• Hip to be... OVAL

    Earlier this month Red Hat started publishing Open Vulnerability and Assessment Language (OVAL) definitions for Red Hat Enterprise Linux security issues and today we obtained official compatibility. But what are these definitions, how do you use them, and why are they important? One of the goals of Red Hat Enterprise Linux is to maintain backward compatibility of the packages we ship where possible. This goal means making sure that when we release security updates to fix vulnerabilities that...
    Posted 2006-06-21T00:00:00+00:00 - 0
  • Another "Days of Risk" study

    Today a "Role Comparison Report" from Security Innovation was published which has a headline that we fix security issues less than half as fast as Microsoft. Red Hat was not given an opportunity to examine the "Role Comparison Report" or it's data in advance of publication and we believe there to be inaccuracies in the published "days of risk" metrics. These metrics are significantly different from our own findings based on data sets made publicly available by our Security Response Team....
    Posted 2005-03-22T00:00:00+00:00 - 0
  • Survivability

    In the Red Hat earnings call last night, Matthew Szulik mentioned some statistics on the survivability of Red Hat Enterprise Linux 3. In August 2004, SANS Internet Storm Center published statistics on the survival time of Windows by looking at the average time between probes/worms that could affect an unpatched system. The findings showed that it would take only 20 minutes on average for a machine to be compromised remotely, less than the time it would take to download all the updates to...
    Posted 2004-09-21T00:00:00+00:00 - 0



Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.