debsecan

Debian Security Analyzer, a tool to list vulnerabilities on a particular Debian installation.

• List vulnerable installed packages on the current host:

debsecan

• List vulnerable installed packages of a specific suite:

debsecan --suite {release_code_name}

• List only fixed vulnerabilities:

debsecan --suite {release_code_name} --only-fixed

• List only fixed vulnerabilities of unstable ("sid") and mail to root:

debsecan --suite {sid} --only-fixed --format {report} --mailto {root} --update-history

• Upgrade vulnerable installed packages:

sudo apt upgrade $(debsecan --only-fixed --format {packages})

Copyright © 2014—present the tldr-pages team and contributors.

This work is licensed under the Creative Commons Attribution 4.0 International License (CC-BY).