2011/5/30 Jean-François Maeyhieux <b...@free.fr> > I think you may be use this old script as i get used several years ago: > > website: http://www.panhorst.com/glcu/ > ebuild: http://bugs.gentoo.org/show_bug.cgi?id=101827 > > > Hopping this script could help you... It manage daily update > (sync,build) and report via cron/mail. So you've just to install > pre-built package that have been prepared on a daily frequency when you > decide it's ok to do it without lost time. A revdep-rebuild and commit > of new configuration file using a configured dispatch-conf later, your > machine is update. > > I wrote (and still maintain) a package called cvechecker ( http://cvechecker.sourceforge.net) whose purpose is to scan the system for installed software (or you use a simple file that tells the application what is installed so systemwide scans aren't needed then anymore) and pull in information from NVD about CVE entries. It then matches the CVE entries with the detected software/versions on your system and report which ones might be affected by a known vulnerability.
Wkr, Sven Vermeulen
