Giters

BBVA / ust2dsa

Improves Ubuntu security feed compatibility allowing it to be consumed by Debian vulnerability report tool, debsecan.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

UST2DSA

License check Haskell CI ust2dsa

This tool aims to enable Ubuntu users to leverage Debian's debsecan vulnerability analysis and reporting tool.

Feeding from the Ubuntu CVE Tracker, it produces vulnerability databases suitable for debsecan.

Usage

For end-users

Ubuntu since eoan (19.10)

debsecan --suite $(lsb_release --codename --short) --source https://raw.githubusercontent.com/BBVA/ust2dsa/data/

Ubuntu (any release)

CAVEAT EMPTOR: The list of available fixes for your particular system won't be produced in this case.

debsecan --source https://raw.githubusercontent.com/BBVA/ust2dsa/data/

For database maintainers

Installation

sudo snap install ust2dsa

Usage

        ust2dsa                                 \
          --generic                             \
          --release=groovy                      \
          --release=focal                       \
          --release=eoan                        \
          --release=bionic                      \
          --release=xenial                      \
          --release=trusty                      \
          /path/to/git-repo/of/ubuntu-cve-tracker/active/CVE-*

Data feed

This git repository has an orphan branch named data. In this branch, vulnerability information from the Ubuntu CVE Tracker is compiled in debsecan format every 6 hours.

About

Improves Ubuntu security feed compatibility allowing it to be consumed by Debian vulnerability report tool, debsecan.

License:Apache License 2.0

Languages

Language:Haskell 98.2%Language:Nix 1.8%