Package: ruby-rubygems Version: 3.2.5-2 Severity: minor X-Debbugs-Cc: wim.bert...@ucll.be
Hello, chkrootkit reports the following file as suspect, while this is most likely a false positive, they also seem to be unnecessary The file: /usr/lib/ruby/vendor_ruby/rubygems/ssl_certs/.document Also when looking at /usr/lib/ruby/vendor_ruby/rubygems/ssl_certs/rubygems.org/ it strange to see that rubygems probably isn't using the trusted system wide ca-certificates for verification (similar issue in the past: #689069) hth, Wim -- System Information: Debian Release: 11.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-9-amd64 (SMP w/16 CPU threads) Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8), LANGUAGE=nl_BE:nl Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages ruby-rubygems depends on: ii ruby 1:2.7+2 ruby-rubygems recommends no packages. ruby-rubygems suggests no packages. -- no debconf information
