On 9/3/19 3:27 AM, Sep0lkit wrote: > We use oval to check the system vulnerability. > > Redhat offer official oval(https://www.redhat.com/security/data/oval/), and > it works well on redhat. > > There is no official centos oval, and using redhat oval on centos got > false results. > centos is based redhat, so I wrote a script fetch redhat oval files and > convert it to useful for centos. > > And I push the oval to my github: https://github.com/Sep0lkit/oval-for-el > > Everyone interested in this can try to use it and tell me it works > correctly or not. That is because CentOS Linux does not now, nor has it ever provided any certification of Security patches. We build source code released for RHEL, but provide no certification or assurance of any kind. Individual users must do and provide their own security testing and any validation. Thanks, Johnny Hughes
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos