Gabriel Becker
Gabriel Becker
Describe all the details about this undocumented behavior of SSH and how it affected RHEL STIG profiles throughout the time.
Certain packages are only applicable to certain types of machines with certain characteristics. For example: processor capabilities (e.g: AES support), architecture specifics. OAA should support different remediation handling according to...
#### Description of problem: Investigate if other banners have the same issue as the one fixed by the following PR: https://github.com/ComplianceAsCode/content/pull/11826 There are banners like /etc/issue, /etc/issue.net for example.
#### Description of problem: Sometimes templated test scenarios don't cover all possible cases a template can be used. As it's in the case of https://github.com/ComplianceAsCode/content/pull/7405/files#diff-66fb572257ded0d27ec50b0c7c6f8073df416494e02dcbc58a15a50ffefff704 where we can't easily implement...
The following STIG item https://stigaview.com/products/rhel9/v1r3/RHEL-09-255065/ Does not have the "-oCiphers=" parameter, it uses "Cipher " instead. Our rule implementation https://github.com/ComplianceAsCode/content/blob/34011f7d23235aa128edef33c929097e62201433/controls/stig_rhel9.yml#L1880 targets the RHEL8 STIG implementation only (https://stigaview.com/products/rhel8/v1r13/RHEL-08-010291/), the rule needs...
The lineinfile template does not accept regex as input. https://github.com/ComplianceAsCode/content/blob/a6ff62a071070227558a308b201ff108f0ef6971/linux_os/guide/services/sssd/sssd_enable_certmap/rule.yml#L73
Stop bundling tests folder in openscap-report, it conflicts with tests module from ComplianceAsCode/content. If you install openscap-report and try to run automatus test, it might conflict because the automatus tests...
#### Description of problem: Failing tests: /hardening/anaconda/with-gui/stig_gui/enable_gpgcheck_for_all_repositories /hardening/anaconda/stig/enable_gpgcheck_for_all_repositories #### SCAP Security Guide Version: 5049fed40d7ce809830b4fe9ceea76c7f59a4d35 #### Operating System Version: RHEL8 #### Actual Results: Rule failing after system installation #### Expected Results:...
#### Description of problem: The content is misaligned with an external (third party) content that targets the same policy - typically, this means that a system hardened by our content...
#### Description: The following rules: rsyslog_files_groupownership rsyslog_files_ownership rsyslog_files_permissions Most likely this is what caused the change: https://gitlab.com/redhat/centos-stream/rpms/rsyslog/-/merge_requests/49/diffs #### Rationale: - Attempts to Fix #14227