[arch-general] Arch-Sheriff - A script to match NetBSD vulnerability database against Arch Linux packages
François Charette
firmicus at ankabut.net
Fri Sep 12 09:01:02 EDT 2008
raca a écrit :
> Qui, 2008-09-11 às 14:48 -0300, Hugo Doria escreveu:
>
>> Hi everyone,
>>
>> Oh! And BTW, can someone update pacman db in gerolde? I think its a
>> bit old (sheriff got a older version of wireshark and opera, for
>> example).
>>
>> -- Hugo
>>
>
> Nice tool! :)
>
> I tested it and when saw the mplayer vulns I went.. oh god, never use it
> again lol.
> The vulns are upstream problems and not packaging problems, so I don't
> know if this is really that useful for the arch developers. I don't see
> the packages maintainers making patchs for every vuln on the fly before
> a new version comes out.
> I think this is a better tool for admins to know which programs are
> vulnerable at the moment.
>
> Hope there will be AUR package :)
>
> raca
>
>
>
Very nice. I recently tried a similar tool which worked very well on Arch:
see http://www.rootkit.nl/projects/lynis.html
F
More information about the arch-general
mailing list