1 |
Not strictly correct - "glsa-check --list" does tell you if the system |
2 |
is vulnerable: it highlights the entry in red, and sets [N] for the |
3 |
entry. --test is just a shortcut that allows individual tests, or with |
4 |
"all" lists only those that fail the test. --list|grep "\[N" is |
5 |
actually better as it includes the description as well. |
6 |
|
7 |
BillK |
8 |
|
9 |
|
10 |
On Tue, 2005-09-20 at 08:53 -0500, Brian G. Peterson wrote: |
11 |
> On Tuesday 20 September 2005 07:44 am, Marius Mauch wrote: |
12 |
> > > Brian Peterson wrote: |
13 |
> > > The glsa-check tool is basically useless |
14 |
> > > (as of gentoolkit-0.2.1_pre7), as it shows all GLSAs rather than just |
15 |
|
16 |
... |
17 |
|
18 |
> > a long time. Also make sure you don't confuse the --list option with |
19 |
> > the --test option. |
20 |
> |
21 |
> Sure. |
22 |
> |
23 |
> glsa-check --test |
24 |
> |
25 |
> run by itself, does nothing except give a command summary. |
26 |
> |
27 |
> glsa-check --list |
28 |
> |
29 |
> lists *all* unapplied GLSAs, regardless of whether the package is installed on |
30 |
> the running system. |
31 |
> |
32 |
> So, you need to --test each and every GLSA to see if it applies to your |
33 |
> system. |
34 |
> |
35 |
> glsa-test --test all |
36 |
> |
37 |
> gives a list of GLSAs that apply to a running system, but then provides no |
38 |
> details about these GLSAs in the list. |
39 |
> |
40 |
|
41 |
-- |
42 |
gentoo-security@g.o mailing list |