Release Notes: Mainly a bugfix release, but contains a few features such as allowing standard input for the binary list as well as introduction of the CVECHECKER_CONFFILE environment variable.
Release Notes: Reports CVSS scoring when a CVE is potentially applicable to the system. Also fixes some buffer handling code and adds in checks for missing runtime dependencies in the scripts.
Release Notes: This bugfix release sanitizes the user defined key before it is put in the database and fixes a runtime problem when both SQLite and MySQL support are requested.
Release Notes: cvechecker 3.0 brings on watchlists, allowing it to track and report on CVEs for software that it is not able to detect (or that is not installed on your system). Also, along with SQLite 3, MySQL is supported as a back-end database. And if you use MySQL, you will definitely appreciate that the tool now supports multiple client users within the same (MySQL) database.
Release Notes: This release includes the ability to scan changed/added files rather than the entire system, a command that helps to generate version matching rules, and a new switch to report vulnerabilities of software versions that are higher than the software versions you have on your system.
Release Notes: A few small error handling and buffer overflow problems were fixed.
Release Notes: Reporting performance was improved tremendously for recent SQLite libraries. Reporting on found software, regardless of it matching a CVE entry, was added, and quite a few bugs were fixed.
Release Notes: The tool should now build properly on NetBSD and FreeBSD (although more user experience here is still welcome). THis release introduces a cvereport command (example output can be found at the project site), and has lowered its initial dependency requirements. pullcves now only loads the CVE XML changes in the database, rather than iterating across all CVE XML entries.
Release Notes: This release includes internal project files reorganization (more to the liking of the GNU autoconf/automake standards), fixes a database leak bug, and introduces a slightly more intelligent pullcves command (with multiple return code behavior to improve automation efforts). All documentation has been updated, and a pullcves manual page has been added.
Release Notes: Cleanups in the CSV output have been made, and a few sample reporting files have been added. This release fixes a few bugs in file matching support and adds --no-check-certificates to the wget command.