tier1.jp released logcheck ignore database v0.13 for Debian GNU/Linux stretch and buster.
logcheck may cause a security issue which leaks restricted dmesg information.
v0.13 adds more suppression rules for kernel dmesg outputs.
Please update our ignore database ASAP, if you are using.
- Minimize the system.
- If possible, purge development tool chains.
- Do not add daily normal users into logcheck recipient lists.
- Especially do exclude developer accounts.
- Restrict web access.
- Never execute anything from the Internet directly.
- Use browser tracking protections as much as possible.
- Create special (but normal) user to receive those
logcheck summary mails.
- who does nothing but to read summary mails.
- Use buster (Linux Kernel 4.19)
- Or use backported 4.19 kernel for stretch.
- Linux Kernel 4.15-rc1 addressed this issue.
The tar file is available at the software page.