As part of the discussion on 3rdparty and security at QtCS, I took an action to look into what we use in Clear Linux to monitor for reported vulnerabilities.
Currently, we use https://github.com/clearlinux/cve-check-tool. This is going to be replaced with CVEMAN - https://github.intel.com/kcwells/cveman. Both tools consume the feed from the National Vulnerability Database from the US NIST - https://nvd.nist.gov/. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel Open Source Technology Center _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
