[CentOS] oval support for centos

Thu Sep 5 15:47:29 UTC 2019
Johnny Hughes <johnny at centos.org>

On 9/3/19 3:27 AM, Sep0lkit wrote:
> We use oval to check the system vulnerability.
> 
> Redhat offer official oval(https://www.redhat.com/security/data/oval/), and
> it works well on redhat.
> 
> There is no official centos oval,  and using redhat oval on centos got
> false results.
> centos is based redhat, so  I wrote a script fetch redhat oval files and
> convert it to useful for centos.
> 
> And I push the oval to my github:  https://github.com/Sep0lkit/oval-for-el
> 
> Everyone interested in this can try to use it and tell me it works
> correctly or not.

That is because CentOS Linux does not now, nor has it ever provided any
certification of Security patches.  We build source code released for
RHEL, but provide no certification or assurance of any kind.

Individual users must do and provide their own security testing and any
validation.

Thanks,
Johnny Hughes


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20190905/39629c5d/attachment-0006.sig>