Closed boe-ms closed 2 years ago
ManfredAch
commented
2 years ago Hello, the change of the note 3123396 re-released on March 22 is reflected in policy PatchDay_2022-04 (ABAP_snotes_patchday_2022-04.xml). Please use the check of the policy ABAP_snotes_patchday_2022-04.xml. Best regards Manfred
ManfredAch
commented
2 years ago provided in april policy
boe-ms
commented
2 years ago @ManfredAch : that implies a question: if we want to run a validation for compliance against 2022 notes I'm currently validating against ALL 2022 policies. Since a "wrong" check is included (where the proper one is in 04), I'm getting an incompliant result. This is how we found that problem. In my opinion all policies that include a check for a specific note would have to be adjusted once such a note is updated.
Or what is SAPs intended way of use in that case?
ManfredAch
commented
2 years ago Hello, We provide monthy a policy for ABAP notes of the security patch day. There is no plan to update former policies in case there is a new or additional correction provided later which is done only in very rare cases. It is possible for Customer to adjust the policies according their needs. Thus, it is possible to comment or delete the check related to the note in the ‚old‘ policy. This is my recommendation. Best regards Manfred
SAP Note 3123396 has been re-released on March 22 stating the the fix for it has been bundled with an updated bundle patch 1101 for Kernel release 722. So either dw hotfix 1115 or bundle patch 1101 should result in a compliant result.
Could you please update the ABAP policies for these two months where it's currently enforcing >= 1115 only?