[Development] Monitoring of upstream vulnerabilities
Jason H
jhihn at gmx.com
Tue Jun 19 22:15:18 CEST 2018
> Sent: Tuesday, June 19, 2018 at 3:46 PM
> From: "Thiago Macieira" <thiago.macieira at intel.com>
> To: development at qt-project.org
> Subject: [Development] Monitoring of upstream vulnerabilities
>
> As part of the discussion on 3rdparty and security at QtCS, I took an action
> to look into what we use in Clear Linux to monitor for reported
> vulnerabilities.
>
> Currently, we use https://github.com/clearlinux/cve-check-tool. This is going
> to be replaced with CVEMAN - https://github.intel.com/kcwells/cveman. Both
> tools consume the feed from the National Vulnerability Database from the US
> NIST - https://nvd.nist.gov/.
Is that intel server publicly accessible?
More information about the Development
mailing list