From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QSSAj-0008Gd-HR for garchives@archives.gentoo.org; Fri, 03 Jun 2011 11:04:11 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id F02A01C028 for ; Fri, 3 Jun 2011 11:04:08 +0000 (UTC) Received: from smtpq3.gn.mail.iss.as9143.net (smtpq3.gn.mail.iss.as9143.net [212.54.34.166]) by pigeon.gentoo.org (Postfix) with ESMTP id ED8C71C008 for ; Fri, 3 Jun 2011 10:49:04 +0000 (UTC) Received: from [212.54.34.146] (helo=smtp15.gn.mail.iss.as9143.net) by smtpq3.gn.mail.iss.as9143.net with esmtp (Exim 4.71) (envelope-from ) id 1QSRw8-00058i-DF for gentoo-server@lists.gentoo.org; Fri, 03 Jun 2011 12:49:04 +0200 Received: from 5353c717.cm-6-4d.dynamic.ziggo.nl ([83.83.199.23] helo=data.antarean.org) by smtp15.gn.mail.iss.as9143.net with esmtp (Exim 4.71) (envelope-from ) id 1QSRw5-0006Nt-GS for gentoo-server@lists.gentoo.org; Fri, 03 Jun 2011 12:49:01 +0200 Received: from localhost (localhost [127.0.0.1]) by data.antarean.org (Postfix) with ESMTP id 1440B1ED7 for ; Fri, 3 Jun 2011 12:52:50 +0200 (CEST) X-Virus-Scanned: amavisd-new at antarean.org Received: from data.antarean.org ([127.0.0.1]) by localhost (data.antarean.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h7xuNMws8BIq for ; Fri, 3 Jun 2011 12:52:49 +0200 (CEST) Received: from eve.localnet (eve.lan.antarean.org [10.20.13.50]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by data.antarean.org (Postfix) with ESMTPS id A3E6C4BF for ; Fri, 3 Jun 2011 12:52:49 +0200 (CEST) From: Joost Roeleveld To: gentoo-server@lists.gentoo.org Subject: Re: [gentoo-server] Managing multiple servers. Date: Fri, 03 Jun 2011 12:49 +0200 Message-ID: <2245705.Zk870G9S9y@eve> User-Agent: KMail/4.6 beta5 (Linux/2.6.36-gentoo-r5; KDE/4.6.3; x86_64; ; ) In-Reply-To: <4DE8AB58.4050605@gocept.com> References: <4DE8AB58.4050605@gocept.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@lists.gentoo.org Reply-to: gentoo-server@lists.gentoo.org MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-ZiggoSMTP-MailScanner-Information: Please contact the ISP for more information X-ZiggoSMTP-MailScanner-ID: 1QSRw5-0006Nt-GS X-ZiggoSMTP-MailScanner: Found to be clean X-ZiggoSMTP-MailScanner-SpamCheck: geen spam, SpamAssassin (niet cached, score=-0.928, vereist 5, BAYES_00 -1.90, RDNS_DYNAMIC 0.98, T_RP_MATCHES_RCVD -0.01) X-ZiggoSMTP-MailScanner-From: joost@antarean.org X-Spam-Status: No X-Archives-Salt: X-Archives-Hash: 74492795f52dcec2ad3969ac5dc04674 On Friday 03 June 2011 11:37:28 Christian Kauhaus wrote: > Am 02.06.2011 21:31, schrieb Sven Vermeulen: > > I wrote (and still maintain) a package called cvechecker > > (http://cvechecker.sourceforge.net) whose purpose is to scan the system > > for installed software (or you use a simple file that tells the > > application what is installed so systemwide scans aren't needed then > > anymore) and pull in information from NVD about CVE entries. It then > > matches the CVE entries with the detected software/versions on your > > system and report which ones might be affected by a known > > vulnerability. > > This looks really interesting. As an admin in a larger installation, I must > evaluate the impact of possible security problems on our infrastructure by > myself anyway. This tool could give a good basis in form of early warnings. > > Has anyone already written an ebuild? Yes, the location for this is listed on the website: http://cvechecker.sourceforge.net/install.html#gentoo -- Joost