diff --git a/Gopkg.lock b/Gopkg.lock
index 73acf56d..4967656b 100644
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -1,4 +1,4 @@
-memo = "404d058cf6b46d820e153afc5721e1ab2aa2b10ec345d969b9c460097f99add3"
+memo = "0851217ca0cf4879a4cf7b2041f2ff852c408df45e075fbaccb7805164db4507"
 
 [[projects]]
   branch = "master"
@@ -114,10 +114,16 @@ memo = "404d058cf6b46d820e153afc5721e1ab2aa2b10ec345d969b9c460097f99add3"
   revision = "612b0b2987ec1a6af46d7008cef1efd4b3898346"
 
 [[projects]]
+  branch = "master"
   name = "github.com/k0kubun/pp"
   packages = ["."]
-  revision = "027a6d1765d673d337e687394dbe780dd64e2a1e"
-  version = "v2.3.0"
+  revision = "d1532fc5d94ecdf2da29e24d7b99721f3287de4a"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/knqyf263/go-deb-version"
+  packages = ["."]
+  revision = "bec774d791d03b721a20bd3ca1fbdd566fd0f2b9"
 
 [[projects]]
   branch = "master"
@@ -131,6 +137,12 @@ memo = "404d058cf6b46d820e153afc5721e1ab2aa2b10ec345d969b9c460097f99add3"
   revision = "641dc2cc2d3cbf295dad356667b74c69bcbd6f70"
   version = "v0.1.0"
 
+[[projects]]
+  branch = "master"
+  name = "github.com/kotakanbe/goval-dictionary"
+  packages = ["config","db","log","models"]
+  revision = "931528ebc56092a6abc0799665cb74f944d0705b"
+
 [[projects]]
   branch = "master"
   name = "github.com/kotakanbe/logrus-prefixed-formatter"
@@ -143,6 +155,12 @@ memo = "404d058cf6b46d820e153afc5721e1ab2aa2b10ec345d969b9c460097f99add3"
   packages = [".","hstore","oid"]
   revision = "2704adc878c21e1329f46f6e56a1c387d788ff94"
 
+[[projects]]
+  name = "github.com/labstack/gommon"
+  packages = ["color","log"]
+  revision = "9cedb429ffbe71a32a3ae7c65fd109cb7ae07804"
+  version = "v0.2.0"
+
 [[projects]]
   name = "github.com/mattn/go-colorable"
   packages = ["."]
@@ -203,6 +221,24 @@ memo = "404d058cf6b46d820e153afc5721e1ab2aa2b10ec345d969b9c460097f99add3"
   revision = "2adb3e0c4ddd8778c4adde609d2dfd4fbe6096ea"
   version = "1.6"
 
+[[projects]]
+  branch = "master"
+  name = "github.com/valyala/bytebufferpool"
+  packages = ["."]
+  revision = "e746df99fe4a3986f4d4f79e13c1e0117ce9c2f7"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/valyala/fasttemplate"
+  packages = ["."]
+  revision = "dcecefd839c4193db0d35b88ec65b4c12d360ab0"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/ymomoi/goval-parser"
+  packages = ["oval"]
+  revision = "fa7d8e949108b0b2b7d124bef9a7f2bda9b6dd69"
+
 [[projects]]
   branch = "master"
   name = "golang.org/x/crypto"
diff --git a/scan/debian.go b/scan/debian.go
index 10bff021..7ff27c26 100644
--- a/scan/debian.go
+++ b/scan/debian.go
@@ -161,27 +161,30 @@ func (o *debian) checkDependencies() error {
 }
 
 func (o *debian) scanPackages() error {
-	var err error
-	var packs []models.PackageInfo
-	if packs, err = o.scanInstalledPackages(); err != nil {
+	installed, upgradable, err := o.scanInstalledPackages()
+	if err != nil {
 		o.log.Errorf("Failed to scan installed packages")
 		return err
 	}
-	o.setPackages(packs)
+	o.setPackages(installed)
 
-	var unsecurePacks []models.VulnInfo
-	if unsecurePacks, err = o.scanUnsecurePackages(packs); err != nil {
+	if config.Conf.PackageListOnly {
+		return nil
+	}
+
+	unsecure, err := o.scanUnsecurePackages(upgradable)
+	if err != nil {
 		o.log.Errorf("Failed to scan vulnerable packages")
 		return err
 	}
-	o.setVulnInfos(unsecurePacks)
+	o.setVulnInfos(unsecure)
 	return nil
 }
 
