Package: debsecan Version: 0.2 Severity: normal First of all let me thank you for the package. I was thinking about hacking up something like that myself but always postponed the project until later on. So thank you very much -- now you've got an active user/tester thus you might get an increase in the amount of bug reports :-)
On my first try of the package I've decided to do full system "security upgrade", so I ran >apt-get install $(debsecan --suite sid --format packages --only-fixed) and it gave me: cpio is already the newest version. libnetpbm10 is already the newest version. libnetpbm9 is already the newest version. linux-image-2.6.12-1-386 is already the newest version. netpbm is already the newest version. I decided to look closer onto cpio package: > dpkg -l cpio ii cpio 2.6-9 GNU cpio -- a program to manage archives of >debsecan --suite sid --format summary --only-fixed | grep cpio CVE-2005-4268 cpio (fixed) http://idssi.enyo.de/tracker/source-package/cpio lists CVE-2005-4268 among "open issues" and the other resolved issues are covered by 2.6-9, thus nothing really has to be upgraded Please let me know if more details necessary Also it would be helpful to track the issue if there was at least some optional debugging output (such vulnerabilities for package X are found, this this and that one are fixed, etc depending on the logic of debsecan) Thanks once again for a nice tool -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (600, 'unstable'), (300, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.13-mm1 Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R) Versions of packages debsecan depends on: ii python 2.3.5-3 An interactive high-level object-o debsecan recommends no packages. -- no debconf information --Yarik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
