Hello Marcel,
trying to update Lynis to 3.0.6 (from 3.0.3), I just noticed there already a lynis-3.0.6.tar.gz file on https://source.ipfire.org/ with a different MD5 checksum and file size than the .tar.gz provided by Lynis upstream (hosted on GitHub):
pmueller@people01:/pub/sources/source-2.x$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 mlorenz people 329K Aug 1 11:45 lynis-3.0.6.tar.gz pmueller@people01:/pub/sources/source-2.x$ md5sum lynis-3.0.6.tar.gz 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz
Fetching the upstream's URL (https://github.com/CISOfy/lynis/archive/refs/tags/3.0.6.tar.gz) via three different Tor circuits, using exit nodes in three different countries, always return a file having these characteristics:
$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 pmu users 335K 4. Sep 10:56 lynis-3.0.6.tar.gz $ md5sum lynis-3.0.6.tar.gz c5429c532653a762a55a994d565372aa lynis-3.0.6.tar.gz
Oddly enough, searching VirusTotal for 23cc369984d564e4a8232473b1ace137 gains a hit (https://www.virustotal.com/gui/file/3005346e90339c18a4c626169c6f1d9fb8643bb0...), while a search for c5429c532653a762a55a994d565372aa returns nothing.
Looking at the contents of both .tar.gz's, your version is missing these files:
~/.github ~/.gitignore ~/plugins/plugin_pam_phase1 ~/plugins/plugin_systemd_phase1 ~/README.md ~/.travis.yml
Unfortunately, the maintainer of Lynis does not seem to provide a GPG signature or any other method to verify the integrity of a downloaded source code. Therefore: Where did you fetch the lynis-3.0.6.tar.gz file currently present on IPFire's source code server from? GitHub?
Thanks, and best regards, Peter Müller
Hi Peter,
I have submitted a patch for updating lynis to 3.0.6 at the end of July.
https://patchwork.ipfire.org/project/ipfire/patch/20210731190634.2899487-1-a...
The source file I used also does not have the files that you listed and has the md5 sum
23cc369984d564e4a8232473b1ace137
I got my source file from https://cisofy.com/downloads/lynis/
I found that the digital signature link gave a 404 not found response so I used the sha256 sum to confirm the file I downloaded.
Looking at the website https://cisofy.com/lynis/#download it has a link to a download page, which is what I used, and a link to GitHub, which I didn't use and these two locations have the 3.0.6 file with differences between them.
If you think that the GitHub file should be the one that is used then either I can redo the patch I previously did as a v2, or you can do a v2 replacement, which ever you like.
A question? When you are updating a package how do you find out the location that was used for the source file in the past, as the IPFire source directory doesn't indicate where they came from. In future how can I be sure that I am getting the source file from the correct location that IPFire has used in the past?
Regards,
Adolf.
On 04/09/2021 11:26, Peter Müller wrote:
Hello Marcel,
trying to update Lynis to 3.0.6 (from 3.0.3), I just noticed there already a lynis-3.0.6.tar.gz file on https://source.ipfire.org/ with a different MD5 checksum and file size than the .tar.gz provided by Lynis upstream (hosted on GitHub):
pmueller@people01:/pub/sources/source-2.x$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 mlorenz people 329K Aug 1 11:45 lynis-3.0.6.tar.gz pmueller@people01:/pub/sources/source-2.x$ md5sum lynis-3.0.6.tar.gz 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz
Fetching the upstream's URL (https://github.com/CISOfy/lynis/archive/refs/tags/3.0.6.tar.gz) via three different Tor circuits, using exit nodes in three different countries, always return a file having these characteristics:
$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 pmu users 335K 4. Sep 10:56 lynis-3.0.6.tar.gz $ md5sum lynis-3.0.6.tar.gz c5429c532653a762a55a994d565372aa lynis-3.0.6.tar.gz
Oddly enough, searching VirusTotal for 23cc369984d564e4a8232473b1ace137 gains a hit (https://www.virustotal.com/gui/file/3005346e90339c18a4c626169c6f1d9fb8643bb0...), while a search for c5429c532653a762a55a994d565372aa returns nothing.
