Re: Interpreting debsecan output
On 2022-11-02, Andy Smith <andy@strugglers.net> wrote:
>
> So why is debsecan reporting this as a security issue?
>
> This is a very old host that has been continually upgraded since Debian
I don't really know, but maybe because
Much like the official Debian security advisories, debsecan's
vulnerability tracking is mostly based on source packages. This can be
confusing because tools like dpkg only display binary package names.
Therefore, debsecan displays the more familiar binary package names.
This has the unfortunate effect that all binary packages (including
packages containing only documentation, for example) are flagged as
vulnerable, and not only those packages which actually contain the
vulnerable code.
I don't even understand that paragraph! Sorry for the interruption!
Reply to: