Description of problem:
Profile anssi_bp28_enhanced doesn't select rule 'selinux_state'.
But the lower (anssi_bp28_intermediary) and higher (anssi_bp28_high) level hardening profiles select the rule.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. oscap xccdf eval --profile anssi_bp28_enhanced /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
Rule selinux_state is not evaluated on a scan with 'anssi_bp28_enhanced'.
Rule selinux_state should be evaluated when profile 'anssi_bp28_enhanced' is scanned.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (scap-security-guide bug fix and enhancement update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.