Open ikeydoherty opened 8 years ago
Is this still on the roadmap? Is there a way to use cve-check-tool on debian-based systems?
definitely, a nice to have. :+1:
I want to write a plugin for debian packages. Can i get it from anywhere like its written for rpm in cve-check-tool. I want to check cve for debian source packages using this tool.
One more thing is for rpm we cve-check-tool used .spec file to scan a package whereas for debian which file will be used for the same purpose??
This can quite simply be achieved via a transition to
libarchive
and then parsing the files. We'll need to know how to deal with both source and binary versions, for now we'll just use the source data (debian/control
, etc,)