2011/5/30 Jean-François Maeyhieux <b4b1@free.fr>I think you may be use this old script as i get used several years ago:
website: http://www.panhorst.com/glcu/
ebuild: http://bugs.gentoo.org/show_bug.cgi?id=101827
Hopping this script could help you... It manage daily update
(sync,build) and report via cron/mail. So you've just to install
pre-built package that have been prepared on a daily frequency when you
decide it's ok to do it without lost time. A revdep-rebuild and commit
of new configuration file using a configured dispatch-conf later, your
machine is update.
I wrote (and still maintain) a package called cvechecker (http://cvechecker.sourceforge.net) whose purpose is to scan the system for installed software (or you use a simple file that tells the application what is installed so systemwide scans aren't needed then anymore) and pull in information from NVD about CVE entries. It then matches the CVE entries with the detected software/versions on your system and report which ones might be affected by a known vulnerability.
Wkr,
Sven Vermeulen