Both the el8 and el9 ovals contain one invalid test_ref which points nowhere for defintion id oval:org.rockylinux.rlsa:def:20233661 (title RLSA-2023:3661: texlive security update (Important)).
The el9 oval data contains this invalid test for that definition:
<criteria operator="OR">
<criterion comment="Rocky Linux 8 must be installed"
test_ref="oval:org.rockylinux.rlsa:tst:unk"/>
</criteria>
Reciprocally, the el8 data contains this invalid:
<criteria operator="OR">
<criterion comment="Rocky Linux 9 must be installed"
test_ref="oval:org.rockylinux.rlsa:tst:unk"/>
</criteria>
The Red Hat ovals do not contain such a criteria for the same definition.
Both the el8 and el9 ovals contain one invalid
test_refwhich points nowhere for defintion idoval:org.rockylinux.rlsa:def:20233661(titleRLSA-2023:3661: texlive security update (Important)).The el9 oval data contains this invalid test for that definition:
Reciprocally, the el8 data contains this invalid:
The Red Hat ovals do not contain such a criteria for the same definition.
This is the area of the code where that invalid
unktest reference is being injected: https://github.com/rocky-linux/oval/blob/8f63e83a70224f040c5a8c25c2803ff19b02c91e/oval/transform.py#L425-L429I've not looked into that code in great detail, but it looks like instead of injecting an invalid test, the criteria should be skipped altogether.