I've hacked something to check installed packages against the vulnerability database. It's similar to the tsck script, but should handle all package annotations correctly. Most of the logic is server-side; debsecan downloads a compressed, release-specific vulnerability list.
Currently, there's only a darcs repository. Get it and test it: $ darcs get http://darcs.enyo.de/fw/debian/debsecan/debian debsecan $ python debsecan/src/debsecan --suite sid (Or sarge or etch, as needed.) Comments and suggestions are welcome. This tool is still in a very early stage, but I guess it's already pretty useful. _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