-func (o *debian) scanInstalledPackages() (packs []models.PackageInfo, err error) {
+func (o *debian) scanInstalledPackages() (installed models.PackageInfoList, upgradable models.PackageInfoList, err error) {
 	r := o.exec("dpkg-query -W", noSudo)
 	if !r.isSuccess() {
-		return packs, fmt.Errorf("Failed to SSH: %s", r)
+		return nil, nil, fmt.Errorf("Failed to SSH: %s", r)
 	}
 
 	//  e.g.
@@ -192,15 +195,36 @@ func (o *debian) scanInstalledPackages() (packs []models.PackageInfo, err error)
 		if trimmed := strings.TrimSpace(line); len(trimmed) != 0 {
 			name, version, err := o.parseScannedPackagesLine(trimmed)
 			if err != nil {
-				return nil, fmt.Errorf(
+				return nil, nil, fmt.Errorf(
 					"Debian: Failed to parse package line: %s", line)
 			}
-			packs = append(packs, models.PackageInfo{
+			installed = append(installed, models.PackageInfo{
 				Name:    name,
 				Version: version,
 			})
 		}
 	}
+
+	upgradableNames, err := o.GetUpgradablePackNames()
+	if err != nil {
+		return nil, nil, err
+	}
+	for _, name := range upgradableNames {
+		for _, pack := range installed {
+			if pack.Name == name {
+				upgradable = append(upgradable, pack)
+				break
+			}
+		}
+	}
+
+	// Fill the candidate versions of upgradable packages
+	upgradable, err = o.fillCandidateVersion(upgradable)
+	if err != nil {
+		return nil, nil, fmt.Errorf("Failed to fill candidate versions. err: %s", err)
+	}
+	installed.MergeNewVersion(upgradable)
+
 	return
 }
 
@@ -221,51 +245,34 @@ func (o *debian) parseScannedPackagesLine(line string) (name, version string, er
 	return "", "", fmt.Errorf("Unknown format: %s", line)
 }
 
-func (o *debian) scanUnsecurePackages(installed []models.PackageInfo) ([]models.VulnInfo, error) {
+func (o *debian) aptGetUpdate() error {
 	o.log.Infof("apt-get update...")
 	cmd := util.PrependProxyEnv("apt-get update")
 	if r := o.exec(cmd, sudo); !r.isSuccess() {
-		return nil, fmt.Errorf("Failed to SSH: %s", r)
+		return fmt.Errorf("Failed to SSH: %s", r)
 	}
+	return nil
+}
 
-	// Convert the name of upgradable packages to PackageInfo struct
-	upgradableNames, err := o.GetUpgradablePackNames()
-	if err != nil {
-		return nil, err
-	}
-	var upgradablePacks []models.PackageInfo
-	for _, name := range upgradableNames {
-		for _, pack := range installed {
-			if pack.Name == name {
-				upgradablePacks = append(upgradablePacks, pack)
-				break
-			}
-		}
-	}
+func (o *debian) scanUnsecurePackages(upgradable []models.PackageInfo) ([]models.VulnInfo, error) {
 
-	// Fill the candidate versions of upgradable packages
-	upgradablePacks, err = o.fillCandidateVersion(upgradablePacks)
-	if err != nil {
-		return nil, fmt.Errorf("Failed to fill candidate versions. err: %s", err)
-	}
-
-	o.Packages.MergeNewVersion(upgradablePacks)
+	o.aptGetUpdate()
 
 	// Setup changelog cache
 	current := cache.Meta{
 		Name:   o.getServerInfo().GetServerName(),
 		Distro: o.getServerInfo().Distro,
-		Packs:  upgradablePacks,
+		Packs:  upgradable,
 	}
 
 	o.log.Debugf("Ensure changelog cache: %s", current.Name)
-	var meta *cache.Meta
-	if meta, err = o.ensureChangelogCache(current); err != nil {
+	meta, err := o.ensureChangelogCache(current)
+	if err != nil {
 		return nil, err
 	}
 
 	// Collect CVE information of upgradable packages
-	vulnInfos, err := o.scanVulnInfos(upgradablePacks, meta)
+	vulnInfos, err := o.scanVulnInfos(upgradable, meta)
 	if err != nil {
 		return nil, fmt.Errorf("Failed to scan unsecure packages. err: %s", err)
 	}