Source: ivulncheck
Section: admin
Priority: optional
Maintainer: Gaetan Egger <gaetan.egger@infomaniak.com>
Build-Depends:
 debhelper (>= 10),
 dh-python,
 openstack-pkg-tools (>= 75~),
 python3-all,
 python3-pbr,
 python3-setuptools,
 python3-sphinx <!nodoc>,
Build-Depends-Indep:
 python3-apt,
 python3-flask,
 python3-pymongo,
Standards-Version: 4.1.4
Vcs-Browser: https://salsa.debian.org/gegger-guest/ivulncheck
Vcs-Git: https://salsa.debian.org/gegger-guest/ivulncheck.git
Homepage: https://salsa.debian.org/gegger-guest/ivulncheck

Package: ivulncheck-agent
Architecture: all
Depends:
 ${misc:Depends},
Description: reports cluster security vulnerabilities and fixes - Agent
 Ivulncheck is a security tool to centralize the search of vulnerabilities and
 fixes concerning packages on a cluster. It leverages already existing tools
 and services such as debsecan and the Debian and Ubuntu CVE trackers to create
 a centralized database of known vulnerabilities and updates.
 .
 A tiny Ivulncheck agent shell script must be deployed on each node of the
 cluster to report its existing deployed packages (only Ubuntu and Debian are
 supported). Then, several commands can be executed to search vulnerabilities
 and determine available security updates. Four main sources are used :
 .
  * debsecan for Debian hosts.
  * ubuntu-cve-tracker for Ubuntu hosts.
  * CVE-Search for custom installed application (manually configuration
    needed).
  * madison-lite (to complete missing fixes due to possibly outdated sources,
    missing sources or non referenced vulnerabilities).
 .
 Eventually, you can get information (installed packages, monitored hosts,
 known vulnerabilities an available fixes) directly from the API, or through
 a web interface that provides a graphical rendering of the information.
 .
 This package contains the agent. It is designed to be as much as possible
 dependents less.

Package: ivulncheck-api
Architecture: all
Depends:
 adduser,
 apache2,
 bzr,
 ca-certificates,
 curl,
 libapache2-mod-wsgi-py3,
 madison-lite,
 mongodb-server,
 python3-apt,
 python3-flask,
 python3-pymongo,
 rsync,
 wget,
 ${misc:Depends},
 ${python3:Depends},
Description: reports cluster security vulnerabilities and fixes - API
 Ivulncheck is a security tool to centralize the search of vulnerabilities and
 fixes concerning packages on a cluster. It leverages already existing tools
 and services such as debsecan and the Debian and Ubuntu CVE trackers to create
 a centralized database of known vulnerabilities and updates.
 .
 A tiny Ivulncheck agent shell script must be deployed on each node of the
 cluster to report its existing deployed packages (only Ubuntu and Debian are
 supported). Then, several commands can be executed to search vulnerabilities
 and determine available security updates. Four main sources are used :
 .
  * debsecan for Debian hosts.
  * ubuntu-cve-tracker for Ubuntu hosts.
  * CVE-Search for custom installed application (manually configuration
    needed).
  * madison-lite (to complete missing fixes due to possibly outdated sources,
    missing sources or non referenced vulnerabilities).
 .
 Eventually, you can get information (installed packages, monitored hosts,
 known vulnerabilities an available fixes) directly from the API, or through
 a web interface that provides a graphical rendering of the information.
 .
 This package contains the REST API server.

Package: ivulncheck-client
Architecture: all
Depends:
 ${misc:Depends},
 ${python3:Depends},
Description: reports cluster security vulnerabilities and fixes - Client
 Ivulncheck is a security tool to centralize the search of vulnerabilities and
 fixes concerning packages on a cluster. It leverages already existing tools
 and services such as debsecan and the Debian and Ubuntu CVE trackers to create
 a centralized database of known vulnerabilities and updates.
 .
 A tiny Ivulncheck agent shell script must be deployed on each node of the
 cluster to report its existing deployed packages (only Ubuntu and Debian are
 supported). Then, several commands can be executed to search vulnerabilities
 and determine available security updates. Four main sources are used :
 .
  * debsecan for Debian hosts.
  * ubuntu-cve-tracker for Ubuntu hosts.
  * CVE-Search for custom installed application (manually configuration
    needed).
  * madison-lite (to complete missing fixes due to possibly outdated sources,
    missing sources or non referenced vulnerabilities).
 .
 Eventually, you can get information (installed packages, monitored hosts,
 known vulnerabilities an available fixes) directly from the API, or through
 a web interface that provides a graphical rendering of the information.
 .
 This package contains the CLI REST API client.

Package: ivulncheck-web
Architecture: all
Depends:
 adduser,
 apache2,
 ca-certificates,
 libjs-bootstrap,
 libjs-d3,
 libjs-jquery,
 libapache2-mod-wsgi-py3,
 python3-flask,
 python3-flaskext.wtf,
 ${misc:Depends},
 ${python3:Depends},
Description: reports cluster security vulnerabilities and fixes - Web GUI
 Ivulncheck is a security tool to centralize the search of vulnerabilities and
 fixes concerning packages on a cluster. It leverages already existing tools
 and services such as debsecan and the Debian and Ubuntu CVE trackers to create
 a centralized database of known vulnerabilities and updates.
 .
 A tiny Ivulncheck agent shell script must be deployed on each node of the
 cluster to report its existing deployed packages (only Ubuntu and Debian are
 supported). Then, several commands can be executed to search vulnerabilities
 and determine available security updates. Four main sources are used :
 .
  * debsecan for Debian hosts.
  * ubuntu-cve-tracker for Ubuntu hosts.
  * CVE-Search for custom installed application (manually configuration
    needed).
  * madison-lite (to complete missing fixes due to possibly outdated sources,
    missing sources or main referenced vulnerabilities).
 .
 Eventually, you can get information (installed packages, monitored hosts,
 known vulnerabilities an available fixes) directly from the API, or through
 a web interface that provides a graphical rendering of the information.
 .
 This package contains the Web Interface.

Package: ivulncheck-doc
Architecture: all
Section: doc
Build-Profiles: <!nodoc>
Depends:
 ${misc:Depends},
 ${sphinxdoc:Depends},
Description: reports cluster security vulnerabilities and fixes - Agent
 Ivulncheck is a security tool to centralize the search of vulnerabilities and
 fixes concerning packages on a cluster. It leverages already existing tools
 and services such as debsecan and the Debian and Ubuntu CVE trackers to create
 a centralized database of known vulnerabilities and updates.
 .
 This package provides ivulncheck documentation.
