similar to: Configuration Compliance auditing for many CentOS 5.x boxes

Hello, I have noticed that pci-dss profile, ssg-centos7-xccdf.xml will always fail on test and remediation for disable_prelink rule. That seem to be caused by insufficient CentOS RPM customization of upstream code. Specifically this: https://github.com/OpenSCAP/scap-security-guide/blob/master/shared/oval/disable_prelink.xml#L24-L35

Hi - I?m running the OpenSCAP STIG profile on a new CentOS 7.1611 installation, and I get a few failures that look like this (output from openscap scan ?verbosity INFO). I suspect this is because the openscap module is not accepting CentOS 7 as RHEL 7 for rules purposes, despite an early check for "Community Enterprise Operating System 7? which succeeds. 1. Am I correct in why it?s

On 02/01/2017 10:15 AM, Micha? Jankowski wrote: > Hello, > > I have noticed that pci-dss profile, ssg-centos7-xccdf.xml will always fail > on test and remediation for disable_prelink rule. That seem to be caused by > insufficient CentOS RPM customization of upstream code. Specifically this: >

We use oval to check the system vulnerability. Redhat offer official oval(https://www.redhat.com/security/data/oval/), and it works well on redhat. There is no official centos oval, and using redhat oval on centos got false results. centos is based redhat, so I wrote a script fetch redhat oval files and convert it to useful for centos. And I push the oval to my github:

Bill, Alberto, Gabor, Thank you for answering my question. Now I learned about outer() function. That was a straightforward example. But what if I had a matrix, where the last column was filled with values first (again, a for loop), and the rest was filled by using a double loop? OVal <- matrix(0, n+1, n+1) for(i in 0:n){ OVal[i+1, n+1] <- max(Val[i+1, n+1]-K, 0) } for(i in seq(n,1,

The commit commit 476e84e126171d809f9c0b5d97137f5055f95ca8 Author: Ben Skeggs <bskeggs at redhat.com> Date: Mon Feb 11 09:24:23 2013 +1000 drm/nv50-/disp: initial supervisor support for off-chip encoders changed the write mask in one of the interrupt functions for on-chip encoders, causing a regression in certain VGA dual-head setups. This commit reintroduces the mask

Dear List, I have spent some time playing around with oscap and the RHEL OVAL feed (https://www.redhat.com/security/data/oval/v2/RHEL8/, also check Chapter 16 of the RHEL 8 Design Guide). Because I could not find an existing OVAL file for CentOS, I downloaded one of the RHEL8 files and managed to modify (eg. the rhel-8.1-e4s.oval.xml) it to make it work on a CentOS machine. Basically I just

Hello everyone. I just started learning R for clustering analysis in my research project. I tried k-means method and PAM method, both of which were properly processed with my data. I have some questions about PAM graphical output. Suppose to do the commands shown below; pm<-pam(D, 6) plot(pm) I got two charts after prompted. In the first chart, 6 oval clusters are drawn together

On 05/08/2020 16:49, Johnny Hughes wrote: > On 8/5/20 1:05 AM, centos at niob.at wrote: >> On 04/08/2020 23:50, Jon Pruente wrote: >>> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: >>> >>>> Q5) If the answer to the last question is "no": shouldn't there be such >>>> a resource? >>>> >>> CentOS

The Xen platform device (introduced in changeset 11161) would cause HCT''s PCI Compliance Test to generate a failure message. The patch fixes this. Thanks Dexuan Cui Signed-off-by: Dexuan Cui <dexuan.cui@intel.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel

I have a client project to implement PCI/DSS compliance. The PCI/DSS auditor has stipulated that the web server, application middleware (tomcat), the db server have to be on different systems. In addition the auditor has also stipulated that there be a NTP server, a "patch" server, The Host OS on all of the above nodes will be CentOS 6.2. Below is a list of things that would be

Hi R users, I don't know if you have used taylor.diagram function. Why my diagram is not like 1/4th of a round shape, but more flat, like 1/4th of an oval? Thanks. [[alternative HTML version deleted]]

Dear Sirs, we currently manufacture/import UPS units in Italy and distribute them all over the country. How can we obtain an official certification to offer our products with full compliance with QNAP, Synology and similar hardware? Looking forward to hearing from you, Best Regards ________________________ Alessandro Gualtieri LAER Accumulatori Srl Via Pio XII, 65/c 20060 - Pozzuolo

On 4/18/23 05:05, Norbert Pocs wrote: > Hi OpenSSH mailing list, > > I would like to announce the newly introduced patch in Fedora rawhide [0] > for FIPS compliance efforts. The change will be introduced in an upcoming RHEL 9 > version. Why does Fedora care about FIPS 140? To me, this seems like it should be specific to RHEL and maybe CentOS Stream, not Fedora. My understanding

On Tue, 18 Apr 2023, Norbert Pocs wrote: > Hi OpenSSH mailing list, > > I would like to announce the newly introduced patch in Fedora rawhide [0] > for > > FIPS compliance efforts. The change will be introduced in an upcoming RHEL 9 > > version. > > The patch targets OpenSSL support of OpenSSH, specifically the usage of > > old low level API. The new

On 04/08/2020 23:50, Jon Pruente wrote: > On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: > >> Q5) If the answer to the last question is "no": shouldn't there be such >> a resource? >> > CentOS doesn't publish security errata. If you need it then you should > either buy RHEL, or deal with putting together your own set up with >

Hi Everyone, As many of you out there I''m "protected" by the firewall which prevents me from checking my code for W3C compliance, I am able to check the production code but i would like to test my code before it goes to production. So if anyone was able to have that check done locally, possibly including some sort of tests in to the integration process, I would truly

Hello, I work for an organization that uses a Secure Dovecot server for messaging, and recently we've had to undergo some security screenings for PKI compliance (credit card industry standards). However, the screening returned to us a failure due to the following reason (attributed to our Dovecot server, which runs on port 993 and is the only "open" port on our firewall): Synopsis

Hi , I want to use PE 2.0 compliance feature , however i am not seeing any data on puppet-dashboard on compliance tab , it says no baseline set , reviewed NA etc..... I have written audit manifests class foo { file {''/etc/resolv.conf'': audit => all, } file {''/etc/services'': audit => all, } } and

I have used S-PLUS, R, MATLAB and SAS for many years, and I am actually quite happy to use any of these four languages. The reason may in part involve my using the various languages for the purposes to which they seem most suited. Hence there are many things for which I would not use SAS or MATLAB, but for which I would greatly prefer to use R instead. On the other hand ( to take one of a