"nhận các thông báo trong khi thá»±c hiện trình riêng tiger. CÅ©ng hãy ghi chú " +"rằng bất cứ quản trị nào có thể truy cập các thông báo này, vì chúng có " +"trong thÆ° mục « /var/log/tiger/ »." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Hãy mất má»™t chút để tùy chỉnh trình tiger." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"Bạn nên tùy chỉnh những tập tin trong « /etc/tiger/ » để thích nghi vá»›i chính " +"sách bảo mật của chá»— này.\n" +" • Tùy chỉnh kiểu việc kiểm tra sẽ xảy ra trong hệ thống này, cÅ©ng thông tin " +"cần thiết khi kiểm tra để giảm số dÆ°Æ¡ng giả (trong « /etc/tiger/tigerrc »).\n" +" • Tùy chỉnh thá»i gian cần thá»±c hiện việc kiểm tra (trong « /etc/tiger/cronrc " +"»).\n" +" • Vì má»™t số cảnh báo mô-Ä‘un có lẽ không là lá»—i vá» chính sách bảo mật hiện " +"thá»i, hãy định nghÄ©a má»™t tập tin mẫu cho trÆ°á»›c tại « /etc/tiger/templates/ », " +"dùng việc chạy từ má»—i mô-Ä‘un. Má»™t khi đã định nghÄ©a thì má»i việc chạy sẽ " +"được kiểm tra so vá»›i má»—i mẫu sẵn sàng (má»™t mẫu cho má»—i mô-Ä‘un), và sẽ cung " +"cấp chỉ cảnh báo má»›i." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Loại bá» mẫu ra phiên bản tiger có lá»—i." + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "TrÆ°á»›c, phiên bản tiger của Debian được phát hành vá»›i má»™t lá»—i gây ra mẫu " +#~ "được tạo dÆ°á»›i « /var/log/ » thay vào dÆ°á»›i « /var/log/tiger/ ». Thao tác " +#~ "chuẩn giả sá»­ má»i mẫu có dÆ°á»›i « /var/log/tiger/ », thì mẫu cÅ© này sẽ không " +#~ "có ích trong phiên bản Tiger má»›i hÆ¡n. Có lẽ bạn muốn bảo quản bản sao của " +#~ "mẫu này (để sá»­ dụng là mẫu), và tá»± di chuyẩn chúng vào vị trí đúng. Gói " +#~ "này sẽ không tá»± Ä‘á»™ng làm nhÆ° thế, để tránh loại bá» mẫu trÆ°á»›c. Bạn có muốn " +#~ "trình này loại bá» tập tin mẫu cÅ© nào trong vị trí không đúng không?" --- tiger-3.2.2.orig/debian/po/pt_BR.po +++ tiger-3.2.2/debian/po/pt_BR.po @@ -0,0 +1,105 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: tiger_3.1-8\n" +"Report-Msgid-Bugs-To: tiger@packages.debian.org\n" +"POT-Creation-Date: 2008-09-09 03:34+0200\n" +"PO-Revision-Date: 2003-03-29 23:43-0300\n" +"Last-Translator: André Luís Lopes \n" +"Language-Team: Debian-BR Project \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "Who should receive the daily mails?" +msgstr "Quem deve receber as mensagens diarias?" + +#. Type: string +#. Description +#: ../templates:1001 +msgid "" +"The user you enter below will receive all the emails that 'tiger' sends " +"during the day when running the cron jobs. This does not mean that when " +"executing the 'tiger' program standalone this user will receive the reports. " +"Also note that any administrator will be able to access the reports since " +"they are available in the /var/log/tiger/ directory." +msgstr "" +"O usuário informado abaixo irá receber todas as mensagens que o 'tiger' " +"enviar durante o dia quando executa os jobs do cron. Isto não significa que " +"quando o programa 'tiger' é executado em modo standalone (não através de " +"jobs do cron) este usuário irá receber os relatórios. Note também que " +"quaisquer administradores serão capazes de acessar os relatórios uma vez que " +"os mesmos estarão disponíveis no diretório /var/log/tiger/." