On 10/01/18 19:40, Jordi Llorens wrote:
Hi
I've received FAIL on the : Ensure Software Patches Installed
I have Internet connection.
You might have a package that is not updated, please make sure they are.
This is the result of a Yum repolist command execution :
Loaded plugins: refresh-packagekit, rhnplugin
repo id repo name status
rhel-x86_64-server-6 Red Hat Enterprise Linux Server (v. 6 for 64-bit
x86 19887
repolist: 19887
I think that everything is ok, so I don't know why the test fails.
If Rule is still failing after updates applied, you can try to check
what is the CVE affecting your system.
Unfortunately, it cannot be done through SCAP Workbench. You'll have to
use command line.
# Download Red Hat CVE feed
$wget
https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL6.xml.bz2
# Scan your system
$oscap-ssh root@hostname oval eval ./com.redhat.rhsa-RHEL6.xml.bz2
You'll get a bunch results like below...
Starting the evaluation...
Definition oval:com.redhat.rhsa:def:20180061: false
Definition oval:com.redhat.rhsa:def:20180029: false
Definition oval:com.redhat.rhsa:def:20180023: false
Definition oval:com.redhat.rhsa:def:20180016: false
Definition oval:com.redhat.rhsa:def:20180014: true
Definition oval:com.redhat.rhsa:def:20180012: true
Any result "true" is a patch that you are missing. You can look out for
the definitions at https://www.redhat.com/security/data/oval/ to check
what are the affected components.
Thx!
Jordillo
--
Watson Sato
Security Technologies | Red Hat, Inc
_______________________________________________
Open-scap-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/open-scap-list
