thr3ads.net - CentOS - [CentOS] Modifying RHEL OVAL CVE feed for use with CentOS 7 [Jul 2015]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Mosley, Graham A. (GSFC-6062)[GSFC - HIGHER EDUCATION]

2015-Jul-13 17:40 UTC

[CentOS] Modifying RHEL OVAL CVE feed for use with CentOS 7

Hi all.

I am curious if anyone has experience using the OVAL tests for CVEs provided by
Red Hat (https://www.redhat.com/security/data/metrics/) for CentOS 7.
I was able to get the tests working for the non modified packages provided by
RHEL but not the packages modified by CentOS.

I believe this is because CentOS 7 no longer has minor versions
(PACKAGE.VERSION.el7.*.rpm) whereas RHEL does (PACKAGE.VERSION.el7_1.*.rpm) so
the CVE check thinks that the package is out of date.
Any ideas?

Thanks

Possibly Parallel Threads

CentOS Security Advisories OVAL feed??
CentOS Security Advisories OVAL feed??
CentOS Security Advisories OVAL feed??
CentOS Security Advisories OVAL feed??
CentOS Security Advisories OVAL feed??

Search for more apparently analagous threads

CentOS - Jul 2015 - Modifying RHEL OVAL CVE feed for use with CentOS 7

[CentOS] Modifying RHEL OVAL CVE feed for use with CentOS 7

Possibly Parallel Threads

Wisdom of the Ancients