distribution icon indicating copy to clipboard operation
distribution copied to clipboard
verified publisher icon clearlinux

Intel CVE Binary Tool

Open MarcusPro7 opened this issue 11 months ago • 4 comments

Official package name: cve-bin-tool

License (must be an OSI approved Open Source license):

Download URL of latest release: https://github.com/intel/cve-bin-tool/releases/tag/v3.4

Latest release date (must be recent): Sep 17, 2024

Description: The CVE Binary Tool is a free, open source tool to help you find known vulnerabilities in software, using data from the National Vulnerability Database (NVD) list of Common Vulnerabilities and Exposures (CVEs) as well as known vulnerability data from Redhat, Open Source Vulnerability Database (OSV), Gitlab Advisory Database (GAD), and Curl.

MarcusPro7 avatar Feb 25 '25 20:02 MarcusPro7

Hello,

if i try to install bundle following this command, i cant find it:

$ sudo swupd search cve-bin-tool
Search failed, no reasonable results found

Has the bundle been removed?

MarcusPro7 avatar Feb 26 '25 09:02 MarcusPro7

https://github.com/clearlinux-pkgs/cve-bin-tool it archived, probably got removed you can also use swupd search-file for exact match eg: swupd search-file /usr/bin/cve-bin-tool or similar. (it does partial matching too, so no need for full path)

K1ngfish3r avatar Feb 26 '25 20:02 K1ngfish3r

we had this (as pypi-cve_bin_tool) at some point but it had non-fixed CVEs and a long list of ... interesting.. dependencies so we ended up retiring the component

I'll see if we can figure out how to overcome these

On Wed, Feb 26, 2025 at 12:57 PM K1ngfish3r @.***> wrote:

https://github.com/clearlinux-pkgs/cve-bin-tool it archived, probably got removed you can also use swupd search-file for exact match eg: swupd search-file /usr/bin/cve-bin-tool or similar. (it does partial matching too, so no need for full path)

— Reply to this email directly, view it on GitHub https://github.com/clearlinux/distribution/issues/3275#issuecomment-2686179214, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAJ54FJGBEDQWLF5TJDIUN32RYTFNAVCNFSM6AAAAABX3RPLISVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMOBWGE3TSMRRGQ . You are receiving this because you are subscribed to this thread.Message ID: @.***> [image: K1ngfish3r]K1ngfish3r left a comment (clearlinux/distribution#3275) https://github.com/clearlinux/distribution/issues/3275#issuecomment-2686179214

https://github.com/clearlinux-pkgs/cve-bin-tool it archived, probably got removed you can also use swupd search-file for exact match eg: swupd search-file /usr/bin/cve-bin-tool or similar. (it does partial matching too, so no need for full path)

— Reply to this email directly, view it on GitHub https://github.com/clearlinux/distribution/issues/3275#issuecomment-2686179214, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAJ54FJGBEDQWLF5TJDIUN32RYTFNAVCNFSM6AAAAABX3RPLISVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMOBWGE3TSMRRGQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

fenrus75 avatar Feb 26 '25 21:02 fenrus75

Hi, how can I know when it has been published? Will I see something like clrbuilder added a commit that references this issue?

MarcusPro7 avatar Mar 07 '25 18:03 MarcusPro7