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Take a minute to customize 'tiger'" +msgstr "Reserve um minuto para personalizar o 'tiger'" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"You should customize the files at /etc/tiger/ to adapt to your local " +"security policy. Firstly, customizing the kind of checks that will be made " +"in this system, as well as the information needed for tests in order to " +"reduce false positives (in /etc/tiger/tigerrc). Secondly, customizing at " +"what times these tests will be executed (in /etc/tiger/cronrc). And thirdly, " +"since some modules warnings might not be problems regarding your current " +"security policy, define a given template file at /etc/tiger/templates/ using " +"runs from each of the modules. Once defined, all the runs will be checked " +"against each one of the templates available (one per module) and only new " +"warnings will be issued." +msgstr "" +"Você deverá personalizar os arquivos em /etc/tiger/ e adaptá-los para sua " +"política local de segurança. Primeiro, personalizando os tipos de checagens " +"que serão feitas neste sistema, bem como a informação necessária para os " +"testes de modo a reduzir a possibilidade de falsos positivos (em /etc/tiger/" +"tigerrc). Segundo, personalizando quando esses testes deverão ser executados " +"(em /etc/tiger/cronrc). E terceiro, uma vez que alguns avisos (warnings) de " +"módulos podem na verdade não ser problemas relacionados a sua política atual " +"de segurança local, definir um dado arquivo de modelo (template) em /etc/" +"tiger/template/ usando execuções de cada um dos módulos. Uma vez definidas, " +"todas as execuções serão checadas contra cada um dos modelos disponíveis (um " +"por módulo) e somente novos avisos serão gerados." + +#~ msgid "Remove templates in buggy 'tiger' versions" +#~ msgstr "Remover modelos em versões com erros do 'tiger'" + +#~ msgid "" +#~ "Initially Debian's 3.1 tiger versions were distributed with a bug that " +#~ "would cause templates to be created under /var/log/ instead of /var/log/" +#~ "tiger/. Normal operation assumes templates are under /var/log/tiger/ and " +#~ "these templates will not be useful in newer Tiger versions. You might " +#~ "want to preserve a copy of them (to use as templates) and move them " +#~ "manually under their proper location. The package will not do this " +#~ "automatically in order to avoid removing previous templates. Should we " +#~ "remove these files if any are found?" +#~ msgstr "" +#~ "Inicialmente as versões do Debian 3.1 do tiger foram distribuídas com um " +#~ "bug que fazia com que os modelos fossem criados sob /var/log ao invés de " +#~ "sob /var/log/tiger. Operações normais assumem que os modelos estejam sob /" +#~ "var/log/tiger/ e esses modelos não serão úteis em novas versões do Tiger. " +#~ "Você pode desejar preservar uma copia deles (para usar como modelos) e " +#~ "movê-los manualmente sob sua própria localização. O pacote não irá fazer " +#~ "isso automaticamente para evitar remover modelos anteriores. Esses " +#~ "arquivos devem ser removidos caso sejam encontrados ?" + +#~ msgid "root" +#~ msgstr "root" --- tiger-3.2.2.orig/doc/Makefile.in +++ tiger-3.2.2/doc/Makefile.in @@ -0,0 +1,42 @@ +#!