Gentoo Archives: gentoo-security

From: "W.Kenworthy" <billk@×××××××××.au>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Kernels and GLSAs
Date: Tue, 20 Sep 2005 14:43:18
Message-Id: 1127227069.16000.40.camel@bunyip
In Reply to: Re: [gentoo-security] Kernels and GLSAs by "Brian G. Peterson"
Not strictly correct - "glsa-check --list" does tell you if the system
is vulnerable: it highlights the entry in red, and sets [N] for the
entry.  --test is just a shortcut that allows individual tests, or with
"all" lists only those that fail the test.  --list|grep "\[N" is
actually better as it includes the description as well.


On Tue, 2005-09-20 at 08:53 -0500, Brian G. Peterson wrote:
> On Tuesday 20 September 2005 07:44 am, Marius Mauch wrote: > > > Brian Peterson wrote: > > > The glsa-check tool is basically useless > > > (as of gentoolkit-0.2.1_pre7), as it shows all GLSAs rather than just
> > a long time. Also make sure you don't confuse the --list option with > > the --test option. > > Sure. > > glsa-check --test > > run by itself, does nothing except give a command summary. > > glsa-check --list > > lists *all* unapplied GLSAs, regardless of whether the package is installed on > the running system. > > So, you need to --test each and every GLSA to see if it applies to your > system. > > glsa-test --test all > > gives a list of GLSAs that apply to a running system, but then provides no > details about these GLSAs in the list. >
-- gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] Kernels and GLSAs Drew Kirkpatrick <drew.kirkpatrick@×××××.com>