Hello I searched for this but was unsuccessful.
Question is: As long as a piece of software was installed from a Repo that originally came with Redhat, or the software was installed when the OS was installed, are its vulnerabilities covered by the open-scap scanner? And then software from other sources, like ones needing compiling, or coming from other repos that get installed on the system, are not covered by the scanner? Thanks Peter
_______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list