Hello all.
Can anyone advise on scanning Oracle Linux vulnerabilities?
The Community feed seems to omit checks for errata published post 2016.
e.g. https://linux.oracle.com/errata/ELSA-2018-0395.html was not
reported despite kernel-uek 4.1.12-61.1.18 being run and
kernel-3.10.0-514 being installe
le, due to lack of time and/or sponsor ;)
>
> Eero
>
> pe 8. kesäk. 2018 klo 17.59 Ewae Rpok kirjoitti:
>
>> Hello all.
>>
>> Can anyone advise on scanning Oracle Linux vulnerabilities?
>> The Community feed seems to omit checks for errata published post 2016.
&
ers are not reliable way to
> evaluate security of server..
>
> If you really want to do it, then just pick commercial nessus..
>
> Eero
>
> la 9. kesäk. 2018 klo 1.01 Ewae Rpok kirjoitti:
>
>> Thanks for confirming, Eero.
>>
>> Any advice for alt
Thanks both.
So I think one of the options we'll consider is managing the authenticated
local scans of Oracle Linux separately, using results of 'yum check-update'
in place of openvas. Can still use openvas for non-authenticated remote
scans.
For completeness, will plan to look up details of the
