Bug 1996678
| Summary: | Update rhel7 DISA STIG profile to v3r5 | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Matthew Burket <mburket> |
| Component: | scap-security-guide | Assignee: | Matthew Burket <mburket> |
| Status: | CLOSED ERRATA | QA Contact: | Milan Lysonek <mlysonek> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.9 | CC: | ggasparb, jreznik, mhaicman, mlysonek, vpolasek, wsato |
| Target Milestone: | rc | Keywords: | Rebase, Triaged, ZStream |
| Target Release: | --- | Flags: | pm-rhel:
mirror+
|
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | scap-security-guide-0.1.57-1.el7_9 | Doc Type: | Enhancement |
| Doc Text: |
.Profiles for DISA STIG version v3r5
The Defense Information Systems Agency (DISA) has published an updated version of the Secure Technical Implementation Guide (STIG) for RHEL 7 version 3, release 5. The update available with the link:https://access.redhat.com/errata/RHBA-2021:XXXX[RHBA-2021:XXXX] advisory:
* Aligns all rules within the existing `xccdf_org.ssgproject.content_profile_stig` and `xccdf_org.ssgproject.content_profile_stig_gui` profiles with the latest STIG release.
The following rule has changed its behavior:
CCE-27485-2:: Fails after initial RHEL installation because targeted files are only generated after first boot. Run the remediation again to fix it.
Use only the current version of this profile because the older versions of this profile are no longer valid. Some rules have been replaced/added, and scans using the `V3R5` version will fail for systems that were hardened using older versions of SCAP Security Guide. You can fix the rules automatically by running the remediation with the new version of SCAP Security Guide.
WARNING: Automatic remediation might render the system non-functional. Run the remediation in a test environment first.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-11-23 17:14:34 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Comment 16
Gabriel Gaspar Becker
2021-11-03 12:38:08 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (scap-security-guide bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:4781 |