1 Aug
2011
1 Aug
'11
12:10 p.m.
Dear all,
We're trying to use Nessus to monitor our system and we're having a hard time mapping the package versions from RedHat to CentOS in order to be able to report against CVE (vulnerability reports).
After some research, we think that the mapping is as follows (using HTTPD as the example):
CentOS httd-2.2.3-43.el5.centos.3 is equivalent to RedHat httpd-2.2.3-43.el5_5.3
So, it looks like CentOS replaces "_$MINOR_RELEASE" (in this case "_5") with ".centos" . Is this a fair assumption or are there other rules we are missing? Is this documented anywhere?
Thanks
Gabriel Tabares