Re: Scalable Debian vulnerability tracking
you might have a look at apt-dater (part of unstable ). It is uses
SSH to retrieve package informations from client hosts using public key
authentification and uses sudo to call apt-get/sudo. It is a ncurses
based CLI, but it has a report function to retrieve distri name &
version, kernel version (and check if a reboot is required), package
versions etc. as a XML file - so you could do anything with the result.
This work very well for us to keep around 100 hosts up to date.