Bug 1284048 - Request for port of existing (CNSSI) No. 1253 (nist-CL-IL-AL) profile from RHEL-6 to RHEL-7
Request for port of existing (CNSSI) No. 1253 (nist-CL-IL-AL) profile from RH...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: scap-security-guide (Show other bugs)
7.3
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Jan Lieskovsky
Marek Haicman
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-11-20 11:17 EST by Andrew Shewmaker
Modified: 2016-11-04 03:32 EDT (History)
4 users (show)

See Also:
Fixed In Version: scap-security-guide-0.1.30-1.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-11-04 03:32:49 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Andrew Shewmaker 2015-11-20 11:17:49 EST
Description of problem:

The current version of the SCAP Security Guide does not include the CNSS No. 1253 Profile. Upstream does have the profile available for RHEL 6, but not 7. This bug is intended to confirm customer interest (at least Los Alamos National Laboratory) in this feature.

https://github.com/OpenSCAP/scap-security-guide/blob/master/RHEL/6/input/profiles/nist-CL-IL-AL.xml

Upstream tracking of this issue is at

https://github.com/OpenSCAP/scap-security-guide/issues/858
Comment 3 Jan Lieskovsky 2016-05-10 10:49:00 EDT
Proposed upstream patch:
  https://github.com/OpenSCAP/scap-security-guide/pull/1239
Comment 7 Marek Haicman 2016-06-30 06:26:49 EDT
List of profiles in version scap-security-guide-0.1.30-1.el7

C2S for Red Hat Enterprise Linux 7                                              
CNSSI 1253 Low/Low/Low Control Baseline for Red Hat Enterprise Linux 7          
Common Profile for General-Purpose Systems                                      
Criminal Justice Information Services (CJIS) Security Policy                    
Documentation to Support C2S/CIS  Mapping                                       
Documentation to Support DISA OS SRG Mapping                                    
Introduction                                                                    
PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7                      
Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)                
Remediation functions used by the SCAP Security Guide Project                   
Services                                                                        
Standard System Security Profile                                                
STIG for Red Hat Enterprise Linux 7 Server                                      
STIG for Red Hat Enterprise Linux 7 Server Running GUIs                         
STIG for Red Hat Enterprise Linux 7 Workstation                                 
System Settings                                                                 
United States Government Configuration Baseline (USGCB / STIG) 



Profile CNSSI 1253 Low/Low/Low Control Baseline for Red Hat Enterprise Linux 7 contains sane rules.
Comment 9 errata-xmlrpc 2016-11-04 03:32:49 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2483.html

Note You need to log in before you can comment on or make changes to this bug.