Improved Red Hat Enterprise Linux Repo Detection

Summary

Tenable is releasing an improvement to how we determine the source repository for packages in Red Hat Enterprise Linux local security checks. With this improved logic, customers will see more accurate scan results.

Impact

This improvement is significant for our customers with Red Hat Enterprise Linux systems, particularly those who use non-public package repository mirrors. If a customer’s mirrors do not match the relative URL structure found in Red Hat’s repository-to-cpe mapping, they will now experience more accurate scan results. This change is particularly beneficial for packages from application-specific repositories such as Ansible, Openshift, and Ceph, among others.

See our Knowledge Article on How ‘Red Hat Local Security Checks’ Operate for more information.

Note: Configuring package mirrors using the relative URLs from Red Hat’s repository-to-cpe mapping will result in the most accurate findings.

Affected Plugins

There will be approximately 1500 plugins modified to include this logic.

Target Release Date

June 3, 2024