openscap icon indicating copy to clipboard operation
openscap copied to clipboard
verified publisher icon OpenSCAP

Support for OVAL 5.12

Open dodys opened this issue 1 year ago • 3 comments

Description of Problem:

In 2024-12-04 we got the publication of OVAL 5.12 https://oval-community-guidelines.readthedocs.io/en/5.11.2_release/

Do we want to add support for it or do we wait for OVAL 6.0 and SCAP 3.0 (which will come somewhere next year)?

dodys avatar Dec 19 '24 17:12 dodys

Neither is yet planned for the foreseeable future (25Q1, 25Q2). No promises either, we are stretched pretty thin ATM.

evgenyz avatar Dec 20 '24 08:12 evgenyz

I found the <merge> element under FunctionGroup in OVAL 5.12 and reading the description that would help to obtain more robust checks on configurations that involve drop in files. Because this contains the option for lexical sort.

See: https://oval-community-guidelines.readthedocs.io/en/5.12.1_release/oval-schema-documentation/oval-definitions-schema.html#mergefunctiontype

So there is at least some reason to support OVAL 5.12

Xeicker avatar Jul 09 '25 17:07 Xeicker

It looks like 5.12+ supports smarter sshd configuration checking, too.

https://oval-community-guidelines.readthedocs.io/en/latest/oval-schema-documentation/unix-system-characteristics-schema.html#sshd-item

The sshd_item stores information retrieved from the local system about sshd parameters and their respective value(s). Information is collected from the target endpoint using the “sshd -f [FILEPATH] -T [NAME]” command and output values are parsed.

rhmdnd avatar Nov 12 '25 16:11 rhmdnd