Gentoo Archives: gentoo-security

From: Drew Kirkpatrick <drew.kirkpatrick@×××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Kernels and GLSAs
Date: Tue, 20 Sep 2005 14:54:41
Message-Id: 81469e8e05092007445ca44b50@mail.gmail.com
In Reply to: Re: [gentoo-security] Kernels and GLSAs by "W.Kenworthy"
I just use this one liner:

glsa-check --list 2> /dev/null | grep '\[N\]'

and manually merge the packages listed each morning when I get to
work. Takes no time at all.

On 9/20/05, W.Kenworthy <billk@×××××××××.au> wrote:
> Not strictly correct - "glsa-check --list" does tell you if the system > is vulnerable: it highlights the entry in red, and sets [N] for the > entry. --test is just a shortcut that allows individual tests, or with > "all" lists only those that fail the test. --list|grep "\[N" is > actually better as it includes the description as well. > > BillK > > > On Tue, 2005-09-20 at 08:53 -0500, Brian G. Peterson wrote: > > On Tuesday 20 September 2005 07:44 am, Marius Mauch wrote: > > > > Brian Peterson wrote: > > > > The glsa-check tool is basically useless > > > > (as of gentoolkit-0.2.1_pre7), as it shows all GLSAs rather than just > > ... > > > > a long time. Also make sure you don't confuse the --list option with > > > the --test option. > > > > Sure. > > > > glsa-check --test > > > > run by itself, does nothing except give a command summary. > > > > glsa-check --list > > > > lists *all* unapplied GLSAs, regardless of whether the package is installed on > > the running system. > > > > So, you need to --test each and every GLSA to see if it applies to your > > system. > > > > glsa-test --test all > > > > gives a list of GLSAs that apply to a running system, but then provides no > > details about these GLSAs in the list. > > > > -- > gentoo-security@g.o mailing list > >
-- gentoo-security@g.o mailing list