FYI -
-------- Original Message -------- Subject: [OVAL-DEVELOPER-LIST] OVAL Language 5.11 Release Candidate 1 Available Date: Tue, 18 Nov 2014 16:21:06 -0500 From: Rothenberg, David B. <[email protected]> Reply-To: OVAL Developer List (Closed Public Discussion) <[email protected]> To: <[email protected]> All, Version 5.11 Release Candidate 1 is now available for community review and comment. Attached is the change log for a full list of updates in this release. https://github.com/OVALProject/Language/tree/5.11-rc-1 https://github.com/OVALProject/Language/wiki#retrieving-a-specific-revision This Release Candidate includes support for several new platform schemas migrated from the OVAL Sandbox [1] as voted upon by the OVAL Board [2]. Some of these community contributions expands on the possible collection endpoints to include the mobile platforms Android and Apple iOS, and the network management protocol NETCONF. Changes made to the existing Independent, Windows, Linux, Solaris, and Cisco IOS schemas include new Tests, improved enumeration options, and clarified documentation. The Windows accesstoken_test, user_test, and group_test have all been deprecated in this version of the Language in favor of newer tests to address identified limitations. This is not a full list of all changes to be expected from the official OVAL 5.11 Language release, as other proposals are still being voted on by the OVAL Board. Please let us know if you have any questions or discover any issues while reviewing this Release Candidate. Thanks, David Rothenberg [1] https://github.com/OVALProject/Sandbox <https://github.com/OVALProject/Sandbox> [2] http://oval.mitre.org/community/board/voting_archive <http://oval.mitre.org/community/board/voting_archive> To unsubscribe, send an email message to [email protected] with SIGNOFF OVAL-DEVELOPER-LIST in the BODY of the message. If you have difficulties, write to [email protected]. -- Shawn Wells Director, Innovation Programs [email protected] | 443.534.0130 @shawndwells
---------------------------------- --- Version 5.11 RC 1 --- ---------------------------------- *Improved clarity of ind-def:xmlfilecontent_test xpath documentation. Issue #41. *Fixed documentation of "current time" in the time_difference function. Issues #44, #47. *Changed documentation for several nillable entities to return "not collected" instead of "does not exist" upon evaluation. Issue #55. *Expanded win-def:volume_state and win-sc:volume_item entities. Issue #164. *Fixed ind-def:EntityStateEngineType to include "mysql" enumeration value. Issue #202 *Fixed restriction base type for ind-def:EntityObjectEngineType. Issue #203. *Added Windows systemmetric_test, ntuser_test, and license_test. Issue #14, #208, #209. *Included Solaris facet_test, image_test, package511_test, packageavoidlist_test, packagefreezelist_test, packagepublisher_test,smfproperty_test, variant_test, and virtualizationinfo_test. Issue #210 *Added Android platform schemas. Issue #211. *Added Cisco IOS-XE and Cisco ASA platform schemas. Updated Cisco IOS platform schemas. Issue #212. *Added Apple iOS platform schemas. Issue #213. *Added NETCONF platform schemas. Issue #214. *Added Juniper JunOS platform schemas. Issue #215. *Added linux-def:systemdunitdependency_test and def:systemdunitproperty_test. Issue #216. *Fixed win-def:EntityStatePeTargetMachineType and EntityStatePeSubsystemType enumerations to accept the empty string value for variable references. Issue #217. *Expanded ind-def:EntityStateLdaptypeType and ind-sc:EntityItemLdaptypeType enumeration values. Issue #218. *Deprecated the win-def:accesstoken_test. Added win-def:userright_test. Issue #219. *Added Solaris virtualizationinfo_test. Issue #220. *Deprecated the win-def:user_test and win-def:group_test. Issue #221 *Added a name entity to the win-def:process58_state and the win-sc:process_item. Issue #222. *Updated oval:FamilyEnumeration values to allow for new platforms. Issue #224. *Updated oval-common schema_version and DeprecatedInfo pattern restriction. Issue #225. ---------------------------------- --- Version 5.11 Draft 2 --- ---------------------------------- *Documented how to implement the linux-def:partition_test. Issue #133. *Updated documentation that describes a function and parameter that can be used to collect subgroup names. Issue #132. *Aligned the schema and specification