Bug 2176081

Summary: xmlfilecontent probe produces invalid OVAL results
Product: Red Hat Enterprise Linux 7 Reporter: Jan Černý <jcerny>
Component: openscapAssignee: Jan Černý <jcerny>
Status: POST --- QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.9CC: ekolesni, matyc, mhaicman, mmarhefk
Target Milestone: rcKeywords: AutoVerified, Triaged, ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: 2138884 Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2138884    
Bug Blocks: 2139060, 2165580, 2165581    

Comment 1 Jan Černý 2023-07-03 09:47:52 UTC 
The offending rule firewalld_sshd_port_enabled is part of the cjis, ncp, rhelh-stig and rht-ccp profiles that are shipped in scap-security-guide-0.1.66-1.el7_9.noarch which is shipped in RHEL 7. Therefore, this bug currently affects the users of these profiles on RHEL 7. The impact is that the customers using these profiles will get invalid XML OVAL results, which is serious.
Comment 2 Matěj Týč 2023-08-11 13:21:31 UTC 
Correction of the previous item - the issue is serious only in the context of the mentioned profiles. Those profiles are, however, relatively low-profile. Other profiles than cjis, ncp, rhelh-stig and rht-ccp shipped in RHEL7 are also better in almost all aspects, and much popular as well.
Given that and the risk-based approach to fixing issues in RHEL7, this fix doesn't qualify to being backported under the current conditions.