Looking at the contents of both .tar.gz's, your version is missing these files:
~/.github ~/.gitignore ~/plugins/plugin_pam_phase1 ~/plugins/plugin_systemd_phase1 ~/README.md ~/.travis.yml
Unfortunately, the maintainer of Lynis does not seem to provide a GPG signature or any other method to verify the integrity of a downloaded source code. Therefore: Where did you fetch the lynis-3.0.6.tar.gz file currently present on IPFire's source code server from? GitHub?
Thanks, and best regards, Peter Müller
Hi Peter,
This morning I received a Patchwork notification that my lynis patch is now staged, which I understand to mean that it has been merged into next.
So if you think that the source file I used is the incorrect one then either that patch needs to be reverted or I can do another patch to correct it.
Regards,
Adolf.
On 04/09/2021 12:29, Adolf Belka wrote:
Hi Peter,
I have submitted a patch for updating lynis to 3.0.6 at the end of July.
https://patchwork.ipfire.org/project/ipfire/patch/20210731190634.2899487-1-a...
The source file I used also does not have the files that you listed and has the md5 sum
23cc369984d564e4a8232473b1ace137
I got my source file from https://cisofy.com/downloads/lynis/
I found that the digital signature link gave a 404 not found response so I used the sha256 sum to confirm the file I downloaded.
Looking at the website https://cisofy.com/lynis/#download it has a link to a download page, which is what I used, and a link to GitHub, which I didn't use and these two locations have the 3.0.6 file with differences between them.
If you think that the GitHub file should be the one that is used then either I can redo the patch I previously did as a v2, or you can do a v2 replacement, which ever you like.
A question? When you are updating a package how do you find out the location that was used for the source file in the past, as the IPFire source directory doesn't indicate where they came from. In future how can I be sure that I am getting the source file from the correct location that IPFire has used in the past?
Regards,
Adolf.
On 04/09/2021 11:26, Peter Müller wrote:
Hello Marcel,
trying to update Lynis to 3.0.6 (from 3.0.3), I just noticed there already a lynis-3.0.6.tar.gz file on https://source.ipfire.org/ with a different MD5 checksum and file size than the .tar.gz provided by Lynis upstream (hosted on GitHub):
pmueller@people01:/pub/sources/source-2.x$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 mlorenz people 329K Aug 1 11:45 lynis-3.0.6.tar.gz pmueller@people01:/pub/sources/source-2.x$ md5sum lynis-3.0.6.tar.gz 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz
Fetching the upstream's URL (https://github.com/CISOfy/lynis/archive/refs/tags/3.0.6.tar.gz) via three different Tor circuits, using exit nodes in three different countries, always return a file having these characteristics:
$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 pmu users 335K 4. Sep 10:56 lynis-3.0.6.tar.gz $ md5sum lynis-3.0.6.tar.gz c5429c532653a762a55a994d565372aa lynis-3.0.6.tar.gz
Oddly enough, searching VirusTotal for 23cc369984d564e4a8232473b1ace137 gains a hit (https://www.virustotal.com/gui/file/3005346e90339c18a4c626169c6f1d9fb8643bb0...), while a search for c5429c532653a762a55a994d565372aa returns nothing.
Looking at the contents of both .tar.gz's, your version is missing these files:
~/.github ~/.gitignore ~/plugins/plugin_pam_phase1 ~/plugins/plugin_systemd_phase1 ~/README.md ~/.travis.yml
Unfortunately, the maintainer of Lynis does not seem to provide a GPG signature or any other method to verify the integrity of a downloaded source code. Therefore: Where did you fetch the lynis-3.0.6.tar.gz file currently present on IPFire's source code server from? GitHub?
