Marcus Burghardt

I will close this issue for now based on the discussion. In short, once DISA releases the STIG for RHEL9 we check if any change is necessary. Ok for you...

I reserved some time to investigate this case today and here are some information from the analysis. I have checked RHEL7, RHEL8, RHEL9 and Fedora systems and confirmed the `pam_pwquality.so`...

@comps I see you are the SME in `cui` profile. Could you take a look on this, please?

> @marcusburghardt Sorry, I barely know about the existence of `cui`, are you sure you haven't confused me with somebody else? I found your GH handle here: https://github.com/ComplianceAsCode/content/blob/master/products/rhel7/profiles/cui.profile#L6 Can you...

Update: This error is still present when testing these mentioned rules in a RHEL7.

`audit_rules_immutable` and `security_patches_up_to_date` already have OCIL. `chronyd_or_ntpd_specify_multiple_servers` was removed from pci-dss profile by #11214 `disable_prelink` was removed from pci-dss profile by #11214 Only `audit_rules_session_events` is still relevant for this issue.

The PR https://github.com/ComplianceAsCode/content/pull/11816 solved this DISA misalignment issue but also revealed other issues related to OVAL version. Therefore, the change will be reverted by https://github.com/ComplianceAsCode/content/pull/11917 so we can better work...

It is likely related to the rule `rsyslog_remote_loghost`.

This issue is likely related: https://github.com/ComplianceAsCode/content/issues/8018 @ferricoxide , would you like to propose a PR improving this rule?

@ggbecker are you ok in assigning this issue to you?