- Issued:
- 2022-08-30
- Updated:
- 2022-08-30
RHBA-2022:6239 - Bug Fix Advisory
Synopsis
scap-security-guide bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for scap-security-guide is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Description
The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines.
Bug Fix(es) and Enhancement(s):
- Rebase SSG to the latest upstream version in RHEL 8.7 (BZ#2116348)
- Update RHEL8 DISA STIG profile to V1R7 (BZ#2116409)
- openscap cis_server_level1 benchmark list mount option requirement for /var/tmp but does not require separate /var/tmp (BZ#2117511)
- Update content in alignment to CIS RHEL8 Benchmark v2.0.0 (BZ#2118976)
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
Fixes
- BZ - 2116348 - Rebase SSG to the latest upstream version in RHEL 8.7 [rhel-8.4.0.z]
- BZ - 2116409 - Update RHEL8 DISA STIG profile to V1R7 [rhel-8.4.0.z]
- BZ - 2117307 - The new enable_authselect SCAP rule needs some tweaking [rhel-8.4.0.z]
- BZ - 2117511 - openscap cis_server_level1 benchmark list mount option requirement for /var/tmp but does not require separate /var/tmp [rhel-8.4.0.z]
- BZ - 2118976 - Update content in alignment to CIS RHEL8 Benchmark v2.0.0 [rhel-8.4.0.z]
CVEs
(none)
References
(none)
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4
SRPM | |
---|---|
scap-security-guide-0.1.63-3.el8_4.src.rpm | SHA-256: d875fbc2383e8e01a7cbf056320b9261f6c7b02e5c61d13b09ac4d7a7254c631 |
x86_64 | |
scap-security-guide-0.1.63-3.el8_4.noarch.rpm | SHA-256: a3790708a0b68f2e12a2f587291a1a3029205ec841c681aa7e79c468b1cf16c6 |
scap-security-guide-doc-0.1.63-3.el8_4.noarch.rpm | SHA-256: 1b26f1673d2e995372a9bd63d154c4f94f6483a392e0687f71bae2077ae2309a |
Red Hat Enterprise Linux Server - AUS 8.4
SRPM | |
---|---|
scap-security-guide-0.1.63-3.el8_4.src.rpm | SHA-256: d875fbc2383e8e01a7cbf056320b9261f6c7b02e5c61d13b09ac4d7a7254c631 |
x86_64 | |
scap-security-guide-0.1.63-3.el8_4.noarch.rpm | SHA-256: a3790708a0b68f2e12a2f587291a1a3029205ec841c681aa7e79c468b1cf16c6 |
scap-security-guide-doc-0.1.63-3.el8_4.noarch.rpm | SHA-256: 1b26f1673d2e995372a9bd63d154c4f94f6483a392e0687f71bae2077ae2309a |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4
SRPM | |
---|---|
scap-security-guide-0.1.63-3.el8_4.src.rpm | SHA-256: d875fbc2383e8e01a7cbf056320b9261f6c7b02e5c61d13b09ac4d7a7254c631 |
s390x | |
scap-security-guide-0.1.63-3.el8_4.noarch.rpm | SHA-256: a3790708a0b68f2e12a2f587291a1a3029205ec841c681aa7e79c468b1cf16c6 |
scap-security-guide-doc-0.1.63-3.el8_4.noarch.rpm | SHA-256: 1b26f1673d2e995372a9bd63d154c4f94f6483a392e0687f71bae2077ae2309a |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4
SRPM | |
---|---|
scap-security-guide-0.1.63-3.el8_4.src.rpm | SHA-256: d875fbc2383e8e01a7cbf056320b9261f6c7b02e5c61d13b09ac4d7a7254c631 |
ppc64le | |
scap-security-guide-0.1.63-3.el8_4.noarch.rpm | SHA-256: a3790708a0b68f2e12a2f587291a1a3029205ec841c681aa7e79c468b1cf16c6 |
scap-security-guide-doc-0.1.63-3.el8_4.noarch.rpm | SHA-256: 1b26f1673d2e995372a9bd63d154c4f94f6483a392e0687f71bae2077ae2309a |
Red Hat Enterprise Linux Server - TUS 8.4
SRPM | |
---|---|
scap-security-guide-0.1.63-3.el8_4.src.rpm | SHA-256: d875fbc2383e8e01a7cbf056320b9261f6c7b02e5c61d13b09ac4d7a7254c631 |
x86_64 | |
scap-security-guide-0.1.63-3.el8_4.noarch.rpm | SHA-256: a3790708a0b68f2e12a2f587291a1a3029205ec841c681aa7e79c468b1cf16c6 |
scap-security-guide-doc-0.1.63-3.el8_4.noarch.rpm | SHA-256: 1b26f1673d2e995372a9bd63d154c4f94f6483a392e0687f71bae2077ae2309a |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4
SRPM | |
---|---|
scap-security-guide-0.1.63-3.el8_4.src.rpm | SHA-256: d875fbc2383e8e01a7cbf056320b9261f6c7b02e5c61d13b09ac4d7a7254c631 |
aarch64 | |
scap-security-guide-0.1.63-3.el8_4.noarch.rpm | SHA-256: a3790708a0b68f2e12a2f587291a1a3029205ec841c681aa7e79c468b1cf16c6 |
scap-security-guide-doc-0.1.63-3.el8_4.noarch.rpm | SHA-256: 1b26f1673d2e995372a9bd63d154c4f94f6483a392e0687f71bae2077ae2309a |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4
SRPM | |
---|---|
scap-security-guide-0.1.63-3.el8_4.src.rpm | SHA-256: d875fbc2383e8e01a7cbf056320b9261f6c7b02e5c61d13b09ac4d7a7254c631 |
ppc64le | |
scap-security-guide-0.1.63-3.el8_4.noarch.rpm | SHA-256: a3790708a0b68f2e12a2f587291a1a3029205ec841c681aa7e79c468b1cf16c6 |
scap-security-guide-doc-0.1.63-3.el8_4.noarch.rpm | SHA-256: 1b26f1673d2e995372a9bd63d154c4f94f6483a392e0687f71bae2077ae2309a |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4
SRPM | |
---|---|
scap-security-guide-0.1.63-3.el8_4.src.rpm | SHA-256: d875fbc2383e8e01a7cbf056320b9261f6c7b02e5c61d13b09ac4d7a7254c631 |
x86_64 | |
scap-security-guide-0.1.63-3.el8_4.noarch.rpm | SHA-256: a3790708a0b68f2e12a2f587291a1a3029205ec841c681aa7e79c468b1cf16c6 |
scap-security-guide-doc-0.1.63-3.el8_4.noarch.rpm | SHA-256: 1b26f1673d2e995372a9bd63d154c4f94f6483a392e0687f71bae2077ae2309a |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.