On Sun, Jun 02, 2013 at 02:43:15PM +0200, enclair wrote: > I'd like a tool similar to portaudit in FreeBSD or debscan in Debian. This > tool should list all packages which have a security issue. Currently there > is yum-security-plugin but it lists packages only if an update is > available. The new tool would list vulnerable packages even if no update is > available yet, so that the user can take precaution. You probably want SCAP (specifically OpenSCAP). It's the proper solution for all of this. However the real issue is going to be that the OpenSCAP vulnerability databases for Fedora are not maintained. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjones/virt-df/ -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
