Is there a security tracker aggregated file for Ubuntu server like Debian has?

Question

Debian has a JSON file containing all CVE<->Fixed package versions map. Link: https://security-tracker.debian.org/tracker/data/json

Does Ubuntu have something similar?

[Related question](https://askubuntu.com/q/1113429/349837) about `debsecan` and `unattended-upgrade`. — Pablo A, Jan 28 '19 at 17:40

forest · Accepted Answer · 2018-06-19T03:06:30.003

2

There is the Ubuntu Security Advisory. It provides a mailing list, RSS feed, and Atom feed.

There is no API for historical data, according to a similar question on AskUbuntu.

edited Jun 19 '18 at 03:06

answered Jun 18 '18 at 00:44

forest

Thank you for the replay. The feeds only contains the latest vulnerabilities without historic data. I'm looking for en exhaustive list. But thank you for the replay. – drdrek Jun 18 '18 at 11:21
@drdrek See my update. This question was also asked on AskUbuntu. – forest Jun 19 '18 at 03:06
1

Just for completeness sake I would like to say that there is a better way to programmatically go over historic security information. We ended up going over the Ubuntu security repository getting the information by iterating over their files: https://bazaar.launchpad.net/~ubuntu-security/ubuntu-cve-tracker/master/files/head:/active/. I will keep your answer as the accepted answer because this is a very niche solution that is probably not relevant for most people. Its very disappointing that a such large distribution like Ubuntu lags behind so much on security visibility. – drdrek Jun 27 '18 at 13:54

1 Answers1