terminology used when describing variable values. Issue #122. *Fixed the managed_entity_type documentation in the esx-def:ViSdkManagedEntityBehaviors construct. Issue #112. *Added the operator attribute to the PossibleRestrictionType used in external variables. Issue #110. *Removed the enumeration restriction on the sol-def:smf_test protocol entity. Issue #106. *Updated the sol-sc:smf_item to allow for unbounded protocol entities. Issue #103. *Added additional values to the oval-def:EntityStateRegistryTypeType and oval-sc:EntityItemRegistryTypeType enumerations. Issue #102. *Updated the Schematron rules for Windows filenames to account for additional disallowed symbols. Issue #100. *Added the last_logon entity to the win-def:user_sid55_test. Issue #92. *Fixed Schematron error generation on entities with values if the entity does not exist. Issue #90. *Improved the Windows documentation surrounding WORD, DWORD, and QWORD values. Issue #86. *Added the CIM_DATETIME format to the oval-def:DateTimeFormatEnumeration for use in the time_difference function. Issue #85. *Changed the freebsd-def:portinfo_test to allow for the version datatype. Issue #80. *Clarified the ipv4_address and ipv6_address datatype formats and operation behaviors. Issue #76. *Clarified the mask attribute documentation. Issue #67. *Fixed a broken link to a Cisco IOS reference in the specification. Issue #66. *Modified occurrences of "malware and threat indicator sharing" to be phrased as "malware artifact hunting" in the specification. Issue #65. *Fixed a contradiction in the regex_capture function and expanded on the collection procedures when provided zero, or more than one, capturing sub-patterns. Issue #60. *Specified which types of packages may be checked with the sol-def:package_test. Issue #54. *Added examples to better explain how the 'defined' FileBehavior works. Issue #51. *Documented how to handle invalid and unsupported Perl 5 regular expressions when using pattern match operations. Issue #45. *Clarified the regex_capture and escape_regex function documentation regarding sub-components and multi-valued components. Issue #43. *Specified which Perl 5 regular expression syntax metacharacters must be escaped when used literally within the regex_capture function or resulting from the escape_regex function. Issue #42. *Renamed the Linux Schematron rule to reflect correct namespace. Issue #40. ---------------------------------- --- Version 5.11 Draft 1 --- ---------------------------------- *Updated the schema documentation to use terminology consistent with the specification when discussing variables. Issue #11. *Fixed the incorrect documentation for the file_supports_remote_storage entity in the win-def:volume_test. Issue #10. *Deprecated the digest_check_passed and signature_check_passed entities in the linux-def:rpmverifypackage_test. Issue #9. *Fixed the incorrect documentation describing how the equals operation should behave for record entities. Issue #8. *Fixed a bug in the schema where the filepath, path, and filename entities were missing from the win-def:peheader_state and win-sc:peheader_item. Issue #33. *Fixed a typo in the oval-res:ResultsEnumeration schema documentation. Issue #16. *Fixed the win-def:registry_test last_write_time entity documentation to explain how the value indicates the last time the key, or any of its values, were modified. Issue #15. *Clarified the unix-def:file_test has_extended_acl entity documentation to specify how the entity should be collected in certain cases. Issue #12. *Moved oval-def:NotesType to OVAL Common and added support for oval:NotesType in variables. Issue #6. *Added missing documentation for the server_arguments, endpoint_type, and exec_as_user entities in the unix-def:inetd_test. Issue #5. *Added documentation specifying how the ind-def:environmentvariable58_test should behave when environment variables cannot be collected from another process. Issue #4. *Added documentation to specify when there is a uniqueness requirement for record field names. Issue #3. *Fixed the incorrect example provided in the version entity of the linux-def:rpmverify*_tests. Issue #2. *Added support for the collection of hive values in the win-def:registry_test by removing the restriction where the name entity must be nilled when the key entity is nilled. Issue #1.
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
