similar to: OVAL content

Hi, I would like to know if there is some feed for OVAL checks like in Redhat: https://www.redhat.com/security/data/oval/. Documentation: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Practical_Examples.html#sect-Auditing_Security_Vulnerabilities_Example Other distributions have an oval feed: - Redhat:

We use oval to check the system vulnerability. Redhat offer official oval(https://www.redhat.com/security/data/oval/), and it works well on redhat. There is no official centos oval, and using redhat oval on centos got false results. centos is based redhat, so I wrote a script fetch redhat oval files and convert it to useful for centos. And I push the oval to my github:

On 9/3/19 3:27 AM, Sep0lkit wrote: > We use oval to check the system vulnerability. > > Redhat offer official oval(https://www.redhat.com/security/data/oval/), and > it works well on redhat. > > There is no official centos oval, and using redhat oval on centos got > false results. > centos is based redhat, so I wrote a script fetch redhat oval files and > convert it

On 8/5/20 10:45 AM, centos at niob.at wrote: > On 05/08/2020 16:49, Johnny Hughes wrote: >> On 8/5/20 1:05 AM, centos at niob.at wrote: >>> On 04/08/2020 23:50, Jon Pruente wrote: >>>> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: >>>> >>>>> Q5) If the answer to the last question is "no": shouldn't there be

Dear List, I have spent some time playing around with oscap and the RHEL OVAL feed (https://www.redhat.com/security/data/oval/v2/RHEL8/, also check Chapter 16 of the RHEL 8 Design Guide). Because I could not find an existing OVAL file for CentOS, I downloaded one of the RHEL8 files and managed to modify (eg. the rhel-8.1-e4s.oval.xml) it to make it work on a CentOS machine. Basically I just

On 8/5/20 1:05 AM, centos at niob.at wrote: > On 04/08/2020 23:50, Jon Pruente wrote: >> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: >> >>> Q5) If the answer to the last question is "no": shouldn't there be such >>> a resource? >>> >> CentOS doesn't publish security errata. If you need it then you should

On 05/08/2020 16:49, Johnny Hughes wrote: > On 8/5/20 1:05 AM, centos at niob.at wrote: >> On 04/08/2020 23:50, Jon Pruente wrote: >>> On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: >>> >>>> Q5) If the answer to the last question is "no": shouldn't there be such >>>> a resource? >>>> >>> CentOS

On 04/08/2020 23:50, Jon Pruente wrote: > On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: > >> Q5) If the answer to the last question is "no": shouldn't there be such >> a resource? >> > CentOS doesn't publish security errata. If you need it then you should > either buy RHEL, or deal with putting together your own set up with >

Hi all. I am curious if anyone has experience using the OVAL tests for CVEs provided by Red Hat (https://www.redhat.com/security/data/metrics/) for CentOS 7. I was able to get the tests working for the non modified packages provided by RHEL but not the packages modified by CentOS. I believe this is because CentOS 7 no longer has minor versions (PACKAGE.VERSION.el7.*.rpm) whereas RHEL does

Hi CentOS experts,* Short Version* I would like to produce a weekly report in HTML for each CentOS 5.x server we have indicating configuration compliance with some industry benchmark. I am looking for a tool or tools to implement this, I am happy to use 3rd party proprietary stuff if necessary. * Long(er) Version* Current Situation.. I have a client with many (200x) CentOS 5.x servers

hi: where would I find facilities to draw circles, ovals, and semicircles? (or should I construct them myself using curve?) regards, /ivo

Hi - I?m running the OpenSCAP STIG profile on a new CentOS 7.1611 installation, and I get a few failures that look like this (output from openscap scan ?verbosity INFO). I suspect this is because the openscap module is not accepting CentOS 7 as RHEL 7 for rules purposes, despite an early check for "Community Enterprise Operating System 7? which succeeds. 1. Am I correct in why it?s

On Tue, Aug 4, 2020 at 11:34 AM <centos at niob.at> wrote: > Q5) If the answer to the last question is "no": shouldn't there be such > a resource? > CentOS doesn't publish security errata. If you need it then you should either buy RHEL, or deal with putting together your own set up with something like http://cefs.steve-meier.de/

Bill, Alberto, Gabor, Thank you for answering my question. Now I learned about outer() function. That was a straightforward example. But what if I had a matrix, where the last column was filled with values first (again, a for loop), and the rest was filled by using a double loop? OVal <- matrix(0, n+1, n+1) for(i in 0:n){ OVal[i+1, n+1] <- max(Val[i+1, n+1]-K, 0) } for(i in seq(n,1,

The commit commit 476e84e126171d809f9c0b5d97137f5055f95ca8 Author: Ben Skeggs <bskeggs at redhat.com> Date: Mon Feb 11 09:24:23 2013 +1000 drm/nv50-/disp: initial supervisor support for off-chip encoders changed the write mask in one of the interrupt functions for on-chip encoders, causing a regression in certain VGA dual-head setups. This commit reintroduces the mask

I have a docker image based off centos:7 with java-11-openjdk-devel. It appears that the current java-11-openjdk-devel available in the CentOS 7 Yum repo is 1:11.0.7.10-4.el7_8 11.0.7 is reported to have some high vulnerabilities RHSA-2020:2969 that are fixed in 11.0.8, but 11.0.8 is not available for CentOS 7. 1. Is there a 11.0.8 update for java-11-openjdk-devel available for CentOS 7? 2. Is

Hi Everyone, Apple's Clang, libc++, and Program Analysis teams are now looking for interns for 2021! Our teams contribute to Clang, libc++, Clang Static Analyzer, as well as dynamic analysis tools (such as Address Sanitizer and Thread Sanitizer). We are looking for interns to work closely with members of the engineering team as well as the open source communities to solve challenging

Hello everyone. I just started learning R for clustering analysis in my research project. I tried k-means method and PAM method, both of which were properly processed with my data. I have some questions about PAM graphical output. Suppose to do the commands shown below; pm<-pam(D, 6) plot(pm) I got two charts after prompted. In the first chart, 6 oval clusters are drawn together

Enjoy.... ugh. Dan ____________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Computing Division OSS/FSS | Fax: (630) 840-6345 .~. L Fermi National Accelerator Lab | email: yocum@fnal.gov /V\ I P.O. Box 500 | WWW: www-oss.fnal.gov/~yocum/ // \\ N Batavia, IL

Excerpt: The OpenSSL project said it plans to release new versions of its code to fix a number of security weaknesses, including some classified as ?high? severity. <...> The patch is likely to set off a mad scramble by security teams at organizations that rely on OpenSSL. That?s because security updates ? particularly those added to open-source software like OpenSSL that anyone can view ?