Thanks for confirming, Eero. Any advice for alternative approaches to managing vulnerability assessment on Oracle Linux?
Cheers, Ewae. On Friday, 8 June 2018, Eero Volotinen <eero.voloti...@iki.fi> wrote: > Hi, > > I "was" developer of that feed :) > > I haven't updated it for while, due to lack of time and/or sponsor ;) > > Eero > > pe 8. kesäk. 2018 klo 17.59 Ewae Rpok <ewaer...@gmail.com> kirjoitti: > >> Hello all. >> >> Can anyone advise on scanning Oracle Linux vulnerabilities? >> The Community feed seems to omit checks for errata published post 2016. >> >> e.g. https://linux.oracle.com/errata/ELSA-2018-0395.html was not >> reported despite kernel-uek 4.1.12-61.1.18 being run and >> kernel-3.10.0-514 being installed (both built 04 Nov 2016). >> >> Equivalent vulnerability in CentOS/RHEL-compatible kernel was positively >> identified when run against CentOS system: >> https://lists.centos.org/pipermail/centos-announce/2018-May/022843.html >> CentOS Update for kernel CESA-2018:1629 centos7 >> OID 1.3.6.1.4.1.25623.1.0.882885 >> >> Vulnerabilities are actually found - just nothing new. >> Supported by the following found on a recent kali linux install: >> >> root@kali:/var/lib/openvas/plugins# find . -name "ELSA*"|sort -rn|head >> ./2016/ELSA-2016-3554.nasl.asc >> ./2016/ELSA-2016-3554.nasl >> ./2016/ELSA-2016-3553.nasl.asc >> ./2016/ELSA-2016-3553.nasl >> ./2016/ELSA-2016-3552.nasl.asc >> ./2016/ELSA-2016-3552.nasl >> ./2016/ELSA-2016-3551.nasl.asc >> ./2016/ELSA-2016-3551.nasl >> ./2016/ELSA-2016-3531.nasl.asc >> ./2016/ELSA-2016-3531.nasl >> root@kali:/var/lib/openvas/plugins# find . -name "gb_CESA*"|sort -rn|head >> ./2018/centos/gb_CESA-2018_1726_thunderbird_centos6.nasl.asc >> ./2018/centos/gb_CESA-2018_1726_thunderbird_centos6.nasl >> ./2018/centos/gb_CESA-2018_1725_thunderbird_centos7.nasl.asc >> ./2018/centos/gb_CESA-2018_1725_thunderbird_centos7.nasl >> ./2018/centos/gb_CESA-2018_1700_procps-ng_centos7.nasl.asc >> ./2018/centos/gb_CESA-2018_1700_procps-ng_centos7.nasl >> ./2018/centos/gb_CESA-2018_1669_libvirt_centos6.nasl.asc >> ./2018/centos/gb_CESA-2018_1669_libvirt_centos6.nasl >> ./2018/centos/gb_CESA-2018_1660_qemu-guest-agent_centos6.nasl.asc >> ./2018/centos/gb_CESA-2018_1660_qemu-guest-agent_centos6.nasl >> root@kali:/var/lib/openvas/plugins# >> >> >> vulners.com has different looking pages for Oracle Linux vulnerabilities >> before and after the apparent cutoff - e.g. >> https://vulners.com/openvas/OPENVAS:1361412562310122925 >> and >> https://vulners.com/oraclelinux/ELSA-2016-3559 >> >> Should I be using a different tool or approach? >> >> Thanks in advance, >> Ewae. >> _______________________________________________ >> Openvas-discuss mailing list >> Openvas-discuss@wald.intevation.org >> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/ >> openvas-discuss > >
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
