Gentoo Archives: gentoo-security

From: Linux Alerts <linux.alerts@××××××××××××.com>
To: gentoo-security@l.g.o
Subject: RE: [gentoo-security] Days of yore
Date: Tue, 22 May 2007 15:48:06
Message-Id: 002301c79c87$adf54980$09dfdc80$
In Reply to: Re: [gentoo-security] Days of yore by "Konstnatin V. Gavrilenko"
Very nice, slick script .. thanks!


-----Original Message-----
From: Konstnatin V. Gavrilenko [mailto:mlists@××××××.com] 
Sent: Tuesday, May 22, 2007 11:33 AM
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Days of yore

the script I use to get email notifications of the affected ebuilds,
that also prepares a shell script that fixes the glsas.

might be useful for someone.



if [ -f $tmp ] ; then
 rm -f $tmp

if [ -f $update ] ; then
 rm -f $update

emerge --sync >/dev/null 2>&1
glsa-check -n --list affected 2> /dev/null > $tmp

arr=(`cat $tmp | awk '{print $1}'`)

if [ $BUGCOUNT -gt "0" ] ; then

echo -e '#!/bin/bash' > $update
echo -ne '#relevant as for ' >> $update
echo `date +%D` >> $update

 while (($n < $BUGCOUNT)); do

echo "/usr/bin/glsa-check -f" ${arr[$n]} >> $update
cat $glsa/glsa-${arr[$n]}.xml | grep "# emerge"  | grep -v "emerge
--sync" | \
  sed 's/\&quot\;/\"/g' | sed 's/\&gt\;/\>/g' | sed 's/<\/code>//g' >>
echo  >> $update
  let n+=1

echo -e "\nRun $update to update the system" >> $tmp
 cat $tmp | /bin/mail -s GLSA_UNAPPLIED email_address@××××××.com
 rm -rf $tmp

Sune Kloppenborg Jeppesen wrote:
> On Monday 16 April 2007 20:31, Sune Kloppenborg Jeppesen wrote: >> I agree that policy should be updated to reflect this but that got bogged >> down by other issues last I tried. I'll try again. > Ohh well, I must have dropped my memory somewhere I forgot:( > > I actually updated the Gentoo Linux Vulnerability Treatment Policy last > August to reflect that: > > "Kernels > Currently kernels are not covered by the GLSA release process. > Vulnerabilities must still be reported and will be fixed, but no GLSA will be > issued when everything is solved. > Note: This policy should be changed when new tools are added to cover > security vulnerabilities affecting the different kernel sources." > > >
-- gentoo-security@g.o mailing list -- gentoo-security@g.o mailing list