-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At the request of creffett, I created a Proof of Concept for glksa-check, which allows for glksa XML files to define Kernel security vulnerabilities. Please realize that this is a Proof of Concept, and that the interface is not the most user-friendly. The code can definitely be improved as well. To test the program, untar the files and copy the glksa dir to /usr/portage/metadata/. At the moment, the script requires you to have /proc/config.gz enabled in your kernel to read your running config options.
I have two XML files currently defined (still using the glsa.dtd schema); one that is an actual vulnerability and one that is simply a control that triggers on X86. To test the program, run it with the -l option. You can download the files at http://sdamashek.me/files/glksa.tar.gz (not sure if the mailing lists let you attach tarballs). There is definitely a lot to be improved about the application; this is just an idea for how to handle notifying users about Kernel vulnerabilities that affect their system. They would be released just like glsas. What are the list's opinions on this? - -- Samuel Damashek -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJS2gI3AAoJEGw+uP08RytWFqcH/0TyfO/6CwK281F4I7xzSEmG WAjbo1OybDAKmV36U3Z+3BwWOtdMLGmJ64OJ5NBvKmITXd6A5CDpB2XYafpnEWyU Y/PgyUdtLD2Ir4LQeGp8d6s8rVRCr0Ewu3KwRbvRiEAvNzn8+UXyF1AnnKZ+5vxo iSOonv7WJHrj0RYq3mpDJn9/OBM+ZwdN0WgpWKZxTy4gCi0lTUXx4QxCYs4ub/I1 6+A+KiZgIxakfjZEmUa7drRojtEY9cMKGEf7EhRDzO8DGuAMerFmGc7Hspsd8z8p bD42ATg8J7M6WaCbe8Sc2YL7oIWh+X1OO6wYc0XK6/5uq/Bpi3k2LuhV0+antfQ= =QgqI -----END PGP SIGNATURE-----
