On 05-10-2017 15:22, Carlos E. R. wrote:
On 2017-10-05 09:32, Klaus Vink Slott wrote:
Hi guys
I need a little help here: Based on a scanning from the national CERT my security officer claims that I am running outdated software.
...
Any security "scanning" based on packages release versions on openSUSE is absurd, and your security officer should know it.
You would surprised if you knew what we have to deal with in an big organization like ours (University of Copenhagen). Actually the security guy is alright but not with a deep technical background. I am a bit more disturbed about the Danish CERT forcing us to respond to useless "security report" like the mentioned. The report simply stated the returned version string and listed all the CVE's between that and the current version. -- Regards Klaus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org