mirror of
https://github.com/Ponce/slackbuilds
synced 2024-12-01 01:00:03 +01:00
c3d76a22fb
Signed-off-by: Matteo Bernardini <ponce@slackbuilds.org> |
||
---|---|---|
.. | ||
cve-check-tool.info | ||
cve-check-tool.SlackBuild | ||
README | ||
slack-desc | ||
update-fmt.diff |
cve-check-tool is a tool for checking known (public) CVEs. The tool will identify potentially vunlnerable software packages within Linux distributions through version matching. CVEs are only ever potential - due to the various policies of various distributions, and indeed semantics in versioning within various projects, it is expected that the tool may generate false positives. The tool is designed to integrate with a locally cached copy of the National Vulnerability Database. cve-check-tool downloads the NVD in its entirety, from 2002 until the current moment. The decompressed XML database is in excess of 550MB, so this should be taken into account before running the tool. Make package list from package database: ( cd /var/log/packages/ ; ls | rev | cut -d- -f3- | \ sed -e s/-/,/ -e s/^/,,/ | rev > /var/log/pkgs.csv ) Check packages via CVEs database: cve-check-tool -uNc /var/log/pkgs.csv