Understand, just my personal security learning, and shared to interested
people.
thanks for the reply.
Johnny Hughes <johnny@xxxxxxxxxx> 于2019年9月5日周四 下午11:47写道:
> On 9/3/19 3:27 AM, Sep0lkit wrote:
> > We use oval to check the system vulnerability.
> >
> > Redhat offer official oval(https://www.redhat.com/security/data/oval/),
> and
> > it works well on redhat.
> >
> > There is no official centos oval, and using redhat oval on centos got
> > false results.
> > centos is based redhat, so I wrote a script fetch redhat oval files and
> > convert it to useful for centos.
> >
> > And I push the oval to my github:
> https://github.com/Sep0lkit/oval-for-el
> >
> > Everyone interested in this can try to use it and tell me it works
> > correctly or not.
>
> That is because CentOS Linux does not now, nor has it ever provided any
> certification of Security patches. We build source code released for
> RHEL, but provide no certification or assurance of any kind.
>
> Individual users must do and provide their own security testing and any
> validation.
>
> Thanks,
> Johnny Hughes
>
>
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
