| 1 |
Since Gentoo does not report security issues very frequently, having a |
| 2 |
Gentoo package/ebuild for 'cvechecker' seems ideal. |
| 3 |
|
| 4 |
Perhaps 'cvechecker' would also help the Gentoo team that announces |
| 5 |
vulnerabilities. |
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
2011/6/2 Sven Vermeulen <sven.vermeulen@××××××.be> |
| 12 |
|
| 13 |
> 2011/5/30 Jean-François Maeyhieux <b4b1@××××.fr> |
| 14 |
> |
| 15 |
>> I think you may be use this old script as i get used several years ago: |
| 16 |
>> |
| 17 |
>> website: http://www.panhorst.com/glcu/ |
| 18 |
>> ebuild: http://bugs.gentoo.org/show_bug.cgi?id=101827 |
| 19 |
>> |
| 20 |
>> |
| 21 |
>> Hopping this script could help you... It manage daily update |
| 22 |
>> (sync,build) and report via cron/mail. So you've just to install |
| 23 |
>> pre-built package that have been prepared on a daily frequency when you |
| 24 |
>> decide it's ok to do it without lost time. A revdep-rebuild and commit |
| 25 |
>> of new configuration file using a configured dispatch-conf later, your |
| 26 |
>> machine is update. |
| 27 |
>> |
| 28 |
>> |
| 29 |
> I wrote (and still maintain) a package called cvechecker ( |
| 30 |
> http://cvechecker.sourceforge.net) whose purpose is to scan the system for |
| 31 |
> installed software (or you use a simple file that tells the application what |
| 32 |
> is installed so systemwide scans aren't needed then anymore) and pull in |
| 33 |
> information from NVD about CVE entries. It then matches the CVE entries with |
| 34 |
> the detected software/versions on your system and report which ones might be |
| 35 |
> affected by a known vulnerability. |
| 36 |
> |
| 37 |
> Wkr, |
| 38 |
> Sven Vermeulen |
| 39 |
> |
Archives