Bug 2028428 - Update source of CVE data in data stream
Summary: Update source of CVE data in data stream
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: scap-security-guide
Version: 8.5
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: rc
: ---
Assignee: Vojtech Polasek
QA Contact: Milan Lysonek
Mirek Jahoda
URL:
Whiteboard:
Depends On:
Blocks: 2028432 2028435
TreeView+ depends on / blocked
 
Reported: 2021-12-02 11:46 UTC by Matus Marhefka
Modified: 2023-02-16 16:43 UTC (History)
9 users (show)

Fixed In Version: scap-security-guide-0.1.60-1.el8
Doc Type: Known Issue
Doc Text:
.CVE OVAL feeds are now only in the compressed format, and data streams are not in the SCAP 1.3 standard Red Hat provides CVE OVAL feeds in the bzip2-compressed format and are no longer available in the XML file format. Because referencing compressed content is not standardized in the Security Content Automation Protocol (SCAP) 1.3 specification, third-party SCAP scanners can have problems scanning rules that use the feed.
Clone Of:
: 2028432 2028435 (view as bug list)
Environment:
Last Closed: 2022-05-10 14:15:29 UTC
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-104545 0 None None None 2021-12-02 11:51:25 UTC
Red Hat Product Errata RHBA-2022:1900 0 None None None 2022-05-10 14:15:52 UTC

Comment 2 Matěj Týč 2021-12-08 10:22:14 UTC 
https://github.com/ComplianceAsCode/content/pull/7949
Comment 5 Evgeny Kolesnikov 2022-02-02 10:10:59 UTC 
The scapval utility is not happy with xml.bz2 extension and it does not understand its contents, but we don't really care.
Comment 12 errata-xmlrpc 2022-05-10 14:15:29 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (scap-security-guide bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:1900
Note You need to log in before you can comment on or make changes to this bug.