UST2DSA

This tool aims to enable Ubuntu users to leverage Debian's debsecan vulnerability analysis and reporting tool.

Feeding from the Ubuntu CVE Tracker, it produces vulnerability databases suitable for debsecan.

Usage

For end-users

Ubuntu since eoan (19.10)

debsecan --suite $(lsb_release --codename --short) --source https://raw.githubusercontent.com/BBVA/ust2dsa/data/

Ubuntu (any release)

CAVEAT EMPTOR: The list of available fixes for your particular system won't be produced in this case.

debsecan --source https://raw.githubusercontent.com/BBVA/ust2dsa/data/

For database maintainers

Installation

sudo snap install ust2dsa

Usage

        ust2dsa                                 \
          --generic                             \
          --release=groovy                      \
          --release=focal                       \
          --release=eoan                        \
          --release=bionic                      \
          --release=xenial                      \
          --release=trusty                      \
          /path/to/git-repo/of/ubuntu-cve-tracker/active/CVE-*

Data feed

This git repository has an orphan branch named data. In this branch, vulnerability information from the Ubuntu CVE Tracker is compiled in debsecan format every 6 hours.