Thanks, and best regards, Peter Müller
Hello,
Arne just reverted this patch:
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=55cb5e9324dbec88cac9...
-Michael
On 6 Sep 2021, at 07:29, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Peter,
This morning I received a Patchwork notification that my lynis patch is now staged, which I understand to mean that it has been merged into next.
So if you think that the source file I used is the incorrect one then either that patch needs to be reverted or I can do another patch to correct it.
Regards,
Adolf.
On 04/09/2021 12:29, Adolf Belka wrote:
Hi Peter,
I have submitted a patch for updating lynis to 3.0.6 at the end of July.
https://patchwork.ipfire.org/project/ipfire/patch/20210731190634.2899487-1-a...
The source file I used also does not have the files that you listed and has the md5 sum
23cc369984d564e4a8232473b1ace137
I got my source file from https://cisofy.com/downloads/lynis/
I found that the digital signature link gave a 404 not found response so I used the sha256 sum to confirm the file I downloaded.
Looking at the website https://cisofy.com/lynis/#download it has a link to a download page, which is what I used, and a link to GitHub, which I didn't use and these two locations have the 3.0.6 file with differences between them.
If you think that the GitHub file should be the one that is used then either I can redo the patch I previously did as a v2, or you can do a v2 replacement, which ever you like.
A question? When you are updating a package how do you find out the location that was used for the source file in the past, as the IPFire source directory doesn't indicate where they came from. In future how can I be sure that I am getting the source file from the correct location that IPFire has used in the past?
Regards,
Adolf.
On 04/09/2021 11:26, Peter Müller wrote:
Hello Marcel,
trying to update Lynis to 3.0.6 (from 3.0.3), I just noticed there already a lynis-3.0.6.tar.gz file on https://source.ipfire.org/ with a different MD5 checksum and file size than the .tar.gz provided by Lynis upstream (hosted on GitHub):
pmueller@people01:/pub/sources/source-2.x$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 mlorenz people 329K Aug 1 11:45 lynis-3.0.6.tar.gz pmueller@people01:/pub/sources/source-2.x$ md5sum lynis-3.0.6.tar.gz 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz
Fetching the upstream's URL (https://github.com/CISOfy/lynis/archive/refs/tags/3.0.6.tar.gz) via three different Tor circuits, using exit nodes in three different countries, always return a file having these characteristics:
$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 pmu users 335K 4. Sep 10:56 lynis-3.0.6.tar.gz $ md5sum lynis-3.0.6.tar.gz c5429c532653a762a55a994d565372aa lynis-3.0.6.tar.gz
Oddly enough, searching VirusTotal for 23cc369984d564e4a8232473b1ace137 gains a hit (https://www.virustotal.com/gui/file/3005346e90339c18a4c626169c6f1d9fb8643bb0...), while a search for c5429c532653a762a55a994d565372aa returns nothing.
Looking at the contents of both .tar.gz's, your version is missing these files:
~/.github ~/.gitignore ~/plugins/plugin_pam_phase1 ~/plugins/plugin_systemd_phase1 ~/README.md ~/.travis.yml
Unfortunately, the maintainer of Lynis does not seem to provide a GPG signature or any other method to verify the integrity of a downloaded source code. Therefore: Where did you fetch the lynis-3.0.6.tar.gz file currently present on IPFire's source code server from? GitHub?
Thanks, and best regards, Peter Müller
On 06/09/2021 11:44, Michael Tremer wrote:
Hello,
Arne just reverted this patch:
Okay, thanks.
Then I will redo the patch as a v2 version with the correct source file from the lynis github repository.
Regards,
Adolf.
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=55cb5e9324dbec88cac9...
-Michael
On 6 Sep 2021, at 07:29, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Peter,
This morning I received a Patchwork notification that my lynis patch is now staged, which I understand to mean that it has been merged into next.
So if you think that the source file I used is the incorrect one then either that patch needs to be reverted or I can do another patch to correct it.
Regards,
Adolf.
