Updating OVAL definitions

marco · July 22, 2021, 2:52pm

Hello,

I have no errors when using
greenbone-nvt-sync,
greenbone-scapdata-sync,
greenbone-certdata-sync

But the mosts recents OVALs definition (secinfo / oval definition) are from 2015
For NVTs and CVE the update looks good

Any Idea ?
Does the lake of update of OVALs definitions can explain that some vulnerabilities are not discovered by openvas ?

gsad --version :
Greenbone Security Assistant 20.08.1~git-28ffce808-gsa-20.08

gvmd --version :
Greenbone Vulnerability Manager 20.08.1~git-01e1bc05-gvmd-20.08
GIT revision 01e1bc05-gvmd-20.08
Manager DB revision 233

openvas --version :
OpenVAS 20.8.2
gvm-libs 20.8.2~git-aa3bba1-gvm-libs-20.08

Regards,
marco

Martin · July 23, 2021, 2:34pm

Hello marco, welcome to the Greenbone Community!

We are no longer updating the OVAL data in the feed, so this is expected behaviour. In the upcoming release 21.10, we will remove support for OVAL definitions.

However, this is all unrelated to missing vulnerabilities during scans. Only NVTs are executed during scans, all other SecInfo data is just for reference in the scan results.

Please check the https://community.greenbone.net/c/gse/16 forum, if your problem persists.

marco · July 23, 2021, 4:04pm

Hello Martin,

so i’ll try to find somewhere else in my configuration what is missing to detect the printnightmare,
Thanks you for your reply,