- Issued:
- 2023-11-14
- Updated:
- 2023-11-14
RHBA-2023:7056 - Bug Fix Advisory
Synopsis
scap-security-guide bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for scap-security-guide is now available for Red Hat Enterprise Linux
8.
Description
For detailed information on changes in this release, see the Red Hat Enterprise
Linux %s Release Notes linked from the References section.
Solution
For details on how to apply this update, which includes the changes described
in this advisory, refer to:
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
Fixes
- BZ - 2129100 - After provisioning with ospp profile remediation, enable_fips_mode fails on s390x
- BZ - 2130181 - FIPS enabled profiles built in offline mode with image-builder won't boot
- BZ - 2130182 - Login issues after anssi profile remediation with image-builder images
- BZ - 2130185 - Offline remediation of fstab permissions fails in Image Builder
- BZ - 2155789 - Update ANSSI BP-028 in RHEL8 to v2.0
- BZ - 2157877 - Definition of interactive an non interactive users
- BZ - 2167999 - content_rule_audit_rules_login_events_faillock not selected on DISA STIG Profile
- BZ - 2169857 - Applying CIS benchmark fix cause systemd-journald to unable to parse configuration file
- BZ - 2170530 - xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay should allow whitespace in "smtpd_client_restrictions" value
- BZ - 2175684 - AIDE compliancy
- BZ - 2175882 - scap results should be clear about what values are acceptable for "pam faillock deny" and "pam faillock interval".
- BZ - 2176008 - "Add xxx Option to /var/log" and "Add xxx Option to /var/log/audit" should return "notapplicable" when no dedicated mount point is used
- BZ - 2178516 - Fix CCE link in compliance issue description
- BZ - 2178740 - system account with uid >= 1000 is badly detected as user interactive account
- BZ - 2184487 - CIS profile flags the permissions on /boot/efi/EFI/redhat/user.cfg, but the permissions cannot be changed as directed
- BZ - 2192893 - ".include =" in rhel8-playbook-stig.yml causing STIG to flag it.
- BZ - 2209073 - Please explain if "accounts_passwords_pam_faillock_interval" should apply to RHEL8.2+ or not
- BZ - 2221695 - Rebase scap-security-guide in Red Hat Enterprise Linux 8.9 to latest upstream version
- BZ - 2222583 - Remote resource referenced from datastream is missing https://access.redhat.com/security/data/oval/com.redhat.rhsa-RHEL8.xml.bz2
CVEs
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 8
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-2.el8.src.rpm | SHA-256: c1c544ea16192deb52ebded7ca29d3f4bbfc5a8c3d4145f3c86a278702f3fe90 |
| x86_64 | |
| scap-security-guide-0.1.69-2.el8.noarch.rpm | SHA-256: 8b8ec03574375220a7412384bcf85a5481d6693fbdfeb4af00aacea2672e7209 |
| scap-security-guide-doc-0.1.69-2.el8.noarch.rpm | SHA-256: ecf20addf367ca8c80fccf290dd63138b8bd7ec674c81cf8c93a360a1399b339 |
Red Hat Enterprise Linux for IBM z Systems 8
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-2.el8.src.rpm | SHA-256: c1c544ea16192deb52ebded7ca29d3f4bbfc5a8c3d4145f3c86a278702f3fe90 |
| s390x | |
| scap-security-guide-0.1.69-2.el8.noarch.rpm | SHA-256: 8b8ec03574375220a7412384bcf85a5481d6693fbdfeb4af00aacea2672e7209 |
| scap-security-guide-doc-0.1.69-2.el8.noarch.rpm | SHA-256: ecf20addf367ca8c80fccf290dd63138b8bd7ec674c81cf8c93a360a1399b339 |
Red Hat Enterprise Linux for Power, little endian 8
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-2.el8.src.rpm | SHA-256: c1c544ea16192deb52ebded7ca29d3f4bbfc5a8c3d4145f3c86a278702f3fe90 |
| ppc64le | |
| scap-security-guide-0.1.69-2.el8.noarch.rpm | SHA-256: 8b8ec03574375220a7412384bcf85a5481d6693fbdfeb4af00aacea2672e7209 |
| scap-security-guide-doc-0.1.69-2.el8.noarch.rpm | SHA-256: ecf20addf367ca8c80fccf290dd63138b8bd7ec674c81cf8c93a360a1399b339 |
Red Hat Enterprise Linux for ARM 64 8
| SRPM | |
|---|---|
| scap-security-guide-0.1.69-2.el8.src.rpm | SHA-256: c1c544ea16192deb52ebded7ca29d3f4bbfc5a8c3d4145f3c86a278702f3fe90 |
| aarch64 | |
| scap-security-guide-0.1.69-2.el8.noarch.rpm | SHA-256: 8b8ec03574375220a7412384bcf85a5481d6693fbdfeb4af00aacea2672e7209 |
| scap-security-guide-doc-0.1.69-2.el8.noarch.rpm | SHA-256: ecf20addf367ca8c80fccf290dd63138b8bd7ec674c81cf8c93a360a1399b339 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
