USN-3675-1: GnuPG vulnerabilities


#1

The USN-3675-1: GnuPG vulnerabilities vulnerability is fixed automatically and installed on SecureDrop production instances. I received the following OSSEC alerts (same set of mail for both app and mon, except for the list of installed packages which is only received for app).

OSSEC HIDS Notification.
2018 Jun 12 04:18:54

Received From: mon->syscheck
Rule: 550 fired (level 7) -> "Integrity checksum changed."
Portion of the log(s):

Integrity checksum changed for: '/usr/bin/gpgv'
Old md5sum was: 'dc0dea5285660a49c73eba7686c021d3'
New md5sum is : '3378f62e61f7cfe43dab4091cf3b1f25'
Old sha1sum was: 'd456670036ccaa00c06098223989d860ad023e3d'
New sha1sum is : '2461c52f37fe84fe6aec18fbb9f0b5239a57b504'

 --END OF NOTIFICATION
OSSEC HIDS Notification.
2018 Jun 12 04:19:18

Received From: mon->syscheck
Rule: 550 fired (level 7) -> "Integrity checksum changed."
Portion of the log(s):

Integrity checksum changed for: '/usr/bin/gpgsplit'
Old md5sum was: 'de5e6d942454bb394c57bc8cffab2b6d'
New md5sum is : 'e2f144e7a901ac8a60e54c3791180121'
Old sha1sum was: 'a9a1f022661a7287a22c54a9816095d0ca46ad1d'
New sha1sum is : '02887b32d195dd87b48c929f10c450027b4b49d8'

 --END OF NOTIFICATION

OSSEC HIDS Notification.
2018 Jun 12 04:19:20

Received From: mon->syscheck
Rule: 550 fired (level 7) -> "Integrity checksum changed."
Portion of the log(s):

Integrity checksum changed for: '/usr/bin/gpg'
Old md5sum was: 'fa9aa367018fc98522dd71a7575b0de4'
New md5sum is : '94defe403a3eb9805cd72c79fd5937f5'
Old sha1sum was: '0ed9ed7d4ab3c22bebbe06ebd52e582bc0905173'
New sha1sum is : '32c959bb834824e5d64185244f297348fd52e65f'

 --END OF NOTIFICATION
OSSEC HIDS Notification.
2018 Jun 12 04:51:08

Received From: (app) A.B.C.D->/var/log/dpkg.log
Rule: 2902 fired (level 7) -> "New dpkg (Debian Package) installed."
Portion of the log(s):

2018-06-12 04:51:07 status installed man-db:amd64 2.6.7.1-1ubuntu1

 --END OF NOTIFICATION

OSSEC HIDS Notification.
2018 Jun 12 04:51:08

Received From: (app) A.B.C.D->/var/log/dpkg.log
Rule: 2902 fired (level 7) -> "New dpkg (Debian Package) installed."
Portion of the log(s):

2018-06-12 04:51:08 status installed gpgv:amd64 1.4.16-1ubuntu2.5

 --END OF NOTIFICATION

OSSEC HIDS Notification.
2018 Jun 12 04:51:10

Received From: (app) A.B.C.D->/var/log/dpkg.log
Rule: 2902 fired (level 7) -> "New dpkg (Debian Package) installed."
Portion of the log(s):

2018-06-12 04:51:09 status installed install-info:amd64 5.2.0.dfsg.1-2

 --END OF NOTIFICATION

OSSEC HIDS Notification.
2018 Jun 12 04:51:10

Received From: (app) A.B.C.D->/var/log/dpkg.log
Rule: 2902 fired (level 7) -> "New dpkg (Debian Package) installed."
Portion of the log(s):

2018-06-12 04:51:10 status installed man-db:amd64 2.6.7.1-1ubuntu1

 --END OF NOTIFICATION

OSSEC HIDS Notification.
2018 Jun 12 04:51:12

Received From: (app) A.B.C.D->/var/log/dpkg.log
Rule: 2902 fired (level 7) -> "New dpkg (Debian Package) installed."
Portion of the log(s):

2018-06-12 04:51:10 status installed gnupg:amd64 1.4.16-1ubuntu2.5

 --END OF NOTIFICATION

OSSEC HIDS Notification.
2018 Jun 12 04:51:12

Received From: (app) A.B.C.D->/var/log/dpkg.log
Rule: 2902 fired (level 7) -> "New dpkg (Debian Package) installed."
Portion of the log(s):

2018-06-12 04:51:11 status installed linux-libc-dev:amd64 3.13.0-151.201

 --END OF NOTIFICATION