From owner-freebsd-security@FreeBSD.ORG Fri Nov 14 16:44:56 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4FBB7106564A for ; Fri, 14 Nov 2008 16:44:56 +0000 (UTC) (envelope-from mark@foster.cc) Received: from mail.bitpusher.com (mail.bitpusher.com [208.75.56.13]) by mx1.freebsd.org (Postfix) with ESMTP id 3CBE18FC0A for ; Fri, 14 Nov 2008 16:44:56 +0000 (UTC) (envelope-from mark@foster.cc) Received: from [192.168.1.17] (c-24-17-96-78.hsd1.wa.comcast.net [24.17.96.78]) by mail.bitpusher.com (Postfix) with ESMTP id BD1BE4C057 for ; Fri, 14 Nov 2008 08:21:04 -0800 (PST) Message-ID: <491DA571.2060105@foster.cc> Date: Fri, 14 Nov 2008 08:21:05 -0800 From: Mark Foster User-Agent: Thunderbird 2.0.0.17 (X11/20080925) MIME-Version: 1.0 To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: portaudit, vuxml & OVAL data X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Nov 2008 16:44:56 -0000 I have a project idea regarding the extension of portaudit (which now solely relies on the vuxml data from security/vuxml) to additionally parse OVAL (CVE) data from the SCAP project. http://nvd.nist.gov/scap.cfm http://oval.mitre.org/ I see that they already have a schema definition for FreeBSD found here: http://oval.mitre.org/language/download/schema/version5.5/index.html I could see this turning into a oval2portaudit tool accompanied by a modification of portaudit (if necessary) to accomodate additional/disparate data sources. -- Realization #2031: That the "meaning of life" is now just another Google search. Mark D. Foster http://mark.foster.cc/ | http://conshell.net/