Open 0intro opened 1 week ago
Thanks for opening this issue.
We have a script to update the policy files ./utils/import_disa_stig.py
.
It's basic and requires manual review but it helps a lot.
We usually don't update the description
or rationale
due to DISA's changes.
I will make a note to update these files once DISA releases a new version. Which should be in late July.
Description of problem:
The rule descriptions are not up-to-date with the latest STIG.
For example, after the update of the RHEL 9 STIG, the policy/stig/shared.yml description of the
sysctl_kernel_yama_ptrace_scope
rule was updated:But the
vuln_discussion
section is duplicated. The first one is the previous one and the new one appears at the end of the file.And the rule.yml description was not updated:
SCAP Security Guide Version:
master
branch as of 2024-06-24 (644de124aa3df25282588a1b89fc28d1ea009e53).