====== CVE-Check-Tool ======

>cve-check-tool, as its name suggests, is a tool for checking known (public) CVEs. The tool will identify potentially vunlnerable software packages within Linux distributions through version matching. Where possible it will also seek to determine (through a distribution implemention) if a vulnerability has been addressed by way of a patch.
[[https://github.com/clearlinux/cve-check-tool|https://github.com/clearlinux/cve-check-tool]]

===== Installation =====

Clone the git repository
<code>git clone https://github.com/clearlinux/cve-check-tool.git
cd cve-check-tool</code>

Execute autogen.sh
<code>./autogen.sh</code>

You might need some additional packages
<code>
configure: error: Package requirements (
                  glib-2.0 >= 2.36.0,
                  gio-2.0 >= 2.36.0,
                  libxml-2.0 >= 2.9.1,
                  libcurl >= 7.29.0,
                  gobject-2.0 >= 2.0,
                  sqlite3,
                  openssl >= 1.0.0
</code>

If you see the following message "No package 'sqlite3' found" but have sqlite3 installed, also install the following devel package
<code>apt-get install libsqlite3-dev</code>

Install CVE-Check-Tool
<code>./autogen.sh
make
make install</code>

Update the CVE feed
<code>cve-check-update</code>

===== Configuration =====

There is no need to configure anything, but just in case, the files are at the following locations
<code>
/usr/lib/cve-check-tool/
/usr/share/cve-check-tool/
/usr/bin/cve-check-tool
/usr/bin/cve-check-update
</code>