This script is for Slackware 14.2 only and may be outdated.

SlackBuilds Repository

14.2 > System > cve-check-tool (5.6.4)

cve-check-tool is a tool for checking known (public) CVEs. The tool will
identify potentially vunlnerable software packages within Linux
distributions through version matching.

CVEs are only ever potential - due to the various policies of various
distributions, and indeed semantics in versioning within various
projects, it is expected that the tool may generate false positives.

The tool is designed to integrate with a locally cached copy of the
National Vulnerability Database. cve-check-tool downloads the NVD in its
entirety, from 2002 until the current moment. The decompressed XML
database is in excess of 550MB, so this should be taken into account
before running the tool.

Make package list from package database:
( cd /var/log/packages/ ; ls | rev | cut -d- -f3- | \
sed -e s/-/,/ -e s/^/,,/ | rev > /var/log/pkgs.csv )

Check packages via CVEs database:
cve-check-tool -uNc /var/log/pkgs.csv

Maintained by: Serg Bormant
Keywords: cve,security
ChangeLog: cve-check-tool

Homepage:
https://github.com/clearlinux/cve-check-tool

Source Downloads:
cve-check-tool-5.6.4.tar.xz (c5f4247140fc9be3bf41491d31a34155)

Download SlackBuild:
cve-check-tool.tar.gz
cve-check-tool.tar.gz.asc (FAQ)

(the SlackBuild does not include the source)

Validated for Slackware 14.2

See our HOWTO for instructions on how to use the contents of this repository.

Access to the repository is available via:
ftp git cgit http rsync

© 2006-2024 SlackBuilds.org Project. All rights reserved.
Slackware® is a registered trademark of Patrick Volkerding
Linux® is a registered trademark of Linus Torvalds