From Mageia wiki
(→Command line tool) |
(→Sources) |
||
Line 74: | Line 74: | ||
= Sources = | = Sources = | ||
− | Sources are available [http:// | + | Sources are available [http://gitweb.mageia.org/software/infrastructure/mgaadvisories/ on git]. |
Revision as of 14:11, 18 September 2013
mgaadv is a command line tool that can be used to query the advisories database. It is also the tool that is used to generate the advisories website.
Installation
# urpmi mga-advisories
Command line tool
Download / update the advisories database :
$ mgaadv update New advisories have been downloaded : MGAA-2013-0031 . Updated python-gobject packages fix wrong types for 3 elements MGAA-2013-0030 . Adding mtpaint to Mageia 2 ...
List advisories :
$ mgaadv list MGAA-2013-0031 . Updated python-gobject packages fix wrong types for 3 elements MGAA-2013-0030 . Adding mtpaint to Mageia 2 MGAA-2013-0029 . VLC upgrade for bug fixes MGAA-2013-0028 . Updated apache-mod_auth_kerb package fixes typo in module configuration MGAA-2013-0027 . Updated faenza-icon-theme package fixes distributor-logo MGAA-2013-0026 . Updated qupzilla package fixes save problems ...
List advisory fixing a CVE :
$ mgaadv list CVE-2013-3571 MGASA-2013-0159 . Updated socat package fixes security vulnerability
List advisories for a package :
$ mgaadv list libraw MGASA-2013-0167 . Updated libraw packages fix security vulnerability
It possible to filter list by CVE, package, media, update type (bugfix or security), distribution release or a combination of those.
Show an advisory :
$ mgaadv show MGASA-2013-0166 MGASA-2013-0166 - Updated libvirt packages fix security vulnerability Publication date: 06 Jun 2013 URL: http://advisories.mageia.org/MGASA-2013-0166.html Type: security Affected Mageia releases: 3 CVE: CVE-2013-1962 Description: It was found that libvirtd leaked file descriptors when listing all volumes for a particular pool. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to cause libvirtd to consume all available file descriptors, preventing other users from using libvirtd services (such as starting a new guest) until libvirtd is restarted (CVE-2013-1962). References: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1962 - https://rhn.redhat.com/errata/RHSA-2013-0831.html - https://bugs.mageia.org/show_bug.cgi?id=10345 SRPMS: - 3/core/libvirt-1.0.2-7.1.mga3
Sources
Sources are available on git.