scap-security-guide/SOURCES/scap-security-guide-0.1.64-sshd_ciphers_regex-PR_9486.patch

From bd2128cdc6a657306b8c9644481346f0ab4411f6 Mon Sep 17 00:00:00 2001
From: Edgar Aguilar <edgar.aguilar@oracle.com>
Date: Mon, 5 Sep 2022 11:07:33 -0500
Subject: [PATCH] Update OVAL in openssh rule

Update OVAL in harden_sshd_ciphers_opensshserver_conf_crypto_policy to
align it with generated conf by remediation

Signed-off-by: Edgar Aguilar <edgar.aguilar@oracle.com>
---
 .../oval/shared.xml                                             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
index 53919eaae7f..21d4e716dbc 100644
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_opensshserver_conf_crypto_policy/oval/shared.xml
@@ -16,7 +16,7 @@
 
   <ind:textfilecontent54_object id="obj_{{{ rule_id }}}" version="1">
     <ind:filepath>{{{ PATH }}}</ind:filepath>
-    <ind:pattern operation="pattern match">^(?!#).*(-oCiphers=\S+).*$</ind:pattern>
+    <ind:pattern operation="pattern match">^(?!#).*(-oCiphers=[^\s']+).*$</ind:pattern>
     <ind:instance operation="equals" datatype="int">1</ind:instance>
   </ind:textfilecontent54_object>