debsecan in Ubuntu
Florian Weimer
fw at deneb.enyo.de
Wed Jan 18 14:50:04 GMT 2006
* Jamie Jones:
> Florian, would you happen to have instructions on how to generate this
> data ?
The data is maintained by Debian's testing security team. The Python
application which generates the input data for debsecan is available
from the secure-testing Subversion repository. By design, it only
uses publicly available data, and does not depend on dak access or
something like that.
> Presumably it would need access to the Ubuntu build infrastructure
> to do this, but it seems to be a useful security tool.
Well, fist and formost you need a group of people who maintain the
vulnerability information database. If you are interested, you should
really coordinate this with Debian's team. It doesn't make sense to
duplicate the entire effort (especially the public monitoring part).
More information about the Ubuntu-motu
mailing list