[Freedombox-discuss] Open security problems on the Freedombox?

Mon Jun 13 21:25:20 UTC 2016

Just for fun, I installed debsecan on my Freedombox and ran it to get a
list of security issues for the installed set of packages.  This is the
result:

# debsecan | awk '{print $2}' | sort | uniq -c | sort -nr
     21 libtiff5
     14 linux-image-4.6.0-1-amd64
      7 php5-pgsql
      7 php5-common
      4 busybox
      3 libxslt1.1
      3 libisc-export95
      3 libdns-export100
      2 wpasupplicant
      2 openssl
      2 ntp
      2 nscd
      2 multiarch-support
      2 locales-all
      2 locales
      2 libxml2
      2 libssl1.0.2
      2 libpng12-0
      2 libicu55
      2 libc-l10n
      2 libc-bin
      2 libc6
      1 rsync
      1 policykit-1
      1 network-manager
      1 libprotobuf9v5
      1 libpolkit-gobject-1-0
      1 libpolkit-backend-1-0
      1 libpolkit-agent-1-0
      1 libnss3
      1 libnm-util2
      1 libnm-glib4
      1 libnm0
      1 libgcrypt20
      1 gir1.2-networkmanager-1.0
      1 cpio
      1 coreutils
#

This list look like something we want to monitor regularly.  Anyone got
an idea how to best do that?

The source package status can be looked up using
<URL: https://security-tracker.debian.org/tracker/source-package/coreutils >
and simliar.

-- 
Happy hacking
Petter Reinholdtsen