1 |
Personally, I like the way it's done in NetBSD: There is a pkg called |
2 |
'audit-packages', which has 2 tools: download-vulnerability-list, which |
3 |
does exactly that: download a current list (maintained by the NetBSD |
4 |
security team) of pkgs, that are vulnerable (with version of course), and |
5 |
a tool audit-packages, which checks all installed pkgs against this list. |
6 |
The clou is, that this tool integrates with the build system (emerge in |
7 |
Gentoo), and regularily tells you about packages which would need a |
8 |
security update, when you update/install a package. Include these tools |
9 |
in crontab, let yourself send the output of audit-packages and you're |
10 |
somewhat safe about the packages on your system. |
11 |
|
12 |
Roman |
13 |
|
14 |
|
15 |
-- |
16 |
gentoo-security@g.o mailing list |