Linux vulnerability patches
I believe Microsoft offers a database of sorts (in XML format - mssecure.xml) which provides all the patch related information (product name, patch name, patch download URL, info on what the vulnerability is all about) for Microsoft products; which is used by some of the Patch Management tools (Shavlik's HFNetChkPro?).
Now, I would want to know if something is like this is available for Linux distributions and other Linux related packages. I understand that there are sites like CVE, ICAT etc. which offer vulnerability information (collection). Had a look at them but they seem to be listing details for all types vulnerabilities (including system problems) for all types of products. Firstly I need to parse, the CVE database to locate the Linux related vulnerabilities. And then, I dont find the "patch download" URLs for most vulnerabilities.. there are some URLs but they dont lead to the "patches" as such.
My requirements are something like this :
1. Is something as comprehensive as mssecure.xml available for Linux distributions (RedHat, Debian etc.) and related packages ? 2. For Linux patching, what information do the PM tools use to identify vulnerabilities .. CVE database ? (or something similar ?) 3. Are the patches downloaded from respective sites of different Linux distributions or some central repository ? Would like to know if some specific sites are used and if so what are they ?