- Issued:
- 2023-08-29
- Updated:
- 2023-08-29
RHBA-2023:4808 - Bug Fix Advisory
Synopsis
scap-security-guide bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for scap-security-guide is now available for Red Hat Enterprise Linux
9.0 Extended Update Support.
Description
The scap-security-guide project provides a guide for configuration of the
system from the final system's security point of view. The guidance is
specified in the Security Content Automation Protocol (SCAP) format and
constitutes a catalog of practical hardening advice, linked to government
requirements where applicable. The project bridges the gap between generalized
policy requirements and specific implementation guidelines.
Bug Fix(es):
- Failed to locate a datastream with ID matching 'scap_org.open-
scap_datastream_from_xccdf_ssg-rhel8-xccdf-1.2.xml' ID (BZ#2223964)
- Update ANSSI BP-028 in RHEL9 to v2.0 (BZ#2228432)
- journald config parameters not set up correctly after oscap remediation
(BZ#2228440)
- Rebase scap-security-guide in Red Hat Enterprise Linux 9.3 to latest upstream
version (BZ#2228449)
- Rule "All Interactive Users Home Directories Must Exist"
(`xccdf_org.ssgproject.content_rule_accounts_user_interactive_home_directory_exists`)
applies to non-local users as well (BZ#2228463)
- Rules "Set Existing Passwords Maximum/Minimum Age" apply to non-local users
as well (BZ#2228468)
- The /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml file contains reference
to an URL that no longer exist. (BZ#2228470)
Solution
For details on how to apply this update, which includes the changes described
in this advisory, refer to
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
- Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x
Fixes
- BZ - 2223964 - Failed to locate a datastream with ID matching 'scap_org.open-scap_datastream_from_xccdf_ssg-rhel8-xccdf-1.2.xml' ID [rhel-9.0.0.z]
- BZ - 2228432 - Update ANSSI BP-028 in RHEL9 to v2.0 [rhel-9.0.0.z]
- BZ - 2228440 - journald config parameters not set up correctly after oscap remediation [rhel-9.0.0.z]
- BZ - 2228449 - Rebase scap-security-guide in Red Hat Enterprise Linux 9.3 to latest upstream version [rhel-9.0.0.z]
- BZ - 2228463 - Rule "All Interactive Users Home Directories Must Exist" (`xccdf_org.ssgproject.content_rule_accounts_user_interactive_home_directory_exists`) applies to non-local users as well [rhel-9.0.0.z]
- BZ - 2228468 - Rules "Set Existing Passwords Maximum/Minimum Age" apply to non-local users as well [rhel-9.0.0.z]
- BZ - 2228470 - The /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml file contains reference to an URL that no longer exist. [rhel-9.0.0.z]
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-3.el9_0.src.rpm | SHA-256: a38b4071ab8e1b48fcd1a62ebbbc536cc8572e74326183221801ebee7366a117 |
| x86_64 | |
| scap-security-guide-0.1.69-3.el9_0.noarch.rpm | SHA-256: 7f91f0d22fe5d4c2dc0b46b3356cfea9dd1ca60d88fd09e886666d8c13d87f44 |
| scap-security-guide-doc-0.1.69-3.el9_0.noarch.rpm | SHA-256: 39b97884723994007e73c66ce1ff3d930b7f28441a5a301d2e6b3b562515269e |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-3.el9_0.src.rpm | SHA-256: a38b4071ab8e1b48fcd1a62ebbbc536cc8572e74326183221801ebee7366a117 |
| s390x | |
| scap-security-guide-0.1.69-3.el9_0.noarch.rpm | SHA-256: 7f91f0d22fe5d4c2dc0b46b3356cfea9dd1ca60d88fd09e886666d8c13d87f44 |
| scap-security-guide-doc-0.1.69-3.el9_0.noarch.rpm | SHA-256: 39b97884723994007e73c66ce1ff3d930b7f28441a5a301d2e6b3b562515269e |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-3.el9_0.src.rpm | SHA-256: a38b4071ab8e1b48fcd1a62ebbbc536cc8572e74326183221801ebee7366a117 |
| ppc64le | |
| scap-security-guide-0.1.69-3.el9_0.noarch.rpm | SHA-256: 7f91f0d22fe5d4c2dc0b46b3356cfea9dd1ca60d88fd09e886666d8c13d87f44 |
| scap-security-guide-doc-0.1.69-3.el9_0.noarch.rpm | SHA-256: 39b97884723994007e73c66ce1ff3d930b7f28441a5a301d2e6b3b562515269e |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-3.el9_0.src.rpm | SHA-256: a38b4071ab8e1b48fcd1a62ebbbc536cc8572e74326183221801ebee7366a117 |
| aarch64 | |
| scap-security-guide-0.1.69-3.el9_0.noarch.rpm | SHA-256: 7f91f0d22fe5d4c2dc0b46b3356cfea9dd1ca60d88fd09e886666d8c13d87f44 |
| scap-security-guide-doc-0.1.69-3.el9_0.noarch.rpm | SHA-256: 39b97884723994007e73c66ce1ff3d930b7f28441a5a301d2e6b3b562515269e |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-3.el9_0.src.rpm | SHA-256: a38b4071ab8e1b48fcd1a62ebbbc536cc8572e74326183221801ebee7366a117 |
| ppc64le | |
| scap-security-guide-0.1.69-3.el9_0.noarch.rpm | SHA-256: 7f91f0d22fe5d4c2dc0b46b3356cfea9dd1ca60d88fd09e886666d8c13d87f44 |
| scap-security-guide-doc-0.1.69-3.el9_0.noarch.rpm | SHA-256: 39b97884723994007e73c66ce1ff3d930b7f28441a5a301d2e6b3b562515269e |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-3.el9_0.src.rpm | SHA-256: a38b4071ab8e1b48fcd1a62ebbbc536cc8572e74326183221801ebee7366a117 |
| x86_64 | |
| scap-security-guide-0.1.69-3.el9_0.noarch.rpm | SHA-256: 7f91f0d22fe5d4c2dc0b46b3356cfea9dd1ca60d88fd09e886666d8c13d87f44 |
| scap-security-guide-doc-0.1.69-3.el9_0.noarch.rpm | SHA-256: 39b97884723994007e73c66ce1ff3d930b7f28441a5a301d2e6b3b562515269e |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-3.el9_0.src.rpm | SHA-256: a38b4071ab8e1b48fcd1a62ebbbc536cc8572e74326183221801ebee7366a117 |
| aarch64 | |
| scap-security-guide-0.1.69-3.el9_0.noarch.rpm | SHA-256: 7f91f0d22fe5d4c2dc0b46b3356cfea9dd1ca60d88fd09e886666d8c13d87f44 |
| scap-security-guide-doc-0.1.69-3.el9_0.noarch.rpm | SHA-256: 39b97884723994007e73c66ce1ff3d930b7f28441a5a301d2e6b3b562515269e |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-3.el9_0.src.rpm | SHA-256: a38b4071ab8e1b48fcd1a62ebbbc536cc8572e74326183221801ebee7366a117 |
| s390x | |
| scap-security-guide-0.1.69-3.el9_0.noarch.rpm | SHA-256: 7f91f0d22fe5d4c2dc0b46b3356cfea9dd1ca60d88fd09e886666d8c13d87f44 |
| scap-security-guide-doc-0.1.69-3.el9_0.noarch.rpm | SHA-256: 39b97884723994007e73c66ce1ff3d930b7f28441a5a301d2e6b3b562515269e |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
