rootkit checking

[Ralf Mardorf]

On Mon, 24 Oct 2016 14:26:43 -0500, Jay Ridgley wrote:
>On 10/24/2016 12:29 PM, Ralf Mardorf wrote:
>> Better read each day https://www.ubuntu.com/usn/ and gauge what to
>> do,  
>
>Ralf,
>Just spent some time going through the list for 16.04 LTS. Good 
>information that I was not aware of being available, thanks.
>
>Do the fixes for the items listed in USN show up by the CVE number
>when they are fixed/patched/corrected by the Software Updates that are 
>regularly issued(and In my case, applied)? If so, how do I see them?
>if not why not.

You should read this page. On top there are links, consider to follow
them ->

http://people.canonical.com/~ubuntu-security/cve/ -> 

http://people.canonical.com/~ubuntu-security/cve/main.html ->

http://people.canonical.com/~ubuntu-security/cve/priority.html

I don't care about Ubuntu security much, since my daily distro isn't
Ubuntu. For the distro I'm using more often, there is a command line too
available and an IMO more clear website, too, but this is a matter of
taste. Perhaps Ubuntu provides also a tool. I don't know, you need
to do the research yourself. The audit tool available for this other
distro displays all installed packages that have vulnerabilities and it
also could show which of those packages are already fixed, even if they
should only be available by a testing repository.

However, both distros Ubuntu and the other distro provide packages as
soon as possible by official repositories, so regular upgrades are all
you need to do. Very dangerous vulnerabilities usually are discussion
topics on general user mailing lists, IOW even on non-security related
mailing lists. Heartbleed comes to mind. IIRC it got fixed at the same
day it was discovered, but before it was discovered, it existed since
years. I might be mistaken. However, even if a fix shouldn't be
available, there would be discussions, so you most likely would notice
it, even without following the vulnerabilities news page or security
mailing lists.

Regards,
Ralf