Fix remediations applicability of zipl rules
Resolves: rhbz#1996847
This commit is contained in:
Matej Tyc
parent
bd64402d52
commit
30760905b3
|
|
@ -0,0 +1,29 @@
|
|||
From d1c2810ca3ba0cea44cc70db34eb80e313408cb5 Mon Sep 17 00:00:00 2001
|
||||
From: Gabriel Becker <ggasparb@redhat.com>
|
||||
Date: Wed, 25 Aug 2021 10:59:11 +0200
|
||||
Subject: [PATCH] Remove package applicability from s390x_arch generated
|
||||
remediations.
|
||||
|
||||
This makes sure that there will be no package applicability check in the
|
||||
remediations of rules that use the s390x_arch platform applicability,
|
||||
since the check is made by checking a line in file instead. At this
|
||||
moment the build system does not allow doing such checks. The side
|
||||
effect is that Bash and Ansible roles will apply this remediation even
|
||||
on a system that is not s390_arch, so using OpenSCAP scanner is highly
|
||||
recommended.
|
||||
---
|
||||
ssg/constants.py | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/ssg/constants.py b/ssg/constants.py
|
||||
index 9bb4e1b5f4..adb76bfa8f 100644
|
||||
--- a/ssg/constants.py
|
||||
+++ b/ssg/constants.py
|
||||
@@ -353,6 +353,7 @@
|
||||
"uefi": None,
|
||||
"non-uefi": None,
|
||||
"not_s390x_arch": None,
|
||||
+ "s390x_arch": None,
|
||||
}
|
||||
|
||||
# _version_name_map = {
|
||||
|
|
@ -5,7 +5,7 @@
|
|||
|
||||
Name: scap-security-guide
|
||||
Version: 0.1.57
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
Summary: Security guidance and baselines in SCAP formats
|
||||
License: BSD-3-Clause
|
||||
URL: https://github.com/ComplianceAsCode/content/
|
||||
|
|
@ -25,6 +25,7 @@ Patch9: scap-security-guide-0.1.58-rhel9_cis_crypto_policy_default-PR_7452.patc
|
|||
Patch10: scap-security-guide-0.1.58-fix_broken_link-PR_7409.patch
|
||||
Patch11: scap-security-guide-0.1.58-cis_build_system_fix-PR_7226.patch
|
||||
Patch12: scap-security-guide-0.1.58-rhel9_cis-PR_7415.patch
|
||||
Patch13: scap-security-guide-0.1.58-zipl_remediation_applicability-PR_7458.patch
|
||||
|
||||
BuildRequires: libxslt
|
||||
BuildRequires: expat
|
||||
|
|
@ -111,6 +112,10 @@ rm %{buildroot}/%{_docdir}/%{name}/Contributors.md
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Aug 25 2021 Matej Tyc <matyc@redhat.com> - 0.1.57-5
|
||||
- Fix remediations applicability of zipl rules
|
||||
Resolves: rhbz#1996847
|
||||
|
||||
* Tue Aug 24 2021 Matej Tyc <matyc@redhat.com> - 0.1.57-4
|
||||
- Fix a broken HTTP link
|
||||
Add CIS profile based on RHEL8 CIS, fix its Crypto Policy usage
|
||||
|
|
|
|||
Loading…
Reference in New Issue