Audit SuSE with zypper: vulnerable packages

Stay up-to-date with security patching is part of a decent security management process. This article looks into vulnerable packages on OpenSuSE and how to detect them.

Summary of Audit SuSE with zypper: vulnerable packages

Proper software management is an important part in keeping your system secured. Acting on time is important, especially when network services have discovered security vulnerabilities. Vulnerable packages Usually packages with known security vulnerabilities, get priority and updates are soon available. The risk in installing these packages is fairly low, as they don’t introduce new features. Instead, they fix the related security hole, which sometimes is nothing more than 1 single character!

Read the full article…

Discover to which package a file belongs to

With the right Linux software tools, it is easy to find to which package a file belongs. Or the opposite, what files are part of an installed package.

Summary of Discover to which package a file belongs to

Sometimes you want to know the related package of a file, before installation, or when it is already there. This is of great help during system hardening or general system cleanups. In this article we have a look at several ways to determine the relationships between files and the package they belong to. We have gathered this information for multiple Linux distributions. Most options used in this article have also a long format option.

Read the full article…