On Sun, 27 Jul 2025 09:06:31 -0400
"R A Montante, Ph.D. via Dng" <dng@???> wrote:

> Apologies in advance if this is as dumb a question as I think it is, but...
>
> I have Daedalus installed on my laptop, named "whiteknight", nothing too
> exotic as far as I know/remember,  I've been getting daily local emails
> with the subject "Subject: Debian security status of whiteknight", for
> quite some time now.  They are from "daemon@"whiteknight" --- the
> headers are in agreement on this, so I have at least one daemon running
> on this system. (Gee.)
>
> They contain lists of CVEs, apparently cumulatively --- the June 24
> email lists 892 CVEs, while the July 27 email is up to 1100 CVEs.  Here
> are the headers and first few lines of today's, followed by my questions:
>
> > From daemon@??? Sun Jul 27 02:29:03 2025
> > Return-path: <daemon@???>
> > Envelope-to: bobmon@???
> > Delivery-date: Sun, 27 Jul 2025 02:29:03 -0400
> > Received: from daemon by whiteknight.TygerzHome with local (Exim 4.96)
> >     (envelope-from <daemon@???>)
> >     id 1ufusY-0006JK-2m
> >     for bobmon@???;
> >     Sun, 27 Jul 2025 02:29:02 -0400
> > Subject: Debian security status of whiteknight
> > To: bobmon@???
> > Message-Id: <E1ufusY-0006JK-2m@???>
> > From: daemon <daemon@???>
> > Date: Sun, 27 Jul 2025 02:29:02 -0400
> > Status: RO
> >
> > Security report based on the bullseye release
> >
> > *** New security updates
> >
> > CVE-2025-49794 A use-after-free vulnerability was found in libxml2....
> > <https://security-tracker.debian.org/tracker/CVE-2025-49794>
> >   - libxml2, libxml2, libxml2-utils
> >
> > CVE-2025-49796 A vulnerability was found in libxml2. Processing...
> > <https://security-tracker.debian.org/tracker/CVE-2025-49796>
> >   - libxml2, libxml2, libxml2-utils
> >
> > CVE-2025-6021 A flaw was found in libxml2's xmlBuildQName function,...
> > <https://security-tracker.debian.org/tracker/CVE-2025-6021>
> >   - libxml2, libxml2, libxml2-utils
> >
> > *** Available security updates
> >
> > CVE-2021-46310 An issue was discovered IW44Image.cpp in djvulibre...
> > <https://security-tracker.debian.org/tracker/CVE-2021-46310>
> >   - libdjvulibre-text, libdjvulibre21
> >
>
> I have three questions about this:
>
>     1)  What is actually generating this email?  An how should I be
> able to figure it out?
>
>     2)  Why is it based on the debian "bullseye" release, given that
> Daedalus is based on "bookworm"?
>
>     3) What am I supposed to do about it?  (Shouldn't "apt upgrade" be
> patching these when possible?)
>
> Thanks for any help,
> -Bob
>

Hi,

        Are these critical issues?
        Can I do something to eliminate them?
        If not, how can I disable the email from being generated?

    No they are not
    Yes, can remove the script from cron, but not advisable.
    Disable by commenting out the MAILTO=root from de the cron job (Add a # at start of the line)

    ~ $ nano /etc/cron.d/debsecan
    ‘# cron entry for debsecan’
    ‘# MAILTO=root’

apt list debsecan
Listing... Done
debsecan/stable 0.4.20.1 all

debsecan is a tool to generate a list of vulnerabilities which affect
a particular Debian installation. debsecan runs on the host which is
to be checked, and downloads vulnerability information over the
Internet. It can send mail to interested parties when new
vulnerabilities are discovered or when security updates become
available.

So: apt purge debsecan

will get you rid of the emails.

Hope this helps.
Ciao,
Tito