Uses data collected by the awesome Arch Security Team.
Latest release from official repositories
pacman -S arch-audit
Development version from AUR
The PKGBUILD is available on AUR.
After the installation just execute
Development version from sources
git clone https://github.com/ilpianista/arch-audit cd arch-audit cargo build cargo run
$ arch-audit Package bzip2 is affected by CVE-2016-3189. Medium risk! Package curl is affected by CVE-2016-9594, CVE-2016-9586. Update to 7.52.1-1! Package gst-plugins-bad is affected by CVE-2016-9447, CVE-2016-9446, CVE-2016-9445. High risk! Package jasper is affected by CVE-2016-8886. Medium risk! Package libimobiledevice is affected by CVE-2016-5104. Low risk! Package libtiff is affected by CVE-2015-7554. Critical risk! Package libusbmuxd is affected by CVE-2016-5104. Low risk! Package openjpeg2 is affected by CVE-2016-9118, CVE-2016-9117, CVE-2016-9116, CVE-2016-9115, CVE-2016-9114, CVE-2016-9113. High risk! Package openssl is affected by CVE-2016-7055. Low risk! $ arch-audit --upgradable --quiet curl>=7.52.1-1 $ arch-audit -uf "%n|%c" curl|CVE-2016-9594,CVE-2016-9586
Donations via Liberapay or Bitcoin (1Ph3hFEoQaD4PK6MhL3kBNNh9FZFBfisEH) are always welcomed, thank you!
Please before reporting false positive check https://security.archlinux.org first.
arch-audit parses that page and then if that page reports a false positive,
arch-audit will do too. Get in touch with the Arch Linux Security team via IRC at freenode#archlinux-security. Thanks!