I was looking at what is available for checks in Fedora compared to RHEL
by using scap-workbench customization and found tha Fedora was missing a
lot, even when the test commands were available (e.g yum check-update) in
Fedora.
I can believe that doing CVE checks for Fedora would be a significant
amount of ongoing work that no one might want to do, but most stuff that
works in RHEL is probably available in Fedora. And new stuff in Fedora
that requires changes is likely to eventually show up in future RHEL
versions and not be completely extra work.
--
SCAP Security Guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
