Updated openscap packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
The openscap packages provide OpenSCAP, which is a set of open source libraries for the integration of the Security Content Automation Protocol (SCAP). SCAP is a line of standards that provide a standard language for the expression of Computer Network Defense (CND) related information.
The openscap packages have been upgraded to upstream version 0.9.12, which provides a number of bug fixes and enhancements over the previous version. This update adds support for the National Institute of Standards and Technology's (NIST) SCAP 1.2 standard, so that all content, such as the following, is correctly supported: the Red Hat Enterprise Linux 5 Security Technical Implementation Guide (STIG), The United States Government Configuration Baseline (USGCB), and Red Hat Security Advisory content. (BZ#956763
Previously, the oscap utility did not properly handle the process of object evaluation while querying the RPM database (RPMDB). RPMDB iterators created upon the query were not correctly removed if the process was aborted, which led to RPMDB corruption. With this update, the created RPMDB iterators are now removed correctly and process abortion no longer causes RPMDB corruption.
Users of openscap are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.