Oracle Linux support for Clair and Vuls
Clair by CoreOS
From the CoreOS website:
Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers.
Vulnerability data is continuously imported from a known set of sources and correlated with the indexed contents of container images in order to produce lists of vulnerabilities that threaten a container. When vulnerability data changes upstream, the previous state and new state of the vulnerability along with the images they affect can be sent via webhook to a configured endpoint. All major components can be customized programmatically at compile-time without forking the project.
Both now support Oracle Linux as a scanning target and will report any vulnerabilities detected in uploaded images.
Vuls (VULnerability Scanner) is an
open source scanner written in Go. It’s designed to scan images on a Linux or
FreeBSD host and supports several target operating systems including Oracle Linux,
Ubuntu, Debian, CentOS, Amazon Linux, Red Hat Enterprise Linux, FreeBSD and
Vuls is an agentless scanner which only requires a single host which is configured with SSH access to all target machines. It includes a text-based report viewer and can provide reporting to web-based engines like VulsRepo.
If you have any issues with the Oracle Linux integration for one of these products, please open an issue with the product directly, usually via their GitHub repository. I’m sure they’ll ping me to take a look.