An utility like pkg-audit for Arch Linux. Based on Arch CVE Monitoring Team data
Rust
Latest commit c078e16 Feb 16, 2017 @ilpianista Release 0.1.8

README.md

arch-audit

crats.io Build Status Flattr this git repo

pkg-audit-like utility for Arch Linux.

Uses data collected by the awesome Arch CVE Monitoring Team.

Installation

From AUR

The PKGBUILD is available on AUR.

After the installation just execute arch-audit.

From sources

git clone https://github.com/ilpianista/arch-audit
cd arch-audit
cargo build
cargo run

Example output

$ arch-audit
Package bzip2 is affected by ["CVE-2016-3189"]. Medium risk!
Package curl is affected by ["CVE-2016-9594", "CVE-2016-9586"]. Update to 7.52.1-1!
Package gst-plugins-bad is affected by ["CVE-2016-9447", "CVE-2016-9446", "CVE-2016-9445"]. High risk!
Package jasper is affected by ["CVE-2016-8886"]. Medium risk!
Package libimobiledevice is affected by ["CVE-2016-5104"]. Low risk!
Package libtiff is affected by ["CVE-2015-7554"]. Critical risk!
Package libusbmuxd is affected by ["CVE-2016-5104"]. Low risk!
Package openjpeg2 is affected by ["CVE-2016-9118", "CVE-2016-9117", "CVE-2016-9116", "CVE-2016-9115", "CVE-2016-9114", "CVE-2016-9113"]. High risk!
Package openssl is affected by ["CVE-2016-7055"]. Low risk!

$ arch-audit --upgradable --quiet
curl>=7.52.1-1

$ arch-audit -uf "%n|%c"
curl|CVE-2016-9594,CVE-2016-9586

License

MIT