[Open-scap] stig-viewer

Fri, 25 Oct 2019 06:22:06 -0700 

The output of the --stig-viewer option does not contain test results when used 
with latest (0.1.46) version of the security-guide. I'm using the latest 
(1.3.2, from the maint-1.3 branch) version of the openscap tools downloaded 
from the github-openscap repo.

oscap -V
OpenSCAP command line tool (oscap) 1.3.2
Copyright 2009--2018 Red Hat Inc., Durham, North Carolina.

==== Supported specifications ====
XCCDF Version: 1.2
OVAL Version: 5.11.1
CPE Version: 2.3
CVSS Version: 2.0
CVE Version: 2.0
Asset Identification Version: 1.1
Asset Reporting Format Version: 1.1
CVRF Version: 1.1


The resulting output file is missing the "rule-result" section when compared to 
using the 0.1.44 version of the security-guide:

  <rule-result idref="SV-87813r2_rule" time="2019-10-23T20:05:59" 
severity="medium" weight="1.000000">
    <result>pass</result>
    <ident system="https://nvd.nist.gov/cce/index.cfm";>CCE-80436-9</ident>
    <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5";>
      <check-content-ref 
name="oval:ssg-mount_option_noexec_remote_filesystems:def:1" 
href="ssg-rhel7-oval.xml"/>
    </check>
  </rule-result>


Thanks for any guidance.

Bruno Czenczelewski


<http://www.fibermountain.com>
[cid:FMIDec2016.png]


Bruno Czenczelewski


br...@fibermountain.com


352 Knotter Drive
Cheshire, CT06410
www.fibermountain.com


[cid:redline.jpg]


P. (203) 806-4040
C. (203) 806-4040
F. (845) 358-7882





Disclaimer: The information contained in this communication is confidential, 
may be privileged and is intended for the exclusive use of the above named 
addressee(s). If you are not the intended recipient(s), you are expressly 
prohibited from copying, distributing, disseminating, or in any other way using 
any information contained within this communication. If you have received this 
communication in error, please contact the sender by telephone or by response 
via mail. We have taken precautions to minimize the risk of transmitting 
software viruses, but we advise you to carry out your own virus checks on this 
message, as well as any attachments. We cannot accept liability for any loss or 
damage caused by software viruses.


_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list

Reply via email to