Software Management call for RFEs
Richard W.M. Jones
rjones at redhat.com
Mon Jun 3 08:46:28 UTC 2013
On Sun, Jun 02, 2013 at 02:43:15PM +0200, enclair wrote:
> I'd like a tool similar to portaudit in FreeBSD or debscan in Debian. This
> tool should list all packages which have a security issue. Currently there
> is yum-security-plugin but it lists packages only if an update is
> available. The new tool would list vulnerable packages even if no update is
> available yet, so that the user can take precaution.
You probably want SCAP (specifically OpenSCAP). It's the proper
solution for all of this.
However the real issue is going to be that the OpenSCAP vulnerability
databases for Fedora are not maintained.
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
More information about the devel