- Issued:
- 2023-03-14
- Updated:
- 2023-03-14
RHBA-2023:1216 - Bug Fix Advisory
Synopsis
scap-security-guide bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for scap-security-guide is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Description
The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines.
Bug Fix(es) and Enhancement(s):
- audit_rules_usergroup_modification_shadow don't remediate existing audit rule (BZ#2169442)
- Rebase SSG to the latest upstream version in RHEL 9.2 (BZ#2169444)
- [SCAP] PCI-DSS Rsyslog log files related rules fails for Rsyslog 8 RainerScript syntax (BZ#2169446)
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
- Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x
Fixes
- BZ - 2169442 - audit_rules_usergroup_modification_shadow don't remediate existing audit rule [rhel-9.0.0.z]
- BZ - 2169444 - Rebase SSG to the latest upstream version in RHEL 9.2 [rhel-9.0.0.z]
- BZ - 2169446 - [SCAP] PCI-DSS Rsyslog log files related rules fails for Rsyslog 8 RainerScript syntax [rhel-9.0.0.z]
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.66-1.el9_0.src.rpm | SHA-256: 73c023ecaa2c2ac0b097bf2a9ad7827fee9a1c5e7bd733464da35d8f5ed0e9ad |
| x86_64 | |
| scap-security-guide-0.1.66-1.el9_0.noarch.rpm | SHA-256: 2c4fe4fd6f89b37ff5100449bf0807b6ad6ab10c812d57adf8e6f397e0de2782 |
| scap-security-guide-doc-0.1.66-1.el9_0.noarch.rpm | SHA-256: 9f22f71ad99da51f84ce48bdcdb26ae6d08863c161d0a55570bc2fceba62586f |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.66-1.el9_0.src.rpm | SHA-256: 73c023ecaa2c2ac0b097bf2a9ad7827fee9a1c5e7bd733464da35d8f5ed0e9ad |
| s390x | |
| scap-security-guide-0.1.66-1.el9_0.noarch.rpm | SHA-256: 2c4fe4fd6f89b37ff5100449bf0807b6ad6ab10c812d57adf8e6f397e0de2782 |
| scap-security-guide-doc-0.1.66-1.el9_0.noarch.rpm | SHA-256: 9f22f71ad99da51f84ce48bdcdb26ae6d08863c161d0a55570bc2fceba62586f |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.66-1.el9_0.src.rpm | SHA-256: 73c023ecaa2c2ac0b097bf2a9ad7827fee9a1c5e7bd733464da35d8f5ed0e9ad |
| ppc64le | |
| scap-security-guide-0.1.66-1.el9_0.noarch.rpm | SHA-256: 2c4fe4fd6f89b37ff5100449bf0807b6ad6ab10c812d57adf8e6f397e0de2782 |
| scap-security-guide-doc-0.1.66-1.el9_0.noarch.rpm | SHA-256: 9f22f71ad99da51f84ce48bdcdb26ae6d08863c161d0a55570bc2fceba62586f |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.66-1.el9_0.src.rpm | SHA-256: 73c023ecaa2c2ac0b097bf2a9ad7827fee9a1c5e7bd733464da35d8f5ed0e9ad |
| aarch64 | |
| scap-security-guide-0.1.66-1.el9_0.noarch.rpm | SHA-256: 2c4fe4fd6f89b37ff5100449bf0807b6ad6ab10c812d57adf8e6f397e0de2782 |
| scap-security-guide-doc-0.1.66-1.el9_0.noarch.rpm | SHA-256: 9f22f71ad99da51f84ce48bdcdb26ae6d08863c161d0a55570bc2fceba62586f |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.66-1.el9_0.src.rpm | SHA-256: 73c023ecaa2c2ac0b097bf2a9ad7827fee9a1c5e7bd733464da35d8f5ed0e9ad |
| ppc64le | |
| scap-security-guide-0.1.66-1.el9_0.noarch.rpm | SHA-256: 2c4fe4fd6f89b37ff5100449bf0807b6ad6ab10c812d57adf8e6f397e0de2782 |
| scap-security-guide-doc-0.1.66-1.el9_0.noarch.rpm | SHA-256: 9f22f71ad99da51f84ce48bdcdb26ae6d08863c161d0a55570bc2fceba62586f |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.66-1.el9_0.src.rpm | SHA-256: 73c023ecaa2c2ac0b097bf2a9ad7827fee9a1c5e7bd733464da35d8f5ed0e9ad |
| x86_64 | |
| scap-security-guide-0.1.66-1.el9_0.noarch.rpm | SHA-256: 2c4fe4fd6f89b37ff5100449bf0807b6ad6ab10c812d57adf8e6f397e0de2782 |
| scap-security-guide-doc-0.1.66-1.el9_0.noarch.rpm | SHA-256: 9f22f71ad99da51f84ce48bdcdb26ae6d08863c161d0a55570bc2fceba62586f |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.66-1.el9_0.src.rpm | SHA-256: 73c023ecaa2c2ac0b097bf2a9ad7827fee9a1c5e7bd733464da35d8f5ed0e9ad |
| aarch64 | |
| scap-security-guide-0.1.66-1.el9_0.noarch.rpm | SHA-256: 2c4fe4fd6f89b37ff5100449bf0807b6ad6ab10c812d57adf8e6f397e0de2782 |
| scap-security-guide-doc-0.1.66-1.el9_0.noarch.rpm | SHA-256: 9f22f71ad99da51f84ce48bdcdb26ae6d08863c161d0a55570bc2fceba62586f |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.66-1.el9_0.src.rpm | SHA-256: 73c023ecaa2c2ac0b097bf2a9ad7827fee9a1c5e7bd733464da35d8f5ed0e9ad |
| s390x | |
| scap-security-guide-0.1.66-1.el9_0.noarch.rpm | SHA-256: 2c4fe4fd6f89b37ff5100449bf0807b6ad6ab10c812d57adf8e6f397e0de2782 |
| scap-security-guide-doc-0.1.66-1.el9_0.noarch.rpm | SHA-256: 9f22f71ad99da51f84ce48bdcdb26ae6d08863c161d0a55570bc2fceba62586f |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
