On Tue, 20 Sep 2005 07:16:36 -0500 "Brian G. Peterson" <[EMAIL PROTECTED]> wrote:
> On Tuesday 20 September 2005 06:09 am, Calum wrote: > > I prefer the idea that tracking one source (GLSAs) would provide me > > with all the information I needed to keep my Gentoo boxes secure, > > but if we were all to change to a new system, perhaps the kernel > > GLSAs should have overlapped with this new system until it was in, > > tested, and adopted? > > While I think that kernels do need additional information to be > supplied about a potential security hole (kernel security problems > often occur in a module that many people may not use), I agree that > kernel vulnerabilities should be published as GLSAs. > > I subscribe to the GLSA RSS feed, and scan that feed manually against > my installed software list. The glsa-check tool is basically useless > (as of gentoolkit-0.2.1_pre7), as it shows all GLSAs rather than just > GLSAs for tools that correspond to packages installed on the system > it is run on. Can you explain this a bit more? glsa-check hasn't actually changed for a long time. Also make sure you don't confuse the --list option with the --test option. Marius -- Public Key at http://www.genone.de/info/gpg-key.pub In the beginning, there was nothing. And God said, 'Let there be Light.' And there was still nothing, but you could see a bit better.
pgpfBHBUy2MkI.pgp
Description: PGP signature