On 04/09/2021 12:29, Adolf Belka wrote:
Hi Peter,
I have submitted a patch for updating lynis to 3.0.6 at the end of July.
https://patchwork.ipfire.org/project/ipfire/patch/20210731190634.2899487-1-a...
The source file I used also does not have the files that you listed and has the md5 sum
23cc369984d564e4a8232473b1ace137
I got my source file from https://cisofy.com/downloads/lynis/
I found that the digital signature link gave a 404 not found response so I used the sha256 sum to confirm the file I downloaded.
Looking at the website https://cisofy.com/lynis/#download it has a link to a download page, which is what I used, and a link to GitHub, which I didn't use and these two locations have the 3.0.6 file with differences between them.
If you think that the GitHub file should be the one that is used then either I can redo the patch I previously did as a v2, or you can do a v2 replacement, which ever you like.
A question? When you are updating a package how do you find out the location that was used for the source file in the past, as the IPFire source directory doesn't indicate where they came from. In future how can I be sure that I am getting the source file from the correct location that IPFire has used in the past?
Regards,
Adolf.
On 04/09/2021 11:26, Peter Müller wrote:
Hello Marcel,
trying to update Lynis to 3.0.6 (from 3.0.3), I just noticed there already a lynis-3.0.6.tar.gz file on https://source.ipfire.org/ with a different MD5 checksum and file size than the .tar.gz provided by Lynis upstream (hosted on GitHub):
pmueller@people01:/pub/sources/source-2.x$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 mlorenz people 329K Aug 1 11:45 lynis-3.0.6.tar.gz pmueller@people01:/pub/sources/source-2.x$ md5sum lynis-3.0.6.tar.gz 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz
Fetching the upstream's URL (https://github.com/CISOfy/lynis/archive/refs/tags/3.0.6.tar.gz) via three different Tor circuits, using exit nodes in three different countries, always return a file having these characteristics:
$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 pmu users 335K 4. Sep 10:56 lynis-3.0.6.tar.gz $ md5sum lynis-3.0.6.tar.gz c5429c532653a762a55a994d565372aa lynis-3.0.6.tar.gz
Oddly enough, searching VirusTotal for 23cc369984d564e4a8232473b1ace137 gains a hit (https://www.virustotal.com/gui/file/3005346e90339c18a4c626169c6f1d9fb8643bb0...), while a search for c5429c532653a762a55a994d565372aa returns nothing.
Looking at the contents of both .tar.gz's, your version is missing these files:
~/.github ~/.gitignore ~/plugins/plugin_pam_phase1 ~/plugins/plugin_systemd_phase1 ~/README.md ~/.travis.yml
Unfortunately, the maintainer of Lynis does not seem to provide a GPG signature or any other method to verify the integrity of a downloaded source code. Therefore: Where did you fetch the lynis-3.0.6.tar.gz file currently present on IPFire's source code server from? GitHub?
Thanks, and best regards, Peter Müller
Thanks :)
On 6 Sep 2021, at 10:56, Adolf Belka adolf.belka@ipfire.org wrote:
On 06/09/2021 11:44, Michael Tremer wrote:
Hello, Arne just reverted this patch:
Okay, thanks.
Then I will redo the patch as a v2 version with the correct source file from the lynis github repository.
Regards,
Adolf.
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=55cb5e9324dbec88cac9... -Michael
On 6 Sep 2021, at 07:29, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Peter,
This morning I received a Patchwork notification that my lynis patch is now staged, which I understand to mean that it has been merged into next.
So if you think that the source file I used is the incorrect one then either that patch needs to be reverted or I can do another patch to correct it.
Regards,
Adolf.
On 04/09/2021 12:29, Adolf Belka wrote:
Hi Peter,
I have submitted a patch for updating lynis to 3.0.6 at the end of July.
https://patchwork.ipfire.org/project/ipfire/patch/20210731190634.2899487-1-a...
