Skip to content
This repository was archived by the owner on Oct 20, 2021. It is now read-only.

Latest commit

 

History

History
61 lines (42 loc) · 1.73 KB

README.md

File metadata and controls

61 lines (42 loc) · 1.73 KB

UST2DSA

License check Haskell CI ust2dsa

This tool aims to enable Ubuntu users to leverage Debian's debsecan vulnerability analysis and reporting tool.

Feeding from the Ubuntu CVE Tracker, it produces vulnerability databases suitable for debsecan.

Usage

For end-users

Ubuntu since eoan (19.10)

debsecan --suite $(lsb_release --codename --short) --source https://raw.githubusercontent.com/BBVA/ust2dsa/data/

Ubuntu (any release)

CAVEAT EMPTOR: The list of available fixes for your particular system won't be produced in this case.

debsecan --source https://raw.githubusercontent.com/BBVA/ust2dsa/data/

For database maintainers

Installation

sudo snap install ust2dsa

Usage

        ust2dsa                                 \
          --generic                             \
          --release=groovy                      \
          --release=focal                       \
          --release=eoan                        \
          --release=bionic                      \
          --release=xenial                      \
          --release=trusty                      \
          /path/to/git-repo/of/ubuntu-cve-tracker/active/CVE-*

Data feed

This git repository has an orphan branch named data. In this branch, vulnerability information from the Ubuntu CVE Tracker is compiled in debsecan format every 6 hours.