Hello, I uploaded the tarball there today.
Best regards Jan Černý Security Technologies | Red Hat, Inc. ----- Original Message ----- > From: "Pravin Goyal" <[email protected]> > To: [email protected] > Sent: Tuesday, April 26, 2016 12:18:50 AM > Subject: Re: [Open-scap] Open-scap-list Digest, Vol 85, Issue 24 > > When will OpenSCAP 1.2.9 be available here? > https://fedorahosted.org/releases/o/p/openscap/ > > ________________________________________ > From: [email protected] <[email protected]> > on behalf of [email protected] > <[email protected]> > Sent: Friday, April 22, 2016 9:31 PM > To: [email protected] > Subject: Open-scap-list Digest, Vol 85, Issue 24 > > Send Open-scap-list mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://www.redhat.com/mailman/listinfo/open-scap-list > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Open-scap-list digest..." > > > Today's Topics: > > 1. oscap-ssh based remediation killing remote server (Fen Labalme) > 2. OpenSCAP 1.2.9 (Jan Cerny) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 21 Apr 2016 18:14:04 -0400 > From: Fen Labalme <[email protected]> > To: open-scap-list <[email protected]> > Subject: [Open-scap] oscap-ssh based remediation killing remote server > Message-ID: > <CAL4fX-+JrtyuQ0vPn=CKTLCw9ANL24GLCb7y=i2farra3ka...@mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Hi, > > I'm running oscap-ssh on CentOS 7 using oscap-user and the `sudo` option. > Running a scan on a remote server works great (thank you!): > > oscap-ssh sudo [email protected] 22 xccdf eval --profile > > xccdf_org.ssgproject.content_profile_stig-rhel7-server-upstream > > --results-arf scans/results-arf.xml --results scans/results.xml --report > > scans/results.html scap/ssg-centos7-ds.xml > > > Then I run a remediation with the line: > > oscap-ssh sudo [email protected] 22 xccdf eval --remediate > > --profile xccdf_org.ssgproject.content_profile_stig-rhel7-server-upstream > > --results scans/remediation-results.xml --fetch-remote-resources > > scap/ssg-centos7-ds.xml > > > This completely kills access to the server at 192.168.56.102 (via host or > dashboard). > > Am I calling remediation incorrectly? Has anyone else seen anything like > this? No obvious errors are reported. > > Suggestions on how to debug what step might be killing the server are > welcome. Note that it doesn't die until the SSJ connection is closed, e.g. > after: > > Shared connection to 192.168.56.102 closed. > > oscap exit code: 2 > > Copying back requested files... > > results.xml 100% > > 1889KB 1.9MB/s 00:00 > > Removing remote temporary directory... > > Disconnecting ssh and removing master ssh socket directory... > > Exit request sent. > > > The exact steps I'm using are captured in a completely self-contained > ansible role test setup (that uses vagrant) documented - shpuld you want to > recreate my process - at > https://github.com/openprivacy/ansible-role-govready/blob/master/tests/README.md > > Thanks, > =Fen > > -- > Fen Labalme, CISO at CivicActions.com > Security | Quality | DevOps > mobile: 412-996-4113 > github/skype/twitter: openprivacy > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <https://www.redhat.com/archives/open-scap-list/attachments/20160421/df8331a3/attachment.html> > > ------------------------------ > > Message: 2 > Date: Fri, 22 Apr 2016 09:31:48 -0400 (EDT) > From: Jan Cerny <[email protected]> > To: [email protected] > Subject: [Open-scap] OpenSCAP 1.2.9 > Message-ID: > <[email protected]> > Content-Type: text/plain; charset=utf-8 > > Hello OpenSCAPers, > > We are thrilled to announce general availability of OpenSCAP 1.2.9 release. > > This is the latest release from maint-1.2 maintenance branch. API/ABI is > fully compatible with 1.2.0 release. Users of 1.2.x releases are > recommended to update. > > Changes: > - New features > - oscap-chroot - a tool for offline scanning of filesystems mounted at > arbitrary paths > - enabled offline scanning in many probes > - support for SCE in data streams > - many improvements of verbose mode > - verbose messages can be written on stderr > - runlevel probe supports SUSE systems > - new upstream tests > - Maintenance > - a lot of refactoring > - fixes in various tests > - OCILs are correctly placed in datastreams (issue #364) > - oscap-vm can work with fusermount when guestunmount is not available > - fixed oscap-docker HTTP communication issues (issue #304) > - fixed oscap-docker tracebacks (issue #303, #317) > - fixed container mounting in oscap-docker (issue #329) > - added Fedora 25 CPE > - only non-empty profiles are built (rhbz#1256879, rhbz#1302230) > - fixed compiler errors on RHEL5 and SLES11 > - fixed sorting of groups in HTML report (issue #342) > - fixed version/@time and version/@update in XCCDF Benchmark > - fixed CPE definitions to work also in offline mode > - fixed sysctl probe (issue #258) > - fixed manual page for oscap-ssh (rhbz#1299969) > - updated user manuals and manual pages > - updated .gitignore > > Special thanks to our new contributors Gautam Satish, Marek Haicman, > Mooli Tayer and Quey-Liang Kao. > > Download: > https://github.com/OpenSCAP/openscap/releases/download/1.2.9/openscap-1.2.9.tar.gz > > SHA512: > 1a55b466c3acdea9423bff8d2662ff236b7edcbb88c04de23cb40ff7ba9536847aaed9495ab8b3904b9eac981c8a018d0f253769a848e7ccfd8ecb2aedc99e0f > > Audit, Fix, And Be Merry! > > -- > Jan ?ern? > Security Technologies, Red Hat, Inc. > on behalf of OpenSCAP contributors > > > > > ------------------------------ > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list > > End of Open-scap-list Digest, Vol 85, Issue 24 > ********************************************** > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list > _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
