Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies

I can tally up the results, and also so I can improve the tool to have fewer false positives in the future. If you think the report is missing something that would make it easier to read, be sure to tell me. Thanks, Silvio Cesare Deakin University http://www.FooCodeChu.com

Re: Audit of Debian/Ubuntu for unfixed vulnerabilities because of embedded code copies

Last I checked, ia32-libs on squeeze didn't have the openssl patches for 0.9.8. I may have to check more thoroughly to be sure. It might have some other vulns as well. -- Silvio On Mon, Jul 2, 2012 at 8:27 PM, Bernd Zeimetz be...@bzed.de wrote: On 07/02/2012 10:53 AM, Silvio Cesare wrote: Hi

CPE lists was Re: Equivalent packages between Linux distributions

://svn.debian.org/wsvn/secure-testing/data/CPE/list%20to document the equivalent packages in Fedora. This should work fine for other Distributions also. -- Silvio Cesare

Re: Equivalent packages between Linux distributions

, Silvio Cesare wrote: I have generated a list of roughly equivalent packages between Linux distributions (currently Debian 5 and Fedora 13). The list is automatically generated. [...] Hi Silvio, thank you for your work, it is extremely valuable work. I'm currently at a cross

Equivalent packages between Linux distributions

is based on similarity between source packages. Do you think such a list could be useful to Debian? A possible use would be that a user could identify an equivalent package knowing only Fedora's package name. Please CC me on any responses. -- Silvio Cesare