Hello, I'd like to ask a couple of things:
1) I would like to move from Debian to CentOS. One thing I will probably miss is the debsecan tool. This utility sends me a mail whenever there is a change regarding the vulnerabilities' status on my system. It lists new ones, resolved ones and current ones.
Is there anything similar for CentOS?
2) I read that RHEL packages are compiled with various security technologies including Exec Shield, FORTIFY_SOURCE and fstack-protector.
Does this apply to CentOS too?
Thanks!
Regards, Luigi
Luigi Perroti wrote:
One thing I will probably miss is the debsecan tool. This utility sends me a mail whenever there is a change regarding the vulnerabilities' status on my system. It lists new ones, resolved ones and current ones.
Is there anything similar for CentOS?
Not yet (there is a security-updates plugin for yum which we try to incorporate).
- I read that RHEL packages are compiled with various security
technologies including Exec Shield, FORTIFY_SOURCE and fstack-protector.
Does this apply to CentOS too?
Of course >:)
Cheers,
Ralph
on 6-20-2008 12:41 AM Luigi Perroti spake the following:
Hello, I'd like to ask a couple of things:
- I would like to move from Debian to CentOS.
One thing I will probably miss is the debsecan tool. This utility sends me a mail whenever there is a change regarding the vulnerabilities' status on my system. It lists new ones, resolved ones and current ones.
Is there anything similar for CentOS?
Right now the closest thing you will get is the Centos-announce list. But stay tuned...
On Fri, Jun 20, 2008 at 11:13:39AM -0700, Scott Silva wrote:
on 6-20-2008 12:41 AM Luigi Perroti spake the following:
Hello, I'd like to ask a couple of things:
- I would like to move from Debian to CentOS.
One thing I will probably miss is the debsecan tool. This utility sends me a mail whenever there is a change regarding the vulnerabilities' status on my system. It lists new ones, resolved ones and current ones.
Is there anything similar for CentOS?
Right now the closest thing you will get is the Centos-announce list. But stay tuned...
If you have access to the repositories...
yum -d 0 check-update
maybe?
On Fri, 2008-06-20 at 15:13 -0400, Stephen Harris wrote:
On Fri, Jun 20, 2008 at 11:13:39AM -0700, Scott Silva wrote:
on 6-20-2008 12:41 AM Luigi Perroti spake the following:
Hello, I'd like to ask a couple of things:
- I would like to move from Debian to CentOS.
One thing I will probably miss is the debsecan tool. This utility sends me a mail whenever there is a change regarding the vulnerabilities' status on my system. It lists new ones, resolved ones and current ones.
Is there anything similar for CentOS?
Right now the closest thing you will get is the Centos-announce list. But stay tuned...
If you have access to the repositories...
yum -d 0 check-update
maybe?
Just saw and installed yum-security on CentOS 5.x on i386. I think this is what you're looking for.
Calin
================================================= Semper Fi, dude.
On Wed, 2008-06-25 at 16:58 +0200, Ralph Angenendt wrote:
kalinix wrote:
Just saw and installed yum-security on CentOS 5.x on i386. I think this is what you're looking for.
Had you tried it before posting your mail you would have found out that it errors out with:
Skipping security plugin, no data
Ralph _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Actually I did; (un)fortunately I had my systems up to date.
Try yum --security check-update
Calin
================================================= "I don't care who does the electing as long as I get to do the nominating." -- Boss Tweed
-
kalinix -
Luigi Perroti -
Ralph Angenendt -
Scott Silva -
Stephen Harris