Avatar Hund

Linux, plaintext & minimalism

February 6, 2019

How to stay updated about security vulnerabilities on Gentoo Linux

One of the most basic and probably one of the most important thing you can do to keep your system less insecure, is to simply keep it updated. But—for obvious reasons—installing every single update might not always be the most desirable for thing for some users running Gentoo Linux.

Keeping yourself updated on all the possible security vulnerabilities for your packages isn’t an easy or fun task though. Thanks to the website Gentoo Linux Security Advisories (GLSA) that’s not an issue! All the security vulnerabilities and its solutions for Gentoo Linux gets published there for easy access.

And besides visiting the website itself, there’s also 3 optional and handy ways of easily staying informed about the news there; via a handy command-line tool, via e-mail and via two news feeds.

All the information mentioned below can be found on their website here: Stay informed – Gentoo Linux.

The command-line tool

The tool glsa-check comes bundled with the package app-portage/gentoolkit and it can check if any of your installed packages is affected:

$ glsa-check -t affected
This system is not affected by any of the listed GLSAs

It can do a few other things as well. To list all the available options just run glsa-check without any arguments.

E-mail

All advisories are posted to the gentoo-announce mailing list. You can subscribe by sending an emtpy e-mail to gentoo-announce+subscribe@lists.gentoo.org. A confirmation e-mail will be sent back to you and you need to reply to the message to complete the subscription.

News feeds

They also offer two news feeds that you can subscribe to:

Feedback

I don't have a commenting system on my blog because I haven't found one that I like. All feedback and hellos can be done via either e-mail, XMPP or Mastodon.