[cut-team] CUT thoughts
Anthony Towns
aj at erisian.com.au
Mon Aug 16 18:01:27 UTC 2010
On Mon, Aug 16, 2010 at 09:48, Michael Gilbert
<michael.s.gilbert at gmail.com> wrote:
> debsecan already exists to provide such information. One could easily
> write an apt-listsecchanges wrapper around that to achieve what you
> want.
Running debsecan on a lenny box reports a whole bunch of security
vulnerabilities, including a bunch of high-urgency ones. I found one
that I could resolve by removing an unused library, but most of them
don't seem to have fixes available? Is that normal?
I guess more to the point is: is it a problem? If it is, well, fair
enough and shame on us; but if it's not, I guess it'd be a good idea
to have some way of limiting debsecan's output to security problems
that are actual problems?
Cheers,
aj
--
Anthony Towns <aj at erisian.com.au>
More information about the cut-team
mailing list