Unix administration stuff that was hard to find out using Google and caused a lot of try and error. Hereby given back to the net...
Overview on Automated Linux Package Vulnerability Scanning
Submitted by Lars Windolf on 19. September 2012 - 22:35.
I got some really helpful comments on my recent post Scan Linux for Vulnerable Packages. The suggestions on how to do it on Debian and Redhat made me wonder: which distributions provide tools and what are they capable of? So the goal is to check wether each distribution has a way to automatically check for vulnerable packages that need upgrades.
Below you find an overview of the tools I've found and the distributions that might not have a good solution yet.
I know I didn't cover all Linux distributions and I rely on your comments for details I've missed.
Ubuntu doesn't look good here, but maybe there will be some solution one day :-)