debsecan in Ubuntu

Jamie Jones hentai_yagi at
Wed Jan 18 14:36:46 GMT 2006

On Wed, 2006-01-18 at 13:43 +0100, Reinhard Tartler wrote:
> Am Dienstag, den 17.01.2006, 20:05 +0100 schrieb Florian Weimer:
> > I see you've somehow included the debsecan package in Ubuntu:
> > 
> >   <>
> > 
> > In order to work properly, debsecan needs detailed vulnerability
> > information--which is currently not available for Ubuntu.  That's why
> > I think you should remove this package from your distribution.
> Thank you for your notice. Does anyone has objections to remove this
> package or does anyone intend to work on it so it becomes useful on
> ubuntu systems? If not I'd agree to Florian and would request removal of
> debsecan

This looks like it could a be really useful program (well at least to me
anyway), but I've taken a look at the source package, and I can't find
any instructions on how one would generate vulnerability information for
it from Ubuntu (or other derivatives).

Florian, would you happen to have instructions on how to generate this
data ? Presumably it would need access to the Ubuntu build
infrastructure to do this, but it seems to be a useful security tool.

Martin, assuming we can generate a data feed, what do you think ? Would
you use it ?

Jamie Jones
E-Yagi Consulting
ABN: 32 138 593 410
Mob: +61 4 16 025 081
Email: at

GPG/PGP signed mail preferred. No HTML mail. No MS Word attachments
PGP Key ID 0x4B6E7209
Fingerprint E1FD 9D7E 6BB4 1BD4 AEB9 3091 0027 CEFA 4B6E 7209
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the ubuntu-devel mailing list