The source file I used also does not have the files that you listed and has the md5 sum
23cc369984d564e4a8232473b1ace137
I got my source file from https://cisofy.com/downloads/lynis/
I found that the digital signature link gave a 404 not found response so I used the sha256 sum to confirm the file I downloaded.
Looking at the website https://cisofy.com/lynis/#download it has a link to a download page, which is what I used, and a link to GitHub, which I didn't use and these two locations have the 3.0.6 file with differences between them.
If you think that the GitHub file should be the one that is used then either I can redo the patch I previously did as a v2, or you can do a v2 replacement, which ever you like.
A question? When you are updating a package how do you find out the location that was used for the source file in the past, as the IPFire source directory doesn't indicate where they came from. In future how can I be sure that I am getting the source file from the correct location that IPFire has used in the past?
Regards,
Adolf.
On 04/09/2021 11:26, Peter Müller wrote:
Hello Marcel,
trying to update Lynis to 3.0.6 (from 3.0.3), I just noticed there already a lynis-3.0.6.tar.gz file on https://source.ipfire.org/ with a different MD5 checksum and file size than the .tar.gz provided by Lynis upstream (hosted on GitHub):
pmueller@people01:/pub/sources/source-2.x$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 mlorenz people 329K Aug 1 11:45 lynis-3.0.6.tar.gz pmueller@people01:/pub/sources/source-2.x$ md5sum lynis-3.0.6.tar.gz 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz
Fetching the upstream's URL (https://github.com/CISOfy/lynis/archive/refs/tags/3.0.6.tar.gz) via three different Tor circuits, using exit nodes in three different countries, always return a file having these characteristics:
$ ls -lah lynis-3.0.6.tar.gz -rw-r--r-- 1 pmu users 335K 4. Sep 10:56 lynis-3.0.6.tar.gz $ md5sum lynis-3.0.6.tar.gz c5429c532653a762a55a994d565372aa lynis-3.0.6.tar.gz
Oddly enough, searching VirusTotal for 23cc369984d564e4a8232473b1ace137 gains a hit (https://www.virustotal.com/gui/file/3005346e90339c18a4c626169c6f1d9fb8643bb0...), while a search for c5429c532653a762a55a994d565372aa returns nothing.
Looking at the contents of both .tar.gz's, your version is missing these files:
~/.github ~/.gitignore ~/plugins/plugin_pam_phase1 ~/plugins/plugin_systemd_phase1 ~/README.md ~/.travis.yml
Unfortunately, the maintainer of Lynis does not seem to provide a GPG signature or any other method to verify the integrity of a downloaded source code. Therefore: Where did you fetch the lynis-3.0.6.tar.gz file currently present on IPFire's source code server from? GitHub?
Thanks, and best regards, Peter Müller
Hello *,
trying to work through volume 5 of 100 of my TODO list, I stumbled across Lynis 3.0.6 once again. Since Packet Storm returned different source code files for every download attempt, Arne reverted Adolf's patch in https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=55cb5e9324dbec88cac95819....
Meanwhile, things have changed: Packet Storm now seems to return the same file every time, no matter where the HTTPS request comes from. Checksums of the downloaded file also match the .tar.gz available at https://downloads.cisofy.com/lynis/lynis-3.0.6.tar.gz, while GitHub still offers a different version:
$ md5sum lynis-3.0.6.tar.gz-* 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz-cisofy c5429c532653a762a55a994d565372aa lynis-3.0.6.tar.gz-github 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz-packetstorm
Worse, CISOfy used do digitally sign releases, but https://downloads.cisofy.com/lynis/lynis-3.0.6.tar.gz.asc just shows a 404 to me - while PGP signatures for previous releases are present. This is bad, and does not look like they are taking security serious there. :-/
Therefore, I would vote for not updating to Lynis 3.0.6 at the moment. Version 3.0.5 looks fine to me, at least it has a valid PGP signature. Let's hope the Lynis folks get their stuff sorted soon - preferably before releasing version 3.0.7.
