[CentOS] oval support for centos
Sep0lkit
sep0lkit at gmail.com
Fri Sep 6 02:11:33 UTC 2019
Understand, just my personal security learning, and shared to interested
people.
thanks for the reply.
Johnny Hughes <johnny at centos.org> 于2019年9月5日周四 下午11:47写道:
> On 9/3/19 3:27 AM, Sep0lkit wrote:
> > We use oval to check the system vulnerability.
> >
> > Redhat offer official oval(https://www.redhat.com/security/data/oval/),
> and
> > it works well on redhat.
> >
> > There is no official centos oval, and using redhat oval on centos got
> > false results.
> > centos is based redhat, so I wrote a script fetch redhat oval files and
> > convert it to useful for centos.
> >
> > And I push the oval to my github:
> https://github.com/Sep0lkit/oval-for-el
> >
> > Everyone interested in this can try to use it and tell me it works
> > correctly or not.
>
> That is because CentOS Linux does not now, nor has it ever provided any
> certification of Security patches. We build source code released for
> RHEL, but provide no certification or assurance of any kind.
>
> Individual users must do and provide their own security testing and any
> validation.
>
> Thanks,
> Johnny Hughes
>
>
>
More information about the CentOS
mailing list