2176081 – xmlfilecontent probe produces invalid OVAL results

Bug 2176081 - xmlfilecontent probe produces invalid OVAL results

Summary: xmlfilecontent probe produces invalid OVAL results

Keywords:
Status:	POST
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	openscap
Sub Component:
Version:	7.9
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Jan Černý
QA Contact:	BaseOS QE Security Team
Docs Contact:
URL:
Whiteboard:
Depends On:	2138884
Blocks:	2139060 2165580 2165581
TreeView+	depends on / blocked

Reported:	2023-03-07 10:53 UTC by Jan Černý
Modified:	2023-08-11 13:21 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:	2138884
Environment:
Last Closed:
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHELPLAN-150902	0	None	None	None	2023-03-07 10:54:52 UTC

Comment 1 Jan Černý 2023-07-03 09:47:52 UTC

The offending rule firewalld_sshd_port_enabled is part of the cjis, ncp, rhelh-stig and rht-ccp profiles that are shipped in scap-security-guide-0.1.66-1.el7_9.noarch which is shipped in RHEL 7. Therefore, this bug currently affects the users of these profiles on RHEL 7. The impact is that the customers using these profiles will get invalid XML OVAL results, which is serious.

Comment 2 Matěj Týč 2023-08-11 13:21:31 UTC

Correction of the previous item - the issue is serious only in the context of the mentioned profiles. Those profiles are, however, relatively low-profile. Other profiles than cjis, ncp, rhelh-stig and rht-ccp shipped in RHEL7 are also better in almost all aspects, and much popular as well.
Given that and the risk-based approach to fixing issues in RHEL7, this fix doesn't qualify to being backported under the current conditions.

Note You need to log in before you can comment on or make changes to this bug.