Date: Thu, 21 Sep 2000 09:45:49 +0200 (IST) From: Roman Shterenzon <roman@xpert.com> To: Kris Kennaway <kris@FreeBSD.org> Cc: freebsd-security@freebsd.org Subject: Re: Package Vulnerability scanner (CVS commit: pkgsrc (fwd)) Message-ID: <Pine.LNX.4.10.10009210942110.30586-100000@jamus.xpert.com> In-Reply-To: <Pine.BSF.4.21.0009201533520.56172-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I can build a perl script which will: 1) download advisories 2) pgp check them 3) check the a)pkg version (if fixed in later version) b)install date of a package (if fixed only in ports) vs. the "fixed" date in the advisory. 4) optional - delete and install newer version. is it what you have proposed? On Wed, 20 Sep 2000, Kris Kennaway wrote: > Anyone care to adapt this for FreeBSD? I don't have time right now. > > Kris > > -- > In God we Trust -- all others must submit an X.509 certificate. > -- Charles Forsythe <forsythe@alum.mit.edu> > > ---------- Forwarded message ---------- > Date: Tue, 19 Sep 2000 22:23:17 +0300 (EEST) > From: Alistair G. Crooks <agc@netbsd.org> > To: source-changes@netbsd.org > Subject: CVS commit: pkgsrc > > > Module Name: pkgsrc > Committed By: agc > Date: Tue Sep 19 19:23:17 UTC 2000 > > Update of /cvsroot/pkgsrc/security/audit-packages > In directory netbsd.hut.fi:/tmp/cvs-serv6663 > > Log Message: > Initial import of a package to scan a vulnerability list, looking for > installed packages which are insecure and open to exploitation. > > The original idea came from Roland Dowdeswell and Bill Sommerfeld, quite > independently, the unorthodox implementation by me. > > This package contains two scripts: > (1) download-vulnerability-list, which downloads a list of vulnerable > packages from the NetBSD ftp server, and > (2) audit-packages, which scans all the packages installed on the > local machine, looking for packages which are vulnerable. > > Status: > > Vendor Tag: TNF > Release Tags: pkgsrc-base > > N pkgsrc/security/audit-packages/Makefile > N pkgsrc/security/audit-packages/files/download-vulnerability-list > N pkgsrc/security/audit-packages/files/audit-packages > N pkgsrc/security/audit-packages/pkg/COMMENT > N pkgsrc/security/audit-packages/pkg/DESCR > N pkgsrc/security/audit-packages/pkg/PLIST > > No conflicts created by this import > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.10.10009210942110.30586-100000>