- Issued:
- 2022-09-20
- Updated:
- 2022-09-20
RHBA-2022:6576 - scap-security-guide bug fix and enhancement update
Synopsis
scap-security-guide bug fix and enhancement update
Type/Severity
Bug Fix Advisory None
Topic
An update for scap-security-guide is now available for Red Hat Enterprise Linux 7.
Description
The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines.
Bug Fix(es) and Enhancement(s):
-
Align RHEL 7 STIG profile with DISA STIG Benchmark (BZ#1967950)
-
content_rule_audit_basic_configuration enforces using default buffer size (8192) for audit, which isn't always suitable on busy systems (BZ#1993822)
-
Rule file_permissions_sshd_private_key fails after kickstart installation (BZ#2021258)
-
Update source of CVE data in data stream (BZ#2028432)
-
Remove PCI-DSS-centric XCCDF Benchmark from scap-security-guide (BZ#2038165)
-
Update RHEL7 DISA STIG profile to V3R8 (BZ#2112939)
-
Rebase scap-security-guide in Red Hat Enterprise Linux 7.9 to latest upstream version (BZ#2116359)
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 7 | x86_64 |
| Red Hat Enterprise Linux for Power, little endian | 7 | ppc64le |
| Red Hat Enterprise Linux for Power, big endian | 7 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 7 | s390x |
| Red Hat Enterprise Linux Workstation | 7 | x86_64 |
| Red Hat Enterprise Linux Server | 7 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 7 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian | 7 | ppc64le |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian | 7 | ppc64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 7 | s390x |
| Red Hat Enterprise Linux Desktop | 7 | x86_64 |
Updated Packages
- scap-security-guide-0.1.63-1.el7_9.src.rpm
- scap-security-guide-0.1.63-1.el7_9.noarch.rpm
- scap-security-guide-doc-0.1.63-1.el7_9.noarch.rpm
Fixes
- This content is not included.BZ - 1993822
- This content is not included.BZ - 2021258
- This content is not included.BZ - 2028432
- This content is not included.BZ - 2038165
- This content is not included.BZ - 2055337
- This content is not included.BZ - 2112939
- This content is not included.BZ - 2116359
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.