Thanks, and best regards, Peter Müller
Hi Peter,
On 23/10/2021 18:36, Peter Müller wrote:
Hello *,
trying to work through volume 5 of 100 of my TODO list, I stumbled across Lynis 3.0.6 once again. Since Packet Storm returned different source code files for every download attempt, Arne reverted Adolf's patch in https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=55cb5e9324dbec88cac95819....
Meanwhile, things have changed: Packet Storm now seems to return the same file every time, no matter where the HTTPS request comes from. Checksums of the downloaded file also match the .tar.gz available at https://downloads.cisofy.com/lynis/lynis-3.0.6.tar.gz, while GitHub still offers a different version:
$ md5sum lynis-3.0.6.tar.gz-* 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz-cisofy c5429c532653a762a55a994d565372aa lynis-3.0.6.tar.gz-github 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz-packetstorm
Worse, CISOfy used do digitally sign releases, but https://downloads.cisofy.com/lynis/lynis-3.0.6.tar.gz.asc just shows a 404 to me - while PGP signatures for previous releases are present. This is bad, and does not look like they are taking security serious there. :-/
Therefore, I would vote for not updating to Lynis 3.0.6 at the moment. Version 3.0.5 looks fine to me, at least it has a valid PGP signature. Let's hope the Lynis folks get their stuff sorted soon - preferably before releasing version 3.0.7.
I will then redo my lynis patch to update to 3.0.5 and supersede the previous version.
Adolf.
Thanks, and best regards, Peter Müller
Hi All,
To get the lynis-3.0.5 signature the only way I found to get it was to select the 3.0.6 signature button which gives the 404 error and then edit the url to 3.0.5
Using that 3.0.5 signature with the lynis-3.0.5 file from github gives a Bad Signature result.
So then I had to download 3.0.5 from the website, again by editing the url to 3.0.5 then I was able to get a good signature result.
So even with 3.0.5 there is a mismatch between the https://downloads.cisofy.com/lynis/lynis-3.0.6.tar.gz on the website and the https://github.com/CISOfy/lynis/releases/tag/3.0.5 version in github.
How do we know that the version that is in the https://downloads.cisofy.com/lynis/ website is the correct version. Do we just have to assume that because the other version is in github it *must* be the wrong one!!
Regards,
Adolf.
On 23/10/2021 19:06, Adolf Belka wrote:
Hi Peter,
On 23/10/2021 18:36, Peter Müller wrote:
Hello *,
trying to work through volume 5 of 100 of my TODO list, I stumbled across Lynis 3.0.6 once again. Since Packet Storm returned different source code files for every download attempt, Arne reverted Adolf's patch in https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=55cb5e9324dbec88cac95819....
Meanwhile, things have changed: Packet Storm now seems to return the same file every time, no matter where the HTTPS request comes from. Checksums of the downloaded file also match the .tar.gz available at https://downloads.cisofy.com/lynis/lynis-3.0.6.tar.gz, while GitHub still offers a different version:
$ md5sum lynis-3.0.6.tar.gz-* 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz-cisofy c5429c532653a762a55a994d565372aa lynis-3.0.6.tar.gz-github 23cc369984d564e4a8232473b1ace137 lynis-3.0.6.tar.gz-packetstorm
Worse, CISOfy used do digitally sign releases, but https://downloads.cisofy.com/lynis/lynis-3.0.6.tar.gz.asc just shows a 404 to me - while PGP signatures for previous releases are present. This is bad, and does not look like they are taking security serious there. :-/
Therefore, I would vote for not updating to Lynis 3.0.6 at the moment. Version 3.0.5 looks fine to me, at least it has a valid PGP signature. Let's hope the Lynis folks get their stuff sorted soon - preferably before releasing version 3.0.7.
I will then redo my lynis patch to update to 3.0.5 and supersede the previous version.
Adolf.
Thanks, and best regards, Peter Müller
-
Adolf Belka -
Michael Tremer -
Peter Müller