Closed dragosprisaca closed 5 years ago
test content: ssg-rhel7-ds-1.3.xml.zip
Hi Scott, there seems to be an issue with the attached file. I believe it should fail because the remote component is not XMl. What do you think? RHEL6.zip
Fixed in 1.3.4
We need to provide additional feedback when the patched up-to-date rule references an compressed file (i.e. zip, bz2 etc.).
The following excerpt is not compliant:
"
</ns10:check>"
According to the section 3.2.4.3 “Use of a Patches Up-To-Date Rule” of the SP800-126r3, the security Patches Up-To-Date rule shall be implemented via an OVAL source data stream component: “An OVAL source data stream component MAY be used to represent a series of checks to verify that patches have been installed. Historically, an XCCDF convention has been used to identify such a reference. An XCCDF benchmark MAY include a patches up-to-date rule that SHALL reference an OVAL source data stream component.”