I have a project idea regarding the extension of portaudit (which now
solely relies on the vuxml data from security/vuxml) to additionally
parse OVAL (CVE) data from the SCAP project.
http://nvd.nist.gov/scap.cfm
http://oval.mitre.org/
I see that they already have a schema definition for FreeBSD found here:
http://oval.mitre.org/language/download/schema/version5.5/index.html
I could see this turning into a oval2portaudit tool accompanied by a
modification of portaudit (if necessary) to accomodate
additional/disparate data sources.
--
Realization #2031: That the "meaning of life" is now just another Google
search.
Mark D. Foster <[EMAIL PROTECTED]>
http://mark.foster.cc/ | http://conshell.net/
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
