Joey's Tools: Security Updates

elmo

This program is similar to James' madison but enhanced in many ways. In my opinion the output is nicer, but that's just minor. Since it can display paths and URLs of packages in various distributions it helps me with determining version numbers and source packages.

Source

sign

This program simply signs a .dsc or .changes file and automatically appends the required trailing newline if one is required.

Source

scansecurity

This program is supposed to scan the private security queue and report a list of packages accompanying their distribution, version and architectures. This helps a lot determining whether a package has been built for all required architectures or not.

Source

keyring-verify

This program simply verifies the digital signature on a given .changes file. It helps a lot verifying whether a maintainer-provided package has been properly signed or whether it is corrupt. It also displays who signed the file.

Source

difftar

This is just a wrapper around diff -Nurp, but will work where interdiff will fail since two Debian native packages need to be compared. This helps a lot.

Source

diffpackages

This program is a wrapper for interdiff, difftar and debdiff in order to provide a report the changes between two sets of packages. It can cope with source files, Debian packages and even .changes files (preferred use). It helps locate missing dependencies, dirty patches and the like. It will diff against the proper distribution, i.e. again ststable or against security if it's available.

Source

dpkg-approve-buildd

This program is used to approve build logs which are stored as mbox files in a buildd directory. As of 2005 it will query for the passphrase for the GnuPG key only once and use it on stdin of gpg in order to keep the annoyance small when approving 50+ build logs.

Source

dpkg-md5sum

This tools calculates the URLs and MD5 sums for packages on the security server. It is used to generate the file lists in our advisories.

Source

dsa-launch

This program releases a security advisory for me. First it copies the advisory file to the private advisory archive on the security host, then it generates a GnuPG signature on it, and finally it embedds the advisory into a mail and sets the headers accordingly.

Source

parse-advisory.pl

This script parses an advisory as sent via dsa-launch and converts it to WML by creating a .data (language independent) and .wml (spoken language) file in the directory for the current year. The .wml files will also be translated into other languages in order to provide the advisory text into several languages.

Source