From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-server+bounces-3531-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1QSRH1-0000KN-V7
	for garchives@archives.gentoo.org; Fri, 03 Jun 2011 10:06:36 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 74C431C006
	for <garchives@archives.gentoo.org>; Fri,  3 Jun 2011 10:06:35 +0000 (UTC)
Received: from traffic.gocept.net (traffic.gocept.net [195.62.125.25])
	by pigeon.gentoo.org (Postfix) with ESMTP id 524BE1C03C
	for <gentoo-server@lists.gentoo.org>; Fri,  3 Jun 2011 09:37:31 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.gocept.net (Postfix) with ESMTP id C03CC200EE
	for <gentoo-server@lists.gentoo.org>; Fri,  3 Jun 2011 11:37:30 +0200 (CEST)
X-Virus-Scanned: amavisd-new at gocept.net
Received: from [IPv6:2001:5c0:1400:b::4d1d] (ckauhaus.broker.freenet6.net [IPv6:2001:5c0:1400:b::4d1d])
	(Authenticated sender: kc@gocept.com)
	by mail.gocept.net (Postfix) with ESMTPSA id 6560B200EC
	for <gentoo-server@lists.gentoo.org>; Fri,  3 Jun 2011 11:37:29 +0200 (CEST)
Message-ID: <4DE8AB58.4050605@gocept.com>
Date: Fri, 03 Jun 2011 11:37:28 +0200
From: Christian Kauhaus <kc@gocept.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110424 Lightning/1.0b2.104i Thunderbird/3.1.10
Precedence: bulk
List-Post: <mailto:gentoo-server@lists.gentoo.org>
List-Help: <mailto:gentoo-server+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-server+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-server+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-server.gentoo.org>
X-BeenThere: gentoo-server@lists.gentoo.org
Reply-to: gentoo-server@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] Managing multiple servers.
References: <BAY153-w1354DEAA9272266123023B9E720@phx.gbl>	<BANLkTin2TNuGfK0X_WZd5zRwo50+YCA+QQ@mail.gmail.com>	<BANLkTinzxUJ1oLapSG1b4Z2BTnVSPrpH1g@mail.gmail.com>	<1306770878.29669.5.camel@localhost> <BANLkTinsXC7oARUFUYDV8XS2GRS6PvTrrQ@mail.gmail.com>
In-Reply-To: <BANLkTinsXC7oARUFUYDV8XS2GRS6PvTrrQ@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 
X-Archives-Hash: a3944dcc01afea95956b8a8431af469c

Am 02.06.2011 21:31, schrieb Sven Vermeulen:
> I wrote (and still maintain) a package called cvechecker
> (http://cvechecker.sourceforge.net) whose purpose is to scan the system=
 for
> installed software (or you use a simple file that tells the application=
 what
> is installed so systemwide scans aren't needed then anymore) and pull i=
n
> information from NVD about CVE entries. It then matches the CVE entries=
 with
> the detected software/versions on your system and report which ones mig=
ht be
> affected by a known vulnerability.

This looks really interesting. As an admin in a larger installation, I mu=
st=20
evaluate the impact of possible security problems on our infrastructure b=
y=20
myself anyway. This tool could give a good basis in form of early warning=
s.

Has anyone already written an ebuild?

Regards

Christian

--=20
Dipl.-Inf. Christian Kauhaus <>< =B7 kc@gocept.com =B7 systems administra=
tion
gocept gmbh & co. kg =B7 forsterstra=DFe 29 =B7 06112 halle (saale) =B7 g=
ermany
http://gocept.com =B7 tel +49 345 1229889 11 =B7 fax +49 345 1229889 1
Zope and Plone consulting and development