[ale] NanoPC
James Taylor
James.Taylor at eastcobbgroup.com
Thu Mar 6 14:30:32 EST 2014
I run into this all the time with bank and pci security audits on the
SLES systems I support.
-jt
James Taylor
678-697-9420
james.taylor at eastcobbgroup.com
>>> "Lightner, Jeff" <JLightner at dsservices.com> 3/6/2014 1:35 PM >>>
Another issue we see is most security scanning tools are brain dead and
will flag properly patched RHEL versions of software as being vulnerable
because they only look at the base upstream version and ignore the
extended versioning RHEL puts its backported updates that address the
same CVEs they’re flagging.
More information about the Ale
mailing list