A CVE tool
Redhat publishes CVE's. Which is good :)
What would be better, is a small (and lite weight) tool which can understand the CVE file format and looks in your local installation (rpm database) to see if any of these cve's impact the system.
This little tool could then be the building block for satellite things etc.
Something like...
cve_checker --help
cve_checker --file http://my.local.server/latest-cve.xml
cve_checker --file file:////tmp/where/cron/put/it/latest-cve.xml --output xml
cve_checker --config /etc/cve_check/cve_check.conf
So the cve file location can be specified, different outputs can be provided to provide nice inputs for other scripts....
Ok, i agree that XML is not a nice input for other scripts or commands...