I've reported this upstream, since I don't see that this bug will get fixed any other way: https://sourceforge.net/tracker/?func=detail&aid=3614595&group_id=29880&atid=397597
I'm dubious about calling this a security vulnerability. I can see your logic, but this bug's root cause is the fundamental design of check_apt (fragile apt-get simulation parsing) causing it to not work for security purposes at all. I'd love to see this fixed, but it might be better to just write an entirely separate plugin based on calling /usr/lib/update- notifier/apt-check instead. In that case, it might be better to just say that check_apt is unsuitable for detecting security updates on Ubuntu, and what you really have is a wishlist bug for a different plugin that *is* capable of it. Since /usr/lib/update-notifier/apt-check is machine readable, such an alternative plugin could be about five lines of shell. I have asked if such a contribution would be welcome in the upstream bug. Anyway, how to classify this bug isn't really going to change anything. I have asked upstream for comments on a suitable fix. A working interface to get the required information is available. We can follow whatever they decide to do. ** Bug watch added: SourceForge.net Tracker #3614595 http://sourceforge.net/support/tracker.php?aid=3614595 ** Also affects: nagios-plugins via http://sourceforge.net/support/tracker.php?aid=3614595 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Server Team, which is a bug assignee. https://bugs.launchpad.net/bugs/1031680 Title: check_apt always report 0 critical updates To manage notifications about this bug go to: https://bugs.launchpad.net/nagios-plugins/+bug/1031680/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
