Bug 503593 - Include openscap package
Summary: Include openscap package
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: openscap
Version: 6.0
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: Peter Vrabec
QA Contact: Ondrej Moriš
: 449163 (view as bug list)
Depends On:
Blocks: 519820
TreeView+ depends on / blocked
Reported: 2009-06-01 19:54 UTC by Steve Grubb
Modified: 2018-10-27 12:31 UTC (History)
8 users (show)

Fixed In Version: openscap-0.5.11-1.el6
Doc Type: Enhancement
Doc Text:
Clone Of:
Last Closed: 2010-07-02 19:39:34 UTC

Attachments (Terms of Use)

Description Steve Grubb 2009-06-01 19:54:54 UTC
Please include the openscap package in RHEL6. This will provide a common SCAP implementation that various tools can use.

Comment 1 Bill Nottingham 2009-06-02 18:47:56 UTC
Under what circumstances should it be installed?

Comment 2 Steve Grubb 2009-06-02 19:04:19 UTC
The package, at this point, does not need to be installed until needed. The openscap package is to provide the foundation for SCAP enabled tools. SCAP will find its way into our layered products, we have partners that can leverage it just by it being available, our security response team can issue perl scripts that customers can use to check their patch level, some of our security guidance doc writers would like to swing their tools over to take advantage of this if its known to be included, and it would also make a big statement that we intend to back SCAP.

Comment 4 RHEL Product and Program Management 2009-06-15 21:01:26 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for

Comment 5 Rick Ring 2009-06-22 14:16:35 UTC
Please also include the openscap package in upcoming releases of RHEL4 and RHEL5.  Current customers need the same capability.

Government customers have a difficult time finding the right package version for a given IA requirement. In some cases, there's a CVE number, and that's made useful by the yum-security plugin and the RHN http://rhn.redhat.com/cve/CVE-xxxx-xxxx.html content. Sometimes, there is no CVE number. In either case, many have grown accustomed to writing their own scripts to parse the rpm changelog for the fix that they need. This is obviously wrong, but there's no good alternative -- especially if they're disconnected from RHN.  Users can download OpenSCAP today. It's not supported, but it's able to read the Security Response Team's OVAL content, which can be downloaded and used offline. Support for NIST's XCCDF content for RHEL is almost there, and later in 2009 will have full SCAP support.

Comment 6 Steve Grubb 2009-09-28 20:59:32 UTC
*** Bug 449163 has been marked as a duplicate of this bug. ***

Comment 9 Ondrej Moriš 2010-04-14 13:22:54 UTC
Successfully verified on all archs.

Package openscap-0.5.6-1.el6 is included in RHEL6-20100408.0 tree, rpmbuild successfully builds the package, all functionality work as expected according to self-test. 

However there is a minor issue on i386 (BZ#581851), it's definitely not a blocking bug.

Comment 10 releng-rhel@redhat.com 2010-07-02 19:39:34 UTC
Red Hat Enterprise Linux Beta 2 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.

Note You need to log in before you can comment on or make changes to this bug.