* Cyril Bouthors:
> [EMAIL PROTECTED]:~# debsecan --only-fixed --suite sarge
> CVE-2005-0034 libdns11 (fixed, remotely exploitable, obsolete)
^^^^^^^^
"obsolete" means that a package of that name is no longer available
from the archive. The correct "fix" is to upgrade the packages
depending on this one, and then remove it. aptitude provides a list
of similar packages, in the "Obsolete and Locally Created Packages"
section (at least in the unstable version, I haven't checked the sarge
version).
> I plan to use debsecan with Nagios periodically and automatically in
> order to generate notifies as soon as one my servers is compromised.
> I wish debsecan will soon return no output if nothing is compromised.
I think you mean "known to be vulnerable" instead of "compromised".
This sounds like an interesting application. If you find the output
format too difficult to parse, I can add yet another one to
accommodate your needs.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
