On Friday 03 June 2011 11:37:28 Christian Kauhaus wrote: > Am 02.06.2011 21:31, schrieb Sven Vermeulen: > > I wrote (and still maintain) a package called cvechecker > > (http://cvechecker.sourceforge.net) whose purpose is to scan the system > > for installed software (or you use a simple file that tells the > > application what is installed so systemwide scans aren't needed then > > anymore) and pull in information from NVD about CVE entries. It then > > matches the CVE entries with the detected software/versions on your > > system and report which ones might be affected by a known > > vulnerability. > > This looks really interesting. As an admin in a larger installation, I must > evaluate the impact of possible security problems on our infrastructure by > myself anyway. This tool could give a good basis in form of early warnings. > > Has anyone already written an ebuild?
Yes, the location for this is listed on the website: http://cvechecker.sourceforge.net/install.html#gentoo -- Joost
