RHSA vs CVE
Dmitry Makovey
dmitry at athabascau.ca
Wed Jun 13 21:40:52 UTC 2012
On June 13, 2012 14:50:56 Samuel Folk-Williams wrote:
> Hi - this article should help:
> https://access.redhat.com/knowledge/articles/124913
>
> Feel free to comment there with addition questions as well.
Thanks for the link I've managed to overlook it somehow.
It mentiones both OVAL and CVRF and spending some time staring at those files
I can't really find the mapping I'm looking for. I kind of vaguelly see how I
can "ductape it together" using what I've got plus some OVAL. CVRF seems to go
only as far as 2012 and I need older entries (unless I'm missing something
here).
Trying to save myself time parsing all the extra docs - what is the best way
to get mapping:
CVE -> RHEL/RPM version ?
RHSA is only a side-effect in my code as it was the only one providing package
names associated (albeit remotely) with CVE's
--
Dmitry Makovey
Web Systems Administrator
Athabasca University
(780) 675-6245
---
Confidence is what you have before you understand the problem
Woody Allen
When in trouble when in doubt run in circles scream and shout
http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330
--
This communication is intended for the use of the recipient to whom it
is addressed, and may contain confidential, personal, and or privileged
information. Please contact us immediately if you are not the intended
recipient of this communication, and do not copy, distribute, or take
action relying on it. Any communications received in error, or
subsequent reply, should be deleted or destroyed.
---
More information about the redhat-sysadmin-list
mailing list