installed package vulnerability checker for Red Hat/Centos?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
Mder.hans at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Jeremy C. Reed
Date:  
To: plug-discuss
New-Topics: Re: plug] installed package vulnerability checker for Red Hat/Centos?
Subject: installed package vulnerability checker for Red Hat/Centos?
Does anyone know of a tool for checking if installed packages on a CentOS
system have known vulnerabilities?

I know yum can be used to indicate if updates are available.

But I am looking for something like NetBSD Pkgsrc's audit-packages or
FreeBSD's portaudit -- list name and version of installed package and an
item and/or URL about the vulnerability. For example:

Package xzgv-0.8.0.1nb1 has a remote-code-execution vulnerability, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1060

Thanks!
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-RE: PLUG-discuss Digest, Vol 15, Issue 88Re: OT: backpacks->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)