From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1QSFIy-00042O-Nq for garchives@archives.gentoo.org; Thu, 02 Jun 2011 21:19:49 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 585B81C278 for ; Thu, 2 Jun 2011 21:19:48 +0000 (UTC) Received: from mail-bw0-f53.google.com (mail-bw0-f53.google.com [209.85.214.53]) by pigeon.gentoo.org (Postfix) with ESMTP id 87A051C009 for ; Thu, 2 Jun 2011 20:33:49 +0000 (UTC) Received: by bwg12 with SMTP id 12so1785317bwg.40 for ; Thu, 02 Jun 2011 13:33:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:from:date :message-id:subject:to:content-type; bh=/i7FZuyVCqWDHIqYO+6zjB+81LiEpx/iY83wH/oplLc=; b=RcAhVgnoqPFNvuem2Lyp/8YgHwAY6Tt5Yi/evLnpKA3qjTFJjbHk3dr4peA6kqipSK 7cfSRDHv80Yx+ehO1Grcfc3LCldZ+tLo3djOlFSd3VDARimovUWBpW59dVy+4UZ8q55g h/eNlH7MV9VStOyPNqan+fIkyUGDV5zGfLthI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; b=tNV/HFhjGE7NZKqfC+Wde/uifasFKhgIHxS5bJpZOCZpW549zR8n6gEqE9nUlqaDCt CpkaZGMM07JOeiph3l65UCqct9+fkaAXYW54efl8wC6KUDODN8soCw5wtYMBgQSZnerh mJXOmd5ORneK8ADnU2DP9rO0NPelIL/Uw+sXU= Received: by 10.204.50.66 with SMTP id y2mr1224677bkf.81.1307046828235; Thu, 02 Jun 2011 13:33:48 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@lists.gentoo.org Reply-to: gentoo-server@lists.gentoo.org MIME-Version: 1.0 Received: by 10.204.32.3 with HTTP; Thu, 2 Jun 2011 13:33:07 -0700 (PDT) In-Reply-To: References: <1306770878.29669.5.camel@localhost> From: David Date: Thu, 2 Jun 2011 15:33:07 -0500 Message-ID: Subject: Re: [gentoo-server] Managing multiple servers. To: gentoo-server@lists.gentoo.org Content-Type: multipart/alternative; boundary=0003255580e2e6dd9504a4c08d1b X-Archives-Salt: X-Archives-Hash: 2d80caaedc920c9bf2519ba274eda542 --0003255580e2e6dd9504a4c08d1b Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Since Gentoo does not report security issues very frequently, having a Gentoo package/ebuild for 'cvechecker' seems ideal. Perhaps 'cvechecker' would also help the Gentoo team that announces vulnerabilities. 2011/6/2 Sven Vermeulen > 2011/5/30 Jean-Fran=E7ois Maeyhieux > >> I think you may be use this old script as i get used several years ago: >> >> website: http://www.panhorst.com/glcu/ >> ebuild: http://bugs.gentoo.org/show_bug.cgi?id=3D101827 >> >> >> Hopping this script could help you... It manage daily update >> (sync,build) and report via cron/mail. So you've just to install >> pre-built package that have been prepared on a daily frequency when you >> decide it's ok to do it without lost time. A revdep-rebuild and commit >> of new configuration file using a configured dispatch-conf later, your >> machine is update. >> >> > I wrote (and still maintain) a package called cvechecker ( > http://cvechecker.sourceforge.net) whose purpose is to scan the system fo= r > installed software (or you use a simple file that tells the application w= hat > is installed so systemwide scans aren't needed then anymore) and pull in > information from NVD about CVE entries. It then matches the CVE entries w= ith > the detected software/versions on your system and report which ones might= be > affected by a known vulnerability. > > Wkr, > Sven Vermeulen > --0003255580e2e6dd9504a4c08d1b Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Since Gentoo does not report security issues very frequently, having a Gent= oo package/ebuild for 'cvechecker' seems ideal.

Perhaps '= ;cvechecker' would also help the Gentoo team that announces vulnerabili= ties.





2011/6/2 Sven Vermeulen <sven.vermeule= n@siphos.be>
2011/5/30 Jean-Fran=E7ois Maey= hieux <b4b1@free.fr>
I think you may be use this old script as i get used several years ago:

website: http:/= /www.panhorst.com/glcu/
ebuild: http://bugs.gentoo.org/show_bug.cgi?id=3D101827


Hopping this script could help you... It manage daily update
(sync,build) and report via cron/mail. So you've just to install
pre-built package that have been prepared on a daily frequency when you
decide it's ok to do it without lost time. A revdep-rebuild and commit<= br> of new configuration file using a configured dispatch-conf later, your
machine is update.


I wrote (and still ma= intain) a package called cvechecker (http://cvechecker.sourceforge.net) whose purp= ose is to scan the system for installed software (or you use a simple file = that tells the application what is installed so systemwide scans aren't= needed then anymore) and pull in information from NVD about CVE entries. I= t then matches the CVE entries with the detected software/versions on your = system and report which ones might be affected by a known vulnerability.
Wkr,
=A0 Sven Vermeulen

--0003255580e2e6dd9504a4c08d1b--