Issued:: 2020-11-03
Updated:: 2020-11-03

RHBA-2020:4626 - Bug Fix Advisory

Overview
Updated Packages

Synopsis

scap-security-guide bug fix and enhancement update

Type/Severity

Bug Fix Advisory

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for scap-security-guide is now available for Red Hat Enterprise
Linux 8.

Description

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.6 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat Enterprise Linux Server - TUS 8.8 x86_64
Red Hat Enterprise Linux Server - TUS 8.6 x86_64
Red Hat Enterprise Linux Server - TUS 8.4 x86_64
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Fixes

BZ - 1750526 - open scap remediation script: ssg-rhel8-role-ospp.sh placing duplicate entries into /etc/selinux/config file.
BZ - 1760734 - [RFE] Provide CIS profile for RHEL8
BZ - 1761906 - Check for module skipping in accounts_passwords_pam_faillock_deny is tricked by comment in config file
BZ - 1762962 - [RFE] provide NIST 800-171 on RHEL 8
BZ - 1765981 - oscap is testing for audispd on rhel8
BZ - 1781606 - Remediation of rule rsyslog_files_permissions produces error result
BZ - 1813066 - sshd rekey limit update for OSPP
BZ - 1815007 - Rebase scap-security-guide in Red Hat Enterprise Linux 8.3 to latest upstream version
BZ - 1821343 - Ansible remediations for mount_option_dev_shm_noexec and openssl_use_strong_entropy not aligned with OVAL
BZ - 1829476 - add rsa-sha2-256,rsa-sha2-512 to PubkeyAcceptedKeyTypes for OSPP
BZ - 1832760 - (RFE) Add HIPAA profile into RHEL8 compliance content
BZ - 1836873 - Rule no_shelllogin_for_systemaccounts scan against ubi8 container results in unknown result
BZ - 1852367 - xccdf_org.ssgproject.content_rule_selinux_all_devicefiles_labeled fails when a symlink or regular file is labeled with "device_t"
BZ - 1852928 - Remove CCM mode from TLS settings
BZ - 1854854 - Content contains wrong link to documentation for "Protecting GRUB 2 with a Password"
BZ - 1867559 - Description of HIPAA profile is misleading

CVEs

(none)

References

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/index

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
s390x
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
s390x
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
s390x
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
s390x
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for Power, little endian 8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
ppc64le
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
ppc64le
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
ppc64le
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
ppc64le
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux Server - TUS 8.4

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for ARM 64 8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
aarch64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
aarch64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
aarch64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
aarch64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
ppc64le
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
ppc64le
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
ppc64le
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM
scap-security-guide-0.1.50-14.el8.src.rpm	SHA-256: e361a2d4f83100ec5bd4c6839575b3f6b964c4b0a2c8df0fcf0838c1a4c8300e
x86_64
scap-security-guide-0.1.50-14.el8.noarch.rpm	SHA-256: 9f9a4991c5a53a04f284ed678ba943fc59624678d7dff527e7aed95837859c33
scap-security-guide-doc-0.1.50-14.el8.noarch.rpm	SHA-256: 8f05c6139e7922ece254dd66abb0015e0a64347d9742459ff88dc955dca9fb76

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.