[Secure-testing-team] Debian Security Analyzer (debsecan)
Florian Weimer
fw at deneb.enyo.de
Wed Dec 14 15:37:29 UTC 2005
I've hacked something to check installed packages against the
vulnerability database. It's similar to the tsck script, but should
handle all package annotations correctly. Most of the logic is
server-side; debsecan downloads a compressed, release-specific
vulnerability list.
Currently, there's only a darcs repository. Get it and test it:
$ darcs get http://darcs.enyo.de/fw/debian/debsecan/debian debsecan
$ python debsecan/src/debsecan --suite sid
(Or sarge or etch, as needed.)
Comments and suggestions are welcome. This tool is still in a very
early stage, but I guess it's already pretty useful.
More information about the Secure-testing-team
mailing list