Since Gentoo does not report security issues very frequently, having a
Gentoo package/ebuild for 'cvechecker' seems ideal.

Perhaps 'cvechecker' would also help the Gentoo team that announces
vulnerabilities.





2011/6/2 Sven Vermeulen <sven.vermeulen@siphos.be>

> 2011/5/30 Jean-François Maeyhieux <b4b1@free.fr>
>
>> I think you may be use this old script as i get used several years ago:
>>
>> website: http://www.panhorst.com/glcu/
>> ebuild: http://bugs.gentoo.org/show_bug.cgi?id=101827
>>
>>
>> Hopping this script could help you... It manage daily update
>> (sync,build) and report via cron/mail. So you've just to install
>> pre-built package that have been prepared on a daily frequency when you
>> decide it's ok to do it without lost time. A revdep-rebuild and commit
>> of new configuration file using a configured dispatch-conf later, your
>> machine is update.
>>
>>
> I wrote (and still maintain) a package called cvechecker (
> http://cvechecker.sourceforge.net) whose purpose is to scan the system for
> installed software (or you use a simple file that tells the application what
> is installed so systemwide scans aren't needed then anymore) and pull in
> information from NVD about CVE entries. It then matches the CVE entries with
> the detected software/versions on your system and report which ones might be
> affected by a known vulnerability.
>
> Wkr,
>   Sven Vermeulen
>