[CentOS] Modifying RHEL OVAL CVE feed for use with CentOS 7

13 Jul 2015


      Hi all.
I am curious if anyone has experience using the OVAL tests for CVEs provided by Red Hat (https://www.redhat.com/security/data/metrics/) for CentOS 7.
I was able to get the tests working for the non modified packages provided by RHEL but not the packages modified by CentOS.
I believe this is because CentOS 7 no longer has minor versions (PACKAGE.VERSION.el7.*.rpm) whereas RHEL does (PACKAGE.VERSION.el7_1.*.rpm) so the CVE check thinks that the package is out of date.
Any ideas?
Thanks

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

[CentOS] Modifying RHEL OVAL CVE feed for use with CentOS 7