the scripts linked above were not working for me. i've modified them to work
with the latest release of debsecan and included a bit more background,
prerequisites, and detailed instructions in this gist:
https://gist.github.com/khimaros/21db936fa7885360f7bfe7f116b78daf
Control: tag -1 +patch
On 2017-04-13 13:14:37, Paul Wise wrote:
> On Sat, 28 Nov 2015 10:47:54 +0800 Paul Wise wrote:
>
>> There were a couple of bugs, now I am using this:
>
> I've now integrated it into apt, fixed dbgsym and
> moved it out of /etc into /var.
I've reviewed pabs' script and impro
On Sat, 28 Nov 2015 10:47:54 +0800 Paul Wise wrote:
> There were a couple of bugs, now I am using this:
I've now integrated it into apt, fixed dbgsym and
moved it out of /etc into /var.
/etc/apt/apt.conf.d/99debsecan:
APT::Update::Pre-Invoke { "/usr/sbin/debsecan-apt-priority"; };
/usr/sbin/deb
On Sat, 21 Nov 2015 13:02:28 +0800 Paul Wise wrote:
> I've made a simple proof-of-concept for this:
There were a couple of bugs, now I am using this:
#!/bin/sh
# https://bugs.debian.org/725934
for pkg in $(debsecan | grep -E '\(fixed(\)|, )' | cut -d\ -f2 | sort -u) ; do
cat <> /etc/ap
On Thu, 10 Oct 2013 11:28:10 +0800 Paul Wise wrote:
> It would be nice if debsecan could write out an apt preferences file
> for packages that have a security issue fixed in unstable such that
> when I do apt-get upgrade I will get the security issues fixed before
> the packages migrate to testing
Package: debsecan
Version: 0.4.16+nmu1
Severity: wishlist
I am running a mixed testing/unstable system and I manually upgrade
packages to unstable when a CVE has been fixed in unstable but the fix
hasn't yet migrated to testing. I am using pinning to keep most packages
at the testing version and
6 matches
Mail list logo
