1 |
Since Gentoo does not report security issues very frequently, having a |
2 |
Gentoo package/ebuild for 'cvechecker' seems ideal. |
3 |
|
4 |
Perhaps 'cvechecker' would also help the Gentoo team that announces |
5 |
vulnerabilities. |
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
2011/6/2 Sven Vermeulen <sven.vermeulen@××××××.be> |
12 |
|
13 |
> 2011/5/30 Jean-François Maeyhieux <b4b1@××××.fr> |
14 |
> |
15 |
>> I think you may be use this old script as i get used several years ago: |
16 |
>> |
17 |
>> website: http://www.panhorst.com/glcu/ |
18 |
>> ebuild: http://bugs.gentoo.org/show_bug.cgi?id=101827 |
19 |
>> |
20 |
>> |
21 |
>> Hopping this script could help you... It manage daily update |
22 |
>> (sync,build) and report via cron/mail. So you've just to install |
23 |
>> pre-built package that have been prepared on a daily frequency when you |
24 |
>> decide it's ok to do it without lost time. A revdep-rebuild and commit |
25 |
>> of new configuration file using a configured dispatch-conf later, your |
26 |
>> machine is update. |
27 |
>> |
28 |
>> |
29 |
> I wrote (and still maintain) a package called cvechecker ( |
30 |
> http://cvechecker.sourceforge.net) whose purpose is to scan the system for |
31 |
> installed software (or you use a simple file that tells the application what |
32 |
> is installed so systemwide scans aren't needed then anymore) and pull in |
33 |
> information from NVD about CVE entries. It then matches the CVE entries with |
34 |
> the detected software/versions on your system and report which ones might be |
35 |
> affected by a known vulnerability. |
36 |
> |
37 |
> Wkr, |
38 |
> Sven Vermeulen |
39 |
> |