/usr/bin/make -f +# Makefile for tiger HTML documentation +# +# +# Makefile for tiger binaries - A UN*X security checking system +# Copyright (C) 2008 Javier Fernandez-Sanguino Pen~a +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 1, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Please see the file `COPYING' for the complete copyright notice. + + +# Installation program +INSTALL=@INSTALL@ + +TXTFILES = $(wildcard *.txt) +HTMLFILES = $(patsubst %.txt,%.html,$(TXTFILES)) + +all: $(HTMLFILES) explain.idx + +install: + $(INSTALL) -m 0644 *.html ../html/ + +%.html : %.txt ../util/doc2html + sh ../util/doc2html + +explain.idx: $(TXTFILES) ../util/genmsgidx + BASEDIR=../ ../util/genmsgidx + +clean: + -rm -f ../html/*.html + +distclean: clean + -rm -f Makefile *.html explain.idx --- tiger-3.2.2.orig/doc/config.txt +++ tiger-3.2.2/doc/config.txt @@ -51,10 +51,21 @@ will probably exit. This is a configuration problem. It is necessary to add the variable to the tigerrc configuration file. %con010c -The filesystem is not recognised by Tiger as a local filesystem -for this operating system and will not be analysed by it. If this -is a local filesystem then the configuration script for this -operating system needs to be modified. +The filesystem is not recognised by Tiger as a valid filesystem +for this operating system and will not be analysed. If this is a local +filesystem then the configuration script for this operating system +needs to be modified. You should report this as a bug in the software. + +You can use the following tigerrc variables to adjust this message +or adapt it to your system locally: + + - Tiger_FSScan_Local: if set, filesystems defined in it will be considered + local and will always be analysed. + - Tiger_FSScan_NonLocal: ff set, filesystems defined in it will be considered + non-local and will not be analysed. + - Tiger_FSScan_WarnUnknown : If set to 'N' this message will not be presented + (this prevents it from being emailed when some of the Tiger scripts are run + through cron) %init001e The indicated variable, which should specifies the pathname to a command, does not have a value. This message should not appear on platforms --- tiger-3.2.2.orig/util/doc2html +++ tiger-3.2.2/util/doc2html @@ -17,9 +17,16 @@ # # CNT=0 -set ../doc/*.txt + +# Where are we? +DIR=`dirname $0` + +if [ -z "$1" ]; then + # If called without arguments we run over all the text files under doc + set ../doc/*.txt +fi while [ "$1" ]; do - OUTF=`echo $1 | sed -e "s/\.\.\/doc/..\/html/" | sed -e "s/\.txt/.html/"` + OUTF=`echo $1 | sed -e "s/\.txt/.html/"` TITLE=`echo $1 | sed -e "s/\.\.\/doc\///" | sed -e "s/\.txt//"` if [ $CNT -eq 1 ]; then echo "
" > $OUTF
@@ -36,8 +43,8 @@
    echo "
" > $OUTF
   fi
   echo "
 Documents for $TITLE
" >> $OUTF
-  cat $1 | sh convert2html >> $OUTF
   echo "Doing $1"
+  cat $1 | sh $DIR/convert2html >> $OUTF
  shift
  CNT=1
 done
--- tiger-3.2.2.orig/util/genmsgidx
+++ tiger-3.2.2/util/genmsgidx
@@ -19,6 +19,8 @@
 #
 # 09/19/2003 - jfs - Applied fixes contributed by Nicolas François
 # 08/13/2003 - jfs - Avoided bashism
+# 08/26/2008 - jfs - Fix temporary race condition by using tempfile
+#                    in those systems that have it
 #
 #-----------------------------------------------------------------------------
 
@@ -70,12 +72,20 @@
 }
 
 TESTEXEC=-x
-( [ $TESTEXEC /bin/sh ] ) 2> /tmp/te.$$
-[ -s /tmp/te.$$ ] && TESTEXEC=-f
+
+# Setup a tempfile
+[ -n "$TMPDIR" ] && TMPDIR=/tmp/
+tempfile=`tempfile`
+[ -z "$tempfile" ] && tempfile=$TMPDIR/te.$$
+[ ! -e $tempfile ] && >$tempfile
+
+# This test is only needed for some old systems that do not support -x
+( [ $TESTEXEC /bin/sh ] ) 2> $tempfile
+[ -s $tempfile ] && TESTEXEC=-f
 export TESTEXEC
 
 RM=`findcmd rm`
-[ -n "$RM" ] && $RM /tmp/te.$$
+[ -n "$RM" ] && $RM $tempfile
 AWK=`findcmd awk`
 BASENAME=`findcmd basename`
 CHMOD=`findcmd chmod`