[arch-general] Arch-Sheriff - A script to match NetBSD vulnerability database against Arch Linux packages
Hi everyone, Some time ago Paulo Matias [1] (member of Arch Linux Brazil) started a very nice project to help improve Arch's security. Paulo created a python script to automatically test Arch's packages against the NetBSD vulnerabilities database. The script can run automatically and generates a text file with the details of all vulnerabilities found. This project is now called Arch-Sheriff (the source is available here [3]) and me and Kessia Pinheiro [2] began to help Paulo in the development. Arch-Sheriff now generates a html page with all vulnerabilities details and a link to them. The page can be found here: http://dev.archlinux.org/~hugo/sheriff/ The idea now is to create a way to notify a package maintainer about the vulnerability and add a way to mark it as fixed in Arch. We also want to create a login so the maintainers can mark all the vulnerabilities that they fixed and a rss feed. Arch-Sheriff is still experimental and there are some things that needs to be fixed. But i think that you guys can see what we pretend and where we are going. :) And, please, tell me what you think about this. Any suggestion is welcome. [1] http://matias.archlinux-br.org [2] http://even.archlinux-br.org [3] http://code.google.com/p/arch-sheriff/ Oh! And BTW, can someone update pacman db in gerolde? I think its a bit old (sheriff got a older version of wireshark and opera, for example). -- Hugo
participants (11)
-
Aaron Griffin
-
Alessio Bolognino
-
Dan McGee
-
François Charette
-
Giovanni Scafora
-
Guilherme M. Nogueira
-
Hugo Doria
-
Israel Junior
-
Paulo Matias
-
raca
-
Sébastien Mazy