Bug 1448504

Summary: Wrong criterion in OVAL files
Product: [Other] Security Response Reporter: King's Way <io>
Component: dataAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: vdanen
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1444716    
Bug Blocks:    

Description King's Way 2017-05-05 15:22:59 UTC 
There is a mistake in the oval file provided here.(https://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_7.xml)

The definition of 'RHSA-2017:0372' does not provide a 'criterion' to check whether the kernel is compiled with target aarch64 or not.

Actually, the 'test criterion' (oval:com.redhat.rhsa:tst:20170372013) will always return true on RHEL7 of any other architecture.

So, it will make many tools fail at this...


--------------------------------------------------------------------------
wrong lines pasted below
--------------------------------------------------------------------------
<criteria operator="AND">
  <criteria operator="OR">
     <criterion comment="Red Hat Enterprise Linux 7 Client is installed" test_ref="oval:com.redhat.rhsa:tst:20140675001"/>
     <criterion comment="Red Hat Enterprise Linux 7 Server is installed" test_ref="oval:com.redhat.rhsa:tst:20140675002"/>
     <criterion comment="Red Hat Enterprise Linux 7 Workstation is installed" test_ref="oval:com.redhat.rhsa:tst:20140675003"/>
     <criterion comment="Red Hat Enterprise Linux 7 ComputeNode is installed" test_ref="oval:com.redhat.rhsa:tst:20140675004"/>
     </criteria>

     <criteria operator="OR">
       <criteria operator="AND">
         <criterion comment="kernel is earlier than 0:4.5.0-15.2.1.el7" test_ref="oval:com.redhat.rhsa:tst:20170372013"/>   
         <criterion comment="kernel is signed with Red Hat redhatrelease2 key"
......
......
--------------------------------------------------------------------------
Comment 2 Martin Preisler 2017-06-27 15:44:56 UTC 
Thanks for reporting this bug. We are working towards fixing this and regenerating the OVAL feeds with the criterion added.