Fix remediations applicability of zipl rules
Resolves: rhbz#1996847
This commit is contained in:
parent
bd64402d52
commit
30760905b3
@ -0,0 +1,29 @@
|
|||||||
|
From d1c2810ca3ba0cea44cc70db34eb80e313408cb5 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Gabriel Becker <ggasparb@redhat.com>
|
||||||
|
Date: Wed, 25 Aug 2021 10:59:11 +0200
|
||||||
|
Subject: [PATCH] Remove package applicability from s390x_arch generated
|
||||||
|
remediations.
|
||||||
|
|
||||||
|
This makes sure that there will be no package applicability check in the
|
||||||
|
remediations of rules that use the s390x_arch platform applicability,
|
||||||
|
since the check is made by checking a line in file instead. At this
|
||||||
|
moment the build system does not allow doing such checks. The side
|
||||||
|
effect is that Bash and Ansible roles will apply this remediation even
|
||||||
|
on a system that is not s390_arch, so using OpenSCAP scanner is highly
|
||||||
|
recommended.
|
||||||
|
---
|
||||||
|
ssg/constants.py | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/ssg/constants.py b/ssg/constants.py
|
||||||
|
index 9bb4e1b5f4..adb76bfa8f 100644
|
||||||
|
--- a/ssg/constants.py
|
||||||
|
+++ b/ssg/constants.py
|
||||||
|
@@ -353,6 +353,7 @@
|
||||||
|
"uefi": None,
|
||||||
|
"non-uefi": None,
|
||||||
|
"not_s390x_arch": None,
|
||||||
|
+ "s390x_arch": None,
|
||||||
|
}
|
||||||
|
|
||||||
|
# _version_name_map = {
|
@ -5,7 +5,7 @@
|
|||||||
|
|
||||||
Name: scap-security-guide
|
Name: scap-security-guide
|
||||||
Version: 0.1.57
|
Version: 0.1.57
|
||||||
Release: 4%{?dist}
|
Release: 5%{?dist}
|
||||||
Summary: Security guidance and baselines in SCAP formats
|
Summary: Security guidance and baselines in SCAP formats
|
||||||
License: BSD-3-Clause
|
License: BSD-3-Clause
|
||||||
URL: https://github.com/ComplianceAsCode/content/
|
URL: https://github.com/ComplianceAsCode/content/
|
||||||
@ -25,6 +25,7 @@ Patch9: scap-security-guide-0.1.58-rhel9_cis_crypto_policy_default-PR_7452.patc
|
|||||||
Patch10: scap-security-guide-0.1.58-fix_broken_link-PR_7409.patch
|
Patch10: scap-security-guide-0.1.58-fix_broken_link-PR_7409.patch
|
||||||
Patch11: scap-security-guide-0.1.58-cis_build_system_fix-PR_7226.patch
|
Patch11: scap-security-guide-0.1.58-cis_build_system_fix-PR_7226.patch
|
||||||
Patch12: scap-security-guide-0.1.58-rhel9_cis-PR_7415.patch
|
Patch12: scap-security-guide-0.1.58-rhel9_cis-PR_7415.patch
|
||||||
|
Patch13: scap-security-guide-0.1.58-zipl_remediation_applicability-PR_7458.patch
|
||||||
|
|
||||||
BuildRequires: libxslt
|
BuildRequires: libxslt
|
||||||
BuildRequires: expat
|
BuildRequires: expat
|
||||||
@ -111,6 +112,10 @@ rm %{buildroot}/%{_docdir}/%{name}/Contributors.md
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Aug 25 2021 Matej Tyc <matyc@redhat.com> - 0.1.57-5
|
||||||
|
- Fix remediations applicability of zipl rules
|
||||||
|
Resolves: rhbz#1996847
|
||||||
|
|
||||||
* Tue Aug 24 2021 Matej Tyc <matyc@redhat.com> - 0.1.57-4
|
* Tue Aug 24 2021 Matej Tyc <matyc@redhat.com> - 0.1.57-4
|
||||||
- Fix a broken HTTP link
|
- Fix a broken HTTP link
|
||||||
Add CIS profile based on RHEL8 CIS, fix its Crypto Policy usage
|
Add CIS profile based on RHEL8 CIS, fix its Crypto Policy usage
|
||||||
|
Loading…
Reference in New Issue
Block a user