Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Linux vulnerability patches

    I believe Microsoft offers a database of sorts (in XML format - mssecure.xml) which provides all the patch related information (product name, patch name, patch download URL, info on what the vulnerability is all about) for Microsoft products; which is used by some of the Patch Management tools (Shavlik's HFNetChkPro?).

    Now, I would want to know if something is like this is available for Linux distributions and other Linux related packages. I understand that there are sites like CVE, ICAT etc. which offer vulnerability information (collection). Had a look at them but they seem to be listing details for all types vulnerabilities (including system problems) for all types of products. Firstly I need to parse, the CVE database to locate the Linux related vulnerabilities. And then, I dont find the "patch download" URLs for most vulnerabilities.. there are some URLs but they dont lead to the "patches" as such.

    My requirements are something like this :

    1. Is something as comprehensive as mssecure.xml available for Linux distributions (RedHat, Debian etc.) and related packages ? 2. For Linux patching, what information do the PM tools use to identify vulnerabilities .. CVE database ? (or something similar ?) 3. Are the patches downloaded from respective sites of different Linux distributions or some central repository ? Would like to know if some specific sites are used and if so what are they ?


  2. #2
    Linux User
    Join Date
    Jan 2003
    Cardiff, Wales


    I use the up2date tool in fedora, patches well new patched versions of stuff are released and I install them.. there's always an advisory notice regarding whats changed.
    No trees were harmed during the creation of this message. Its made from a blend of elephant tusk and dolphin meat.

  3. #3
    Your distributions web page should have something on it. I'm not really familiar with the others, but RedHat has this page -
    You can probably find something for Debian, Mandrake, Gentoo etc...

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts