pkg audit for multiple servers

Sparkee

Sparkee

Has anyone worked on a solution to gather the pkg audit from multiple servers and create a html/txt/something?
 
It's in the daily security emails done by periodic(8):
Code: 
Checking for security vulnerabilities in base (userland & kernel):
Database fetched: Mon Oct  3 03:30:50 CEST 2022
FreeBSD-13.1_1 is vulnerable:
  FreeBSD -- zlib heap buffer overflow
  CVE: CVE-2022-37434
  WWW: https://vuxml.FreeBSD.org/freebsd/a1323a76-28f1-11ed-a72a-002590c1f29c.html

1 problem(s) in 1 installed package(s) found.

Checking for packages with security vulnerabilities:
Database fetched: Mon Oct  3 03:30:50 CEST 2022
gitlab-ce-15.2.3_4

Checking for packages with mismatched checksums:

-- End of security output --

So, if you collect those in a central 'admin' mailbox you already have it.
 
SirDice said:
It's in the daily security emails done by periodic(8):
Code: 
Checking for security vulnerabilities in base (userland & kernel):
Database fetched: Mon Oct  3 03:30:50 CEST 2022
FreeBSD-13.1_1 is vulnerable:
  FreeBSD -- zlib heap buffer overflow
  CVE: CVE-2022-37434
  WWW: https://vuxml.FreeBSD.org/freebsd/a1323a76-28f1-11ed-a72a-002590c1f29c.html

1 problem(s) in 1 installed package(s) found.

Checking for packages with security vulnerabilities:
Database fetched: Mon Oct  3 03:30:50 CEST 2022
gitlab-ce-15.2.3_4

Checking for packages with mismatched checksums:

-- End of security output --

So, if you collect those in a central 'admin' mailbox you already have it.
Click to expand...
And create a html of it so it can be easily viewed
 
To get those emails you just need to make sure sendmail(8) is still enabled. And just edit /etc/aliases to forward root's mail to a central mailbox:
Code: 
# Pretty much everything else in this file points to "root", so
# you would do well in either reading root's mailbox or forwarding
# root's email from here.

# root: me@my.domain
Don't forget to run newaliases(8) if you changed that file.

You could also create your own /etc/periodic/security/ script and do whatever needs to be done there.
 
You must log in or register to reply here.
Back
Top