Re: debsecan does not report a vulnerability?

To: Debian User <debian-user@lists.debian.org>
Subject: Re: debsecan does not report a vulnerability?
From: l0f4r0@tuta.io
Date: Tue, 7 Jul 2020 23:21:32 +0200 (CEST)
Message-id: <[🔎] MBf8w3U--3-2@tuta.io>
In-reply-to: <[🔎] 20200707072347.GA58240@admin.sibptus.ru>
References: <20200507091127.GA16337@admin.sibptus.ru> <[🔎] 20200707072347.GA58240@admin.sibptus.ru>

Hi,

7 juil. 2020 à 09:23 de vas@sibptus.ru:

> After reading your replies and the Debian security advisories, I made up
> my mind that I probably just want to now if new versions of packages are
> available in the repos. Perhaps it's the best thing I can do about
> vulnerabilities. 
>
> So I wrote the following UserParameter for the Zabbix agent, and I think
> I've found it useful already:
>
> # Number of upgradable packages
> UserParameter=packages.upgradeable,if [ -x /usr/bin/apt-get ] ; then /usr/bin/apt-get upgrade -s | grep -c '^Inst' ; elif [ -x /usr/bin/yum ] ; then /usr/bin/yum check-update | grep -c 'updates$'; else echo "1" ; fi
>
> It does not require any extra utilities to estimate the number of
> upgradeable packages.
>
Regarding APT, don't forget first to do:
apt update
...otherwise you won't get so many upgrades available ;)
Why not just counting results of:
apt list --upgradable
or
apt list --upgradeable
?
NB: Personally, I prefer apticron :)

Best regards,
l0f4r0

Reply to:

Follow-Ups:
- Re: debsecan does not report a vulnerability?
  - From: Victor Sudakov <vas@sibptus.ru>

References:
- Re: debsecan does not report a vulnerability?
  - From: Victor Sudakov <vas@sibptus.ru>

Prev by Date: Re: Firefox non-ESR update needed
Next by Date: Re: Firefox non-ESR update needed
Previous by thread: Re: debsecan does not report a vulnerability?
Next by thread: Re: debsecan does not report a vulnerability?
Index(es):
- Date
- Thread