Does anyone know of a tool for checking if installed packages on a CentOS
system have known vulnerabilities?
I know yum can be used to indicate if updates are available.
But I am looking for something like NetBSD Pkgsrc's audit-packages or
FreeBSD's portaudit -- list name and version of installed package and an
item and/or URL about the vulnerability. For example:
Package xzgv-0.8.0.1nb1 has a remote-code-execution vulnerability, see
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1060
Thanks!
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)