| 1 |
Not strictly correct - "glsa-check --list" does tell you if the system |
| 2 |
is vulnerable: it highlights the entry in red, and sets [N] for the |
| 3 |
entry. --test is just a shortcut that allows individual tests, or with |
| 4 |
"all" lists only those that fail the test. --list|grep "\[N" is |
| 5 |
actually better as it includes the description as well. |
| 6 |
|
| 7 |
BillK |
| 8 |
|
| 9 |
|
| 10 |
On Tue, 2005-09-20 at 08:53 -0500, Brian G. Peterson wrote: |
| 11 |
> On Tuesday 20 September 2005 07:44 am, Marius Mauch wrote: |
| 12 |
> > > Brian Peterson wrote: |
| 13 |
> > > The glsa-check tool is basically useless |
| 14 |
> > > (as of gentoolkit-0.2.1_pre7), as it shows all GLSAs rather than just |
| 15 |
|
| 16 |
... |
| 17 |
|
| 18 |
> > a long time. Also make sure you don't confuse the --list option with |
| 19 |
> > the --test option. |
| 20 |
> |
| 21 |
> Sure. |
| 22 |
> |
| 23 |
> glsa-check --test |
| 24 |
> |
| 25 |
> run by itself, does nothing except give a command summary. |
| 26 |
> |
| 27 |
> glsa-check --list |
| 28 |
> |
| 29 |
> lists *all* unapplied GLSAs, regardless of whether the package is installed on |
| 30 |
> the running system. |
| 31 |
> |
| 32 |
> So, you need to --test each and every GLSA to see if it applies to your |
| 33 |
> system. |
| 34 |
> |
| 35 |
> glsa-test --test all |
| 36 |
> |
| 37 |
> gives a list of GLSAs that apply to a running system, but then provides no |
| 38 |
> details about these GLSAs in the list. |
| 39 |
> |
| 40 |
|
| 41 |
-- |
| 42 |
gentoo-security@g.o mailing list |
Archives