Sam Varshavchik wrote: > Jaigh Jaddo writes: > >> Is there a tool similar to freeBSD's portaudit? Something that will >> report packages that have known vulnerabilities. > > No. For the simple reason that a known vulnerability results in an > updated package. If you want to make sure that you're not running > any known vulnerability, run "yum update". There can be known vulnerabilities that are not fixed yet. I thought that was what Jaigh was asking about, and this is the sort of info that's in the fedora-security/audit files. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ We never reflect how pleasant it is to ask for nothing. -- Seneca
Attachment:
pgpC9e9yfePFS.pgp
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list