CentOS

The Community ENTerprise Operating System
https://forums.centos.org/

CVE/OVAL Support

https://forums.centos.org/viewtopic.php?f=17&t=55438

Page 1 of 1

CVE/OVAL Support

Posted: 2015/12/15 12:31:53
by nickf
Hi Everyone,
I was noticing CentOS was not longer releasing CVE OVAL information. It looks like it used to go to oval.mitre.org but since the transition to oval.cisecurity.org there have been no more updates to that. Does anyone have any information on why that might be?
Thanks,
Nick

Re: CVE/OVAL Support

Posted: 2015/12/15 15:16:25
by avij
As far as I know, nothing has been changed regarding this. Where did you see the information that is now missing? All the information that is provided are the CVE IDs in package changelogs. This has been the case since as far as I can remember.

Re: CVE/OVAL Support

Posted: 2015/12/15 15:36:22
by nickf
The CIS OVAL site (or mitre) doesn't have information on any CVE for centos6 past CVE-2015-3456 (released 2015-06-02). The redhat OVAL site has up to CVE-2015-8548 (released 2015-12-14). Any idea who/what was updating the centos OVAL CVEs previously and/or why it stopped? Is there potentially anywhere else to get this information?
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited