arch-audit 0.1.1

An utility like pkg-audit for Arch Linux based on Arch CVE Monitoring Team data
arch-audit-0.1.1 is not a library.
Visit the last successful build: arch-audit-0.1.19

arch-audit

crats.io Build Status

pkg-audit-like utility for Arch Linux.

Uses data collected by the awesome Arch CVE Monitoring Team.

This is WIP.

Installation

From AUR

The PKGBUILD is available on AUR.

After the installation just execute arch-audit.

From sources

git clone https://github.com/ilpianista/arch-audit
cd arch-audit
cargo build
cargo run

Example output

$ arch-audit
Package wpa_supplicant is affected by ["CVE-2016-4477", "CVE-2016-4476"]. VULNERABLE!
Package libtiff is affected by ["CVE-2015-7554", "CVE-2015-8683"]. VULNERABLE!
Package openssl is affected by ["CVE-2016-2177", "CVE-2016-2178", "CVE-2016-2179", "CVE-2016-2180", "CVE-2016-2181", "CVE-2016-2182", "CVE-2016-2183", "CVE-2016-6302", "CVE-2016-6303", "CVE-2016-6304", "CVE-2016-6306"]. Update to 1.0.2.i-1!
Package linux is affected by ["CVE-2016-5244", "CVE-2016-5243"]. VULNERABLE!
Package crypto++ is affected by ["CVE-2016-7420"]. VULNERABLE!
Package xerces-c is affected by ["CVE-2015-0252"]. Update to 3.2.1-1!
Package giflib is affected by ["CVE-2015-7555"]. Update to 5.2.1-1!
Package jasper is affected by ["CVE-2015-5203"]. VULNERABLE!

$ arch-audit --upgradable --quiet
openssl>=1.0.2.i-1
giflib>=5.2.1-1
xerces-c>=3.2.1-1