From c7dfaf45f7adbbc6598d46d60e05e4a2442efbbc Mon Sep 17 00:00:00 2001
From: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Date: Thu, 20 Jun 2024 13:55:45 -0400
Subject: [PATCH] Update docs: Vulnerability Processing page (#19861)
- Fleet detects vulns (CVEs) for Linux kernels: #18053
---
docs/Using Fleet/Vulnerability-Processing.md | 42 +-------------------
1 file changed, 1 insertion(+), 41 deletions(-)
diff --git a/docs/Using Fleet/Vulnerability-Processing.md b/docs/Using Fleet/Vulnerability-Processing.md
index 1b7f986fa6..2217919782 100644
--- a/docs/Using Fleet/Vulnerability-Processing.md
+++ b/docs/Using Fleet/Vulnerability-Processing.md
@@ -20,51 +20,11 @@ Fleet detects vulnerabilities for these software types:
| ------------------- | ------------------------------------------ | ------------------------------------------------ | ---------------- |
| Apps | ✅ | ✅ | ❌ |
| Browser plugins | Chrome extensions, Firefox extensions | Chrome extensions, Firefox extensions | ❌ |
-| Packages | Python, Homebrew | Python, Atom, Chocolatey | Adhere to whatever is defined in the [OVAL definitions](https://github.com/fleetdm/nvd/blob/master/oval_sources.json), except for kernel vulnerabilities and vulnerabilities involving configuration files. Supported distributions: - Ubuntu
- RHEL based distros (Red Hat, CentOS, Fedora, and Amazon Linux)
|
+| Packages | Python, Homebrew | Python, Atom, Chocolatey | Packages defined in the [OVAL definitions](https://github.com/fleetdm/nvd/blob/master/oval_sources.json), except for vulnerabilities involving configuration files. Supported distributions: - Ubuntu
- RHEL based distros (Red Hat, CentOS, Fedora, and Amazon Linux)
|
| IDE extensions | VS Code extensions | VS Code extensions | VS Code extensions |
As of right now, only app names with all ASCII characters are supported. Apps with names featuring non-ASCII characters, such as Cyrillic, will not generate matches.
-## Configuration
-
-When upgrading to Fleet 4.7.0 or later, vulnerability processing is automatically enabled if
-vulnerability processing and software inventory are not explicitly disabled.
-
-If you explicitly disabled vulnerability processing, and now would like to enable this feature, first enable the software inventory feature by setting the following app config:
-
-```yaml
----
-apiVersion: v1
-kind: config
-spec:
- features:
- enable_software_inventory: true
-```
-
-Then, enable vulnerability processing by specifying a path where Fleet will download the different
-data feeds. This can be done by setting the following app config:
-
-```yaml
----
-apiVersion: v1
-kind: config
-spec:
- vulnerabilities:
- databases_path: /some/path
-```
-
-Or through environment variables:
-
-```text
-FLEET_VULNERABILITIES_DATABASES_PATH=/some/path
-```
-
-The path specified needs to exist and Fleet needs to be able to read and write to and from it. This is the only mandatory
-configuration needed for vulnerability processing to work. Additional options, like vulnerability check frequency, can be
-found in the [configuration documentation](https://fleetdm.com/docs/deploying/configuration#vulnerabilities).
-
-You'll need to restart the Fleet instances after changing these settings.
-
### Advanced configuration
Fleet runs vulnerability downloading and processing via internal scheduled cron job. This internal mechanism is very useful