This repository has been archived by the owner on Sep 14, 2019. It is now read-only.

Find pending security updates #425

Open

kpcyrd opened this issue Jan 20, 2018 · 1 comment

kpcyrd commented Jan 20, 2018

I'm looking for something along the lines of debsecan that is able to:

get a list of advisories from debian that have updates on security.debian.org
compare this list with installed packages
report pending security updates to the investigator

The current mig workflow would require explicitly starting investigations for each advisory.

ameihm0912 commented Jan 30, 2018

@kpcyrd you may want to have a look at https://github.com/mozilla/scribe, specifically https://github.com/mozilla/scribe/tree/master/scribevulnpolicy. This generates vulnerability checks for platforms supported by clair, and the actions can be run using MIG's scribe module support.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.