Hide Forgot
Description of problem: Client variant of Red Hat Enterprise Linux 6, is not recognized as RHEL by OVAL rules in CPE definitions shipped with SSG. Thus scanning on this variant would produce meaningless results. Version-Release number of selected component (if applicable): scap-security-guide-0.1.28-3.el6 How reproducible: reliably Steps to Reproduce: 1. oscap oval eval /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml Actual results: Definition oval:ssg-installed_OS_is_rhel6:def:1: false Expected results: Definition oval:ssg-installed_OS_is_rhel6:def:1: true Additional info:
There is a fix upstream: https://github.com/OpenSCAP/scap-security-guide/pull/1702
Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available. The official life cycle policy can be reviewed here: http://redhat.com/rhel/lifecycle This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL: https://access.redhat.com/