glsa-check - Man Page

Tool to locally monitor and manage GLSAs


glsa-check [options] [glsa-id | all | affected]


glsa-check is used to locally monitor and manage Gentoo Linux Security Advisories. In order for glsa-check to be effective, it is required that a local repository exists containing GLSA metadata.


-l, --list
List a summary for the given GLSA(s) or set and whether they affect the system.
-d, --dump, --print
Show all information about the GLSA(s) or set.
-t, --test
Test if this system is affected by the GLSA(s) or set and output the GLSA ID(s).
-p, --pretend
Show the necessary steps to remediate the system.
-f, --fix
(experimental) Attempt to remediate the system based on the instructions given in the GLSA(s) or set. This will only upgrade (when an upgrade path exists) or remove packages.
-i, --inject
Inject the given GLSA(s) into the glsa_injected file.
-n, --nocolor
Removes color from output.
-h, --help
Show this help message.
-V, --version
Show information about glsa-check.
-v, --verbose
Print more messages.
-c, --cve
Show CVE IDs in listing mode.
-q, --quiet
Be less verbose and do not send empty mail.
-m, --mail
Send a mail with the given GLSAs to the administrator.
-r, --reverse
List GLSAs in reverse order


glsa-check -t all Test the system against all GLSAs in the GLSA repository.

glsa-check -t 201801-01 Test the system against the specific GLSA 201801-01.

Exit Values

0 Success

1 Syntax or usage error

2 Missing permissions, solution, etc

6 System is affected by some GLSAs


/var/lib/portage/glsa_injected List of GLSA ids that have been injected and will never show up as ´affected´ on this system. The file must contain one GLSA ID (e.g. ´200804-02´) per line.


All bugs should be reported to the Portage team via


September 2019 Portage VERSION