in Red Hat, I'm used to:
Check which cve currently affect the system and the severity:
sudo yum updateinfo list cves
Get more details about that CVE:
sudo yum updateinfo <CVE_NAME>
Install all packages that solve the security issue:
sudo yum update --advisory=<CVE_NAME>
Everything directly from the command line logged in the system with simple terminal commands.
Are there any similar commands/functionalities in Debian and Ubuntu without having to manually check https://security-tracker.debian.org/tracker/ and having a cves list related to my server current situation?
Thanks
Marco
