-
MenuButtonEditItems has version_time documented as TODO. It's subroutine controlDate is/was broken. While trying to fix this attempted to find it in the specification (XCCDF 1.2) without success.
Is …
-
#### Description of problem:
Apply to the rule `sysctl_kernel_yama_ptrace_scope`
This rule check that `kernel.yama.ptrace_scope=1`, but it is possible to set it to `2` or `3` to have stricter an…
-
CIS benchmarks viewed in PDF, Word or XLSX contain a human-readable description of how to audit a setting, which is not contained in the XCCDF version of the guide, simply because there is no field fo…
-
When generating xccdf with inspec_tools and importing it into STIG Viewer it does not display the same metadata at the top of a control as a DISA generated xccdf.
inspec_tools example:
```
…
-
When remediating containers for configuration compliance, the output of scan vs. remediation is inconsistent:
```
# atomic scan --remediate --scan_type configuration_compliance --scanner_args \
…
-
Currently, Benchmark, Group, Rule, and fix element allow addition of applicability information as CPE information.
To allow for organization-specific applicability information as well as future ex…
-
#### Description of Problem:
`oscap` cannot be terminated by pressing CTRL+C while evaluating an intensive rule, eg. `xccdf_org.ssgproject.content_rule_rpm_verify_permissions`
#### OpenSCAP Versio…
-
Hi,
I've been running the ssh-baseline for sometime and recently ran the CentOS 7 CIS-1 baseline and the `xccdf_org.cisecurity.benchmarks_rule_5.2.3_Ensure_SSH_LogLevel_is_set_to_INFO` control fail…
-
- [X] I have ensured that I am running the latest release
- [X] The issue is repeatable
- [X] The issue has not already been reported
We are running SCC tool 5.2.1 and Vulnerator 6.1.9.
I cann…
-
#### Description of problem:
AutoMatúš prints a message that suggests that I have selected a wrong profile. That's misleading, because even though there can be a situation that a rule hasn't been eva…