Hi, I intend to send a real debsecan announcement to debian-devel and debian-security. A draft is included below. Comments are appreciated.
Florian To: debian-devel, debian-security Reply-To: debian-security Subject: [ANN] Debian Security Analyzer It is my pleasure to announce the availability of debsecan, the Debian Security Analyzer. debsecan is a tool which generates a list of vulnerabilities which affect a particular Debian installation. The program runs on the host which is to be checked, and downloads vulnerability information over the Internet. It can send mail to interested parties when new vulnerabilities relevant to a particular Debian host are discovered, or when security updates become available. The underlying vulnerability database is maintained by the Debian testing security team: <http://secure-testing-master.debian.net/> Despite its name, the database is up-to-date with respect to unstable as well, and thanks to the efforts of the testing security team, coverage of stable is getting better and better. debsecan is available as a Debian package, or directly from this web site: <http://www.enyo.de/fw/software/debsecan/> It is designed to work as a stand-alone script, with no dependencies besides Python 2.3 or later. One caveat: Vulnerability information for kernels which are not based on the linux-2.6 package in testing or unstable is still very incomplete. The linux-2.6 package should be covered fairly well, though. _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
