Re: Mass update deployment strategy
On 2007-01-09, Florian Weimer <fw@deneb.enyo.de> wrote:
> * Javier Fernández-Sanguino Peña:
>
>> If your installation where slightly bigger (maybe 100 systems) I would
>> suggest you invest your time working with OVAL [1] and CVE [2]:
>>
>> a) deploy an OVAL agent at the nodes with apt-capabilities
>>
>> b) have a central OVAL server send new signatures to nodes so they can tell
>> you wether they are vulnerable or not (and need to have a DSA applied or
>> not)
>
> Does anyone publish Debian-specific OVAL signatures?
Not to my knowledge.
> Do you think there is a need for them?
No, too much beaucracy for too little gain.
Cheers,
Moritz
Reply to: