Hello, I'd like to ask a couple of things: 1) I would like to move from Debian to CentOS. One thing I will probably miss is the debsecan tool. This utility sends me a mail whenever there is a change regarding the vulnerabilities' status on my system. It lists new ones, resolved ones and current ones. Is there anything similar for CentOS? 2) I read that RHEL packages are compiled with various security technologies including Exec Shield, FORTIFY_SOURCE and fstack-protector. Does this apply to CentOS too? Thanks! Regards, Luigi
Luigi Perroti wrote:> One thing I will probably miss is the debsecan tool. > This utility sends me a mail whenever there is a change regarding the > vulnerabilities' status on my system. > It lists new ones, resolved ones and current ones. > > Is there anything similar for CentOS?Not yet (there is a security-updates plugin for yum which we try to incorporate).> 2) I read that RHEL packages are compiled with various security > technologies including Exec Shield, FORTIFY_SOURCE and > fstack-protector. > > Does this apply to CentOS too?Of course >:) Cheers, Ralph -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20080620/825d4705/attachment-0002.sig>
on 6-20-2008 12:41 AM Luigi Perroti spake the following:> Hello, I'd like to ask a couple of things: > > 1) I would like to move from Debian to CentOS. > One thing I will probably miss is the debsecan tool. > This utility sends me a mail whenever there is a change regarding the > vulnerabilities' status on my system. > It lists new ones, resolved ones and current ones. > > Is there anything similar for CentOS? >Right now the closest thing you will get is the Centos-announce list. But stay tuned... -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 258 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080620/47ed674b/attachment-0002.sig>
On Fri, Jun 20, 2008 at 11:13:39AM -0700, Scott Silva wrote:> on 6-20-2008 12:41 AM Luigi Perroti spake the following: > >Hello, I'd like to ask a couple of things: > > > >1) I would like to move from Debian to CentOS. > >One thing I will probably miss is the debsecan tool. > >This utility sends me a mail whenever there is a change regarding the > >vulnerabilities' status on my system. > >It lists new ones, resolved ones and current ones. > > > >Is there anything similar for CentOS? > > > Right now the closest thing you will get is the Centos-announce list. > But stay tuned...If you have access to the repositories... yum -d 0 check-update maybe? -- rgds Stephen