Bug 1133963
Summary: | Rebase scap-security-guide in Red Hat Enterprise Linux 6 to current upstream version | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Jan Lieskovsky <jlieskov> |
Component: | scap-security-guide | Assignee: | Jan Lieskovsky <jlieskov> |
Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.7 | CC: | dapospis, ebenes, jlieskov, ksrot, mpreisle, pvrabec, rdoty, sforsber, slukasik, stephan.duehr, swells, tlavigne |
Target Milestone: | rc | Keywords: | Rebase |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | scap-security-guide-0.1.21-3.el6 | Doc Type: | Rebase: Bug Fixes and Enhancements |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-07-22 06:45:14 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1153397, 1159926, 1160321 |
Description
Jan Lieskovsky
2014-08-26 14:34:53 UTC
scap-security-guide version 0.1.19 has been released 28-09-2014: https://lists.fedorahosted.org/pipermail/scap-security-guide/2014-September/006185.html Selected short preview of key fixes: * support for XCCDF substitution has been added: https://github.com/OpenSCAP/scap-security-guide/commit/593044aea20407ca2f191c00b193ca2dbc896dbf * generated HTML guide now includes SSG logo: https://github.com/OpenSCAP/scap-security-guide/commit/69a68f15662343e5bd4bfe4a037d239eebe3a930 * umask supercompliance fixes: https://github.com/OpenSCAP/scap-security-guide/commit/f2718be96d1f53cc70f44a8d04ca8911ed10a655 https://github.com/OpenSCAP/scap-security-guide/commit/4f7300083d2c676e18996e82f687901e2be08862 https://github.com/OpenSCAP/scap-security-guide/commit/63d56b01ad22989d6e2eca2cb4e1336ccd521d0c https://github.com/OpenSCAP/scap-security-guide/commit/beea5f6c4e90b9be3fc8e6abbc02f287d645e66b https://github.com/OpenSCAP/scap-security-guide/commit/2cf5d8170a8b7474986db26acd4e49874ae57e71 https://github.com/OpenSCAP/scap-security-guide/commit/7e91e2eb74ca0687ef26c4c2644618a9f55895db * CPE fixes: https://github.com/OpenSCAP/scap-security-guide/commit/c79452fb56301b0f9aa8112cb0671603a29885c6 * multiple OVAL checks & remediations have been added (the patch list is too long to be enumerated here, search for 'added remediation' or 'new OVAL' in git log) * many more stabilization fixes Headlines of (upcoming) 0.1.20 features: * RHEL-6 USGCB kickstart support, * stabilization of RHEL-6 USGCB OVAL checks & remediations To prepare for a RHEL 6.7 rebase, when should upstream have their code freeze? Thanks! Shawn (In reply to Shawn Wells from comment #4) > To prepare for a RHEL 6.7 rebase, when should upstream have their code > freeze? > > Thanks! > Shawn From SSG upstream PoV there are two main features, that should go into future / next SSG releases: * USGCB kickstart support for Red Hat Enterprise Linux 6, and * JBossEAP 5 content support. Given the USGCB kickstart support is ~month away from completion, let's consider it will be implemented by the end of this year (time reserve due to end year holidays). Counting ~1,5 months for the second feature, we are in the middle of February. So let's round the date(s) as follows: * 0.1.20 upstream release by end of this year, * 0.1.21 at 20-th February of 2015 (the date to be easily memorable). The RHEL 6.7 beta Package scap-security-guide-0.1.21-2.el6.noarch.rpm still has a dependency on openscap-utils, but it should depend on openscap-scanner as RHEL 6.7 beta now has a separate openscap-scanner package. Dependending on openscap-utils leads to installation of eg. rpm-build, rpmdevtools, gdb. (In reply to Stephan Dühr from comment #25) > The RHEL 6.7 beta Package scap-security-guide-0.1.21-2.el6.noarch.rpm still > has a dependency on openscap-utils, but it should depend on openscap-scanner > as RHEL 6.7 beta now has a separate openscap-scanner package. Dependending > on openscap-utils leads to installation of eg. rpm-build, rpmdevtools, gdb. Thank you for your report, Stephan. I have filed: https://bugzilla.redhat.com/show_bug.cgi?id=1243396 bug to track the request scap-security-guide RPM instead of openscap-utils to (R / BR) depend the lightweight openscap-scanner package. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-1334.html |