- 发布:
- 2021-04-27
- 已更新:
- 2021-04-27
RHBA-2021:1383 - Bug Fix Advisory
概述
scap-security-guide bug fix and enhancement update
类型/严重性
Bug Fix Advisory
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
标题
An update for scap-security-guide is now available for Red Hat Enterprise
Linux 7.
描述
The scap-security-guide project provides a guide for configuration of the
system from the final system's security point of view. The guidance is
specified in the Security Content Automation Protocol (SCAP) format and
constitutes a catalog of practical hardening advice, linked to government
requirements where applicable. The project bridges the gap between
generalized policy requirements and specific implementation guidelines.
Bug Fix(es) and Enhancement(s):
- [RFE] Add ANSSI-BP-028 to SSG (Minimal, Intermediary and Enhanced Levels) (BZ#1497415)
- Remove deprecated follow argument from Ansible remediations (BZ#1890111)
- Rules of type Service Disabled do not have clear description on which actions the user should take (BZ#1891435)
- Latest RHEL7 STIG (V3R2) is not present in latest version of scap-security-guide. (BZ#1921643)
解决方案
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
受影响的产品
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le
修复
- BZ - 1497415 - [RFE] Add ANSSI-BP-028 to SSG (Minimal, Intermediary and Enhanced Levels) [rhel-7.9.z]
- BZ - 1852364 - xccdf_org.ssgproject.content_rule_selinux_all_devicefiles_labeled fails when a symlink or regular file is labeled with "device_t" [rhel-7.9.z]
- BZ - 1890111 - Remove deprecated follow argument from Ansible remediations [rhel-7.9.z]
- BZ - 1891435 - Rules of type Service Disabled do not have clear description on which actions the user should take [rhel-7.9.z]
- BZ - 1907897 - IBM Z (s390x) is not detected as a 64bit architecture [rhel-7.9.z]
- BZ - 1914226 - False positive selinux content_rule_selinux_policytype [rhel-7.9.z]
- BZ - 1921643 - Latest RHEL7 STIG (V3R2) is not present in latest version of scap-security-guide. [rhel-7.9.z]
CVE
(none)
参考
(none)
Red Hat Enterprise Linux Server 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
x86_64 | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
x86_64 | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux Workstation 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
x86_64 | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux Desktop 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
x86_64 | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux for IBM z Systems 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
s390x | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux for Power, big endian 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
ppc64 | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux for Scientific Computing 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
x86_64 | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux for Power, little endian 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
ppc64le | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
s390x | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
ppc64 | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7
SRPM | |
---|---|
scap-security-guide-0.1.54-3.el7_9.src.rpm | SHA-256: d295407776b37290f831a57377fbc45e1ef3de443ce22686e1625b8484997b43 |
ppc64le | |
scap-security-guide-0.1.54-3.el7_9.noarch.rpm | SHA-256: c57c2866ee75805f17cab3469ba69dcbace2b69e8ba60c6bfa58c03c15dd3d7b |
scap-security-guide-doc-0.1.54-3.el7_9.noarch.rpm | SHA-256: d8fe6f3b141d313c485b401165a1ed35800cdb050bcdc9e4fa935508b2ecb3a2 |
Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/。