cvechecker 3.8 released

A new release is now available for the cvechecker application. This is a stupid yet important bugfix release: the 3.7 release saw all newly released CVEs as being already known, so it did not take them up to the database. As a result, systems would never check for the new CVEs.

It is recommended to remove any historical files from /var/lib/cvechecker/cache like so:

~# rm /var/lib/cvechecker/cache/nvdcve-2.0-2017.*
~# rm /var/lib/cvechecker/cache/nvdcve-2.0-modified.*

This will make sure that the next run of pullcves pull will re-download those files, and attempt to load the resulting CVEs back in the database.

Sorry for this issue :-(

more ...


New cvechecker release

A short while ago I got the notification that pulling new CVE information was no longer possible. The reason was that the NVD site did not support uncompressed downloads anymore. The fix for cvechecker was simple, and it also gave me a reason to push out a new release (after two years) which also includes various updates by Christopher Warner.

So cvechecker 3.6 is now available for general consumption.

more ...

cvechecker 3.3 released

I just uploaded a new release of cvechecker to the project files. The release is a (long overdue) bugfix release, but includes two small enhancements: support standard input for the binary list (so you can pipe the output of one command to cvechecker) and the introduction of the CVECHECKER_CONFFILE variable …

more ...