Ryan
10/20/2021, 9:18 AM/etc/redhat-release
. How does the vulnerability scanner determine if a package is vulnerable or not? Is it based on the distro it thinks it is running?$ cat /etc/os-release
NAME="Oracle Linux Server"
VERSION="7.9"
ID="ol"
ID_LIKE="fedora"
VARIANT="Server"
VARIANT_ID="server"
VERSION_ID="7.9"
PRETTY_NAME="Oracle Linux Server 7.9"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:oracle:linux:7:9:server"
HOME_URL="<https://linux.oracle.com/>"
BUG_REPORT_URL="<https://bugzilla.oracle.com/>"
ORACLE_BUGZILLA_PRODUCT="Oracle Linux 7"
ORACLE_BUGZILLA_PRODUCT_VERSION=7.9
ORACLE_SUPPORT_PRODUCT="Oracle Linux"
ORACLE_SUPPORT_PRODUCT_VERSION=7.9
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.9 (Maipo)
/etc/redhat-release
to be present when /etc/os-release
is, but I don’t know C++ very well 🤔 🙂
https://github.com/osquery/osquery/blob/master/osquery/tables/system/linux/os_version.cppRiccardo
10/20/2021, 1:56 PMRyan
10/20/2021, 1:59 PMTomas Touceda
10/20/2021, 2:07 PMMystery Incorporated
10/20/2021, 3:10 PMRyan
10/20/2021, 4:06 PMcurl
and the kernel
Mystery Incorporated
10/21/2021, 1:47 AM