[Bug Fix Advisory] RHBA-2018:2752 scap-security-guide bug fix update

The following Red Hat Bug Fix Advisory has been published which may affect packages you have installed on your system.

RHBA-2018:2752 scap-security-guide bug fix update


Updated scap-security-guide packages that fix several bugs are now available for Red Hat Enterprise Linux 7.

The scap-security-guide project provides a guide for configuration of the system from the final system’s security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines.

This update fixes the following bugs:

* Previously, the playbook for setting SELinux policy did not include the “state” parameter to the Ansible SELinux module. As a consequence, remediation playbooks generated by the oscap command failed to set the SELinux policy accordingly to the “var_selinux_policy_name” variable. With this update, the remediation playbook has been changed to use the “lineinfile” module, and it can now correctly set the SELinux policy as defined in “var_selinux_policy_name”. (BZ#1601929)

* Prior to this update, the Extensible Configuration Checklist Description Format (XCCDF) benchmark contained the octal umask value for the “/etc/login.defs” file converted to the decimal format. Consequently, Ansible remediations against Red Hat Enterprise Linux 7 incorrectly set the “accounts_umask_etc_login_defs” value. The umask value format in the XCCDF benchmark has been fixed, the umask entry now correctly passes through. (BZ#1601931)

* Previously, parts of the OpenSCAP code generating Ansible remediation playbooks contained typos in the path to the dconf database directory. As a consequence, remediation tasks failed with the “OSError: [Errno 20] Not a directory: ‘/etc/dconf/db/local/d'” error message. The typos have been fixed, and the Ansible remediation tasks by OpenSCAP-generated playbooks now succeed. (BZ#1601933)

Users of scap-security-guide are advised to upgrade to these updated packages, which fix these bugs.

Full details and references:


Revision History:

Issue Date: 2018-09-25

Updated: 2018-09-25


免责声明: IT学馆所发布的一切资源及文章仅限用于学习和研究目的;不得将上述内容用于商业或者非法用途,否则,一切后果请用户自负。本站信息来自网络,版权争议与本站无关。您必须在下载后的24个小时之内,从您的电脑中彻底删除上述内容。如果您喜欢该程序,请支持正版软件,购买注册,得到更好的正版服务。如有侵权请邮件与我们联系处理。admin@itxueguan.com
0 条回复 A 作者 M 管理员
欢迎您,新朋友,感谢参与互动!欢迎您 {{author}},您在本站有{{commentsCount}}条评论