1. arch-audit -h
2. Use
3. Pacaudit(AUR)
1. arch-audit -h
| $ arch-audit -h | USAGE: arch-audit [FLAGS] [OPTIONS] | |
| DESCRIPTION: | A utility like pkg-audit for Arch Linux. Based on Arch Security Team data (read more at https://wiki.archlinux.org/index.php/Arch_Security_Team). | 诸如pkg-audit的实用程序, 用于Arch Linux. 基于Arch安全团队数据 |
| FLAGS: | ||
| -h, --help | Prints help information. | 打印帮助信息。 |
| -q, --quiet | Show only vulnerable package names and their versions. Set twice to hide the version also. | 仅显示易受攻击的软件包名及版本. 设置两次以隐藏版本。 |
| -r, --recursive | Prints packages that depend on vulnerable packages and are thus potentially vulnerable as well. Set twice to show the packages that require them as well. Set three times to show ALL the packages that requires them. | 打印依赖于易受攻击软件包的软件包, 因此也可能受到攻击。 设置两次以显示需要它们的软件包。设置三遍以显示所有需要它们的软件包。 |
| -t, --show-testing | Show packages which are in the [testing] repos. See https://wiki.archlinux.org/index.php/Official_repositories#Testing_repositories | 显示在[测试]仓库中的软件包。 |
| -u, --upgradable | Show only packages that have already been fixed. | 仅显示已修复的软件包。 |
| -V, --version | Prints version information. | 打印版本信息。 |
| OPTIONS: | ||
| -b, --dbpath <dbpath> | Set an alternate database location. Defaults to /var/lib/pacman | 设置备用数据库位置. 默认为 /var/lib/pacman |
| -C, --color <when> | Colorize the output; it can be always, auto(default), or never | 着色输出; 它可以始终, 自动(默认)或从不 |
| -f, --format <format> | Specify a format to control the output. Placeholders are %n (pkgname), %c (CVEs) and %v (fixed version) and %r (required by) which is only evaluated when -r is also set. | 指定一种格式来控制输出. 占位符为%n(pkgname), %c(CVE)和%v(固定版本)和%r(要求), 仅在还设置了-r时才进行占位。 |
2. Use
$ arch-audit -r //[-t, -q, -u], 查看当前系统如下, -u参数无输出:
| $ arch-audit -r ( -t, -q ) | $ arch-audit -r | -r ( -t ) |
| Package ffmpeg is affected by CVE-2020-13904. | It's required by chromium, firefox, guvcview-common, vlc. | High risk! |
| Package imagemagick is affected by CVE-2020-13902. | It's required by cups-filters. | Medium risk! |
| Package inetutils is affected by CVE-2019-0053. | It's required by xorg-xinit. | High risk! |
| Package json-c is affected by CVE-2020-12762. | It's required by cryptsetup, libmypaint, ndctl, netdata, psensor. | High risk! |
| Package libupnp is affected by CVE-2020-13848. | It's required by amule, vlc. | Medium risk! |
| Package sqlite is affected by CVE-2020-13871. | It's required by aria2, colord, elfutils, gnupg, libsoup, nss, python2, qt5-base. | High risk! |
| Package unzip is affected by CVE-2018-1000035. | It's required by bookworm. | Low risk! |
查看所有相关安装及更新记录
$ paclog |grep imagemagick
查看安装记录
$ paclog |grep "installed imagemagick" -C 7
[2019-04-06 23:55] [ALPM] running 'xorg-mkfontscale.hook'...
[2019-04-07 17:05] [PACMAN] Running 'pacman -S cups'
[2019-04-07 17:07] [ALPM] transaction started
[2019-04-07 17:07] [ALPM] installed qpdf (8.4.0-1)
[2019-04-07 17:07] [ALPM] installed liblqr (0.4.2-2)
[2019-04-07 17:07] [ALPM] installed libraqm (0.5.0-1)
[2019-04-07 17:07] [ALPM] installed libmagick (7.0.8.37-1)
[2019-04-07 17:07] [ALPM] installed imagemagick (7.0.8.37-1)
3. Pacaudit(AUR)
https://wiki.archlinux.org/index.php/Pacaudit
pacaudit根据 https://security.archlinux.org 上 列出的已知漏洞审核Arch Linux上已安装的软件包。
标签:audit,07,04,2019,CVE,arch 来源: https://www.cnblogs.com/sztom/p/13155369.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。