+++ This bug was initially created as a clone of Bug #1192428 +++ This is the same bug as BZ#1192428 but for RHEL-5 and openscap-1.0.8-1.el5_10. Description of problem: Validating of OVAL results displays: oval:mil.disa.fso.redhat.rhel6:obj:3184 - a var_ref has been supplied for the ind-def:pattern entity so a var_check should also be provided openscap-1.0.8-1.el6_5.1 How reproducible: Always Steps to Reproduce: 1. Downloading :: actually running 'wget http://iase.disa.mil/stigs/Documents/u_redhat_6_v1r5_stig_scap_1-1_benchmark.zip' 2. Unzipping :: actually running 'unzip u_redhat_6_v1r5_stig_scap_1-1_benchmark.zip -d stig' 3. Evaluating STIG profile :: actually running 'oscap xccdf eval --profile MAC-1_Public --report stig-xccdf-results.html --results stig-xccdf-results.xml --oval-results --cpe stig/U_RedHat_6_V1R5_Benchmark-cpe-dictionary.xml stig/U_RedHat_6_V1R5_Benchmark-xccdf.xml stig/U_RedHat_6_V1R5_Benchmark-oval.xml' 4. Validating XCCDF results :: actually running 'oscap xccdf validate-xml stig-xccdf-results.xml' 5. Validating OVAL results :: actually running 'oscap oval validate-xml --results --schematron U_RedHat_6_V1R5_Benchmark-oval.xml.result.xml' Actual results: <?xml version="1.0"?> oval:mil.disa.fso.redhat.rhel6:obj:3184 - a var_ref has been supplied for the ind-def:pattern entity so a var_check should also be provided Invalid OVAL Results content(5.8) in U_RedHat_6_V1R5_Benchmark-oval.xml.result.xml. (return code 2) Expected results: Nothing (return code 0) Additional info:
Very minor issue. The issue is only visible during schematron validation. That is something only a few customers do (if any). The OpenSCAP bits (1.0.8-1.el5_*) have been awarded certification by NIST. I see very little reason to patch this in RHEL-5.