Ok. Thank you very much! I will try oscap-ssh. Maybe it could be better for my purposes. Again, thank you.
Regards jordillo 2018-01-11 14:16 GMT+01:00 Watson Yuuma Sato <ws...@redhat.com>: > On 10/01/18 19:40, Jordi Llorens wrote: > >> Hi >> >> I've received FAIL on the : Ensure Software Patches Installed >> I have Internet connection. >> > You might have a package that is not updated, please make sure they are. > >> This is the result of a Yum repolist command execution : >> >> Loaded plugins: refresh-packagekit, rhnplugin >> repo id repo name status >> rhel-x86_64-server-6 Red Hat Enterprise Linux Server (v. 6 for 64-bit x86 >> 19887 >> repolist: 19887 >> >> I think that everything is ok, so I don't know why the test fails. >> > If Rule is still failing after updates applied, you can try to check what > is the CVE affecting your system. > Unfortunately, it cannot be done through SCAP Workbench. You'll have to > use command line. > > # Download Red Hat CVE feed > $wget https://www.redhat.com/security/data/oval/com.redhat.rhsa- > RHEL6.xml.bz2 > > # Scan your system > $oscap-ssh root@hostname oval eval ./com.redhat.rhsa-RHEL6.xml.bz2 > > You'll get a bunch results like below... > > Starting the evaluation... > Definition oval:com.redhat.rhsa:def:20180061: false > Definition oval:com.redhat.rhsa:def:20180029: false > Definition oval:com.redhat.rhsa:def:20180023: false > Definition oval:com.redhat.rhsa:def:20180016: false > Definition oval:com.redhat.rhsa:def:20180014: true > Definition oval:com.redhat.rhsa:def:20180012: true > > Any result "true" is a patch that you are missing. You can look out for > the definitions at https://www.redhat.com/security/data/oval/ to check > what are the affected components. > >> >> Thx! >> Jordillo >> >> >> > -- > Watson Sato > Security Technologies | Red Hat, Inc > >
_______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list