Red Hat makes patching easier


Red Hat makes patching easier

Antony Savvas

Red Hat is providing easier security management for customers by becoming certified for Open Vulnerability and Assessment Language (Oval) definitions for its Red Hat Enterprise Linux 3 and 4 security advisories.

Red Hat will now produce and support Oval patch definitions to provide a structured and machine-readable version of advisories, allowing Oval-compatible tools to accurately test for the presence of vulnerabilities.

The Oval project, maintained by the Mitre Corporation, is an international information-security effort that promotes open and publicly available security content. It seeks to standardise the transfer of this information across the entire spectrum of security tools and services. 

With Oval compatibility, Red Hat Enterprise Linux users can benefit from the use of third party, Oval-compatible patch auditing and compliance tools to audit their systems. 

By providing an alternative, machine-readable view of Red Hat security errata advisories, users can now integrate data about vulnerabilities from the Red Hat Security Response team into their existing vulnerability management processes. 

All users will continue to use the Red Hat Network to manually or automatically obtain updates in addition to this new security view.

"The translation of Red Hat errata into Oval allows organisations looking to secure Red Hat operating systems to rely on open, standards-based tests that can be digested by assessment tools in order to perform instant and automated evaluations," said Matthew Wojcik, senior information security engineer and Oval moderator at the Mitre Corporation. 

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy