Home

Sven Vermeulen edited this page Apr 8, 2017 · 6 revisions
Clone this wiki locally

Welcome to the cvechecker tool homepage. The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. Indeed, this is not a bullet-proof method and you will most likely have many false positives (vulnerability is fixed with a revision-release, but the tool isn't able to detect the revision itself), yet it is still better than nothing, especially if you are running a distribution with little security coverage.

Still, the tool remains useful. With the proper reporting in place, you are immediately warned when a new CVE has been released that might match your system. You can then take the appropriate steps (acknowledge report, verify incident, fix package or mark as false positive).

The tool however needs your help as well. The most work is to tell cvechecker how to detect which software is installed and what version. For more information, see the cvechecker man-page.

Current release

The current stable release is 3.8, released on 2017/03/27.

Release history

The changelog for the cvechecker tool is available through the git commit log.

Up to the 3.8 release a manual ChangeLog file was in use (alongside the git commit log since the use of Git). This one will not be maintained anymore and is kept for historical reference.

Release history:

  • 2017/03/27 - cvechecker 3.8
  • 2017/03/01 - cvechecker 3.7
  • 2015/11/07 - cvechecker 3.6
  • 2013/09/30 - cvechecker 3.5
  • 2013/09/17 - cvechecker 3.4
  • 2013/09/16 - cvechecker 3.3
  • 2012/11/25 - cvechecker 3.2
  • 2011/04/13 - cvechecker 3.1
  • 2011/04/12 - cvechecker 3.0
  • 2010/12/01 - cvechecker 2.0
  • 2010/10/01 - cvechecker 1.0
  • 2010/09/08 - cvechecker 0.6
  • 2010/09/02 - cvechecker 0.5
  • 2010/08/25 - cvechecker 0.4
  • 2010/08/20 - cvechecker 0.3
  • 2010/08/16 - cvechecker 0.2
  • 2010/08/14 - cvechecker 0.1

Contact

If you want to contact me about this project, you can mail me at sven.vermeulen@siphos.be. Bug reporting can be done through the bug tracker.