Red Hat: Custom RPM Repository Handling Improvements...
Red Hat: Custom RPM Repository Handling Improvements Summary Users with custom Red Hat repository naming conventions in their enterprise can now upload a custom mapping file in json format that maps custom RPM repository relative URLs to the official Red Hat counterparts for the purposes of vulnerability scanning. Problem Many Red Hat and Tenable customers utilize custom repository configurations and/or mirrors. In these cases, where neither the configured repository label or URL match Red Hat’s official mapping, Tenable plugins are unable to determine what software updates are available to the scan target. This can result in an increased number of potential false positive findings for Red Hat Local Checks. Solution With this update, we have introduced a method that allows users to upload a json file via their scan policy that maps their internal custom repository relative URL to the official Red Hat label and URL of the repository it mirrors. To upload this json file to your scan policy, go to “Settings > Advanced > Vulnerability Options > Custom Red Hat Repository Mapping” and click on the “Add File” link. For a more detailed overview of how this works in practice, please refer to the following user guide: How Red Hat Local Vulnerability Checks Use Repositories To Determine Scope Impacted Plugins All plugins in the Red Hat Local Security Checks family New plugin added: Plugin ID 233963, redhat_custom_repos.nasl Updated Scan Policy Templates Nessus Scanner Advanced Scan Advanced Dynamic Scan Basic Network Scan Nessus Agents Advanced Agent Scan Basic Agent Scan Targeted Release Date Nessus and Tenable VM: Monday, April 14, 2025 Tenable Security Center: TBC
Red Hat Satellite Server Scanning Improvements Summary We...
Red Hat Satellite Server Scanning Improvements Summary We have improved the collection method of the Red Hat Satellite Server Integration. Data is now collected on a per-host basis instead of collecting all the hosts at once. This will potentially result in additional API calls to the Red Hat Satellite Server, but should lead to improved scan times and reliability. Impact 84232 : Red Hat Satellite 6 Settings 84231 : Red Hat Satellite Get Installed Packages 84233 : Red Hat Satellite 6 Report All Red Hat local checks for Red Hat Linux Feature Release Date ImmediateRed Hat Satellite Server Katello API Support Deprecated...
Red Hat Satellite Server Katello API Support Deprecated Summary Tenable has deprecated support for the Red Hat Satellite Server 6 ‘/katello/api/’ line of endpoints. Red Hat no longer supports these endpoints as of 2016. This only affects Red Hat Satellite Server older than 6.1, version 6.2 and beyond use ‘/api/v2/’ endpoints. The existing functionality for ‘/katello/api’ will remain in place but we will no longer work on providing upgrades or supporting bug fixes beyond security concerns. If the modern ‘/api/v2’ is not detected and the ‘/katello/api/’ line of the API’s are detected the integration will warn about legacy API usage. Impact 84232 : Red Hat Satellite 6 Settings 84231 : Red Hat Satellite Get Installed Packages 84233 : Red Hat Satellite 6 Report All Red Hat local checks for Red Hat Linux Feature Release Date Immediate