subject:"Re\: \[Open\-scap\] SCAP Security Guide 0.1.32"

Re: [Open-scap] SCAP Security Guide 0.1.32

2017-03-30 Thread Shawn Wells

Downloaded and tested the content using STIG profile. Found a few issues
with this release:

- 1x OVAL error
- 62x remediation failures/errors
- 50x rules missing DoD mappings

Made a GitHub project to track these issues:
https://github.com/OpenSCAP/scap-security-guide/projects/7

We'll want to get these resolved before uploading to NIST and before
this release makes it into downstream releases (e.g. RHEL 7.4 rebase).
What's the best way to start working these bugs? Is there a deadline for
when these bugs must be resolved for inclusion downstream?




On 3/30/17 9:07 AM, Shawn Wells wrote:
> Thank you! Looking forward to downloading the data stream and testing it. I 
> can start the process to get the new release posted to Nist .
>
> Shawn Wells
>
>> On Mar 30, 2017, at 8:22 AM, Watson Yuuma Sato  wrote:
>>
>> Hello folks,
>>
>> We have the pleasure to announce that SCAP Security Guide version 0.1.32 has
>> has been release.
>>
>> Highlights of this release:
>>
>> * New CMake build system
>> * Improved NIST 800-171 profile
>> * Initial RHVH profile
>> * New CPE to identify systems like machines (bare-metal and VM) and 
>> containers (image and container)
>> * Template clean up in lots of remediations
>>
>> For a more detailed overview of changes (bug fixes, enhancements) implemented
>> in this release please have a look at more detailed changelog:
>> * https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.32
>>
>> Full changelog at:
>> * https://github.com/OpenSCAP/scap-security-guide/issues?q=milestone%3A0.1.32
>>
>> Zip archives with pre-built benchmarks in DataStream form:
>> * 
>> https://github.com/OpenSCAP/scap-security-guide/releases/download/v0.1.32/scap-security-guide-0.1.32.zip
>>  
>> (Zip archive using OVAL-5.11.1 language version)
>> * 
>> https://github.com/OpenSCAP/scap-security-guide/releases/download/v0.1.32/scap-security-guide-0.1.32-oval-5.10.zip
>>  
>> (Zip archive using OVAL-5.10 language version only)
>>
>> Thank you to everyone who contributed with issues, patches and discussion.
>>
>> Happy hardening!
>>
>> With regards,
>> Watson Sato
>>
>>
>> -- 
>> Watson Sato
>> Security Technologies | Red Hat, Inc
>> ___
>> scap-security-guide mailing list -- 
>> scap-security-gu...@lists.fedorahosted.org
>> To unsubscribe send an email to 
>> scap-security-guide-le...@lists.fedorahosted.org

-- 
Shawn Wells
Chief Security Strategist
U.S. Public Sector
sh...@redhat.com | 443.534.0130 

___
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list

Re: [Open-scap] SCAP Security Guide 0.1.32

2017-03-30 Thread Shawn Wells

Thank you! Looking forward to downloading the data stream and testing it. I can 
start the process to get the new release posted to Nist .

Shawn Wells

> On Mar 30, 2017, at 8:22 AM, Watson Yuuma Sato  wrote:
> 
> Hello folks,
> 
> We have the pleasure to announce that SCAP Security Guide version 0.1.32 has
> has been release.
> 
> Highlights of this release:
> 
> * New CMake build system
> * Improved NIST 800-171 profile
> * Initial RHVH profile
> * New CPE to identify systems like machines (bare-metal and VM) and 
> containers (image and container)
> * Template clean up in lots of remediations
> 
> For a more detailed overview of changes (bug fixes, enhancements) implemented
> in this release please have a look at more detailed changelog:
> * https://github.com/OpenSCAP/scap-security-guide/releases/tag/v0.1.32
> 
> Full changelog at:
> * https://github.com/OpenSCAP/scap-security-guide/issues?q=milestone%3A0.1.32
> 
> Zip archives with pre-built benchmarks in DataStream form:
> * 
> https://github.com/OpenSCAP/scap-security-guide/releases/download/v0.1.32/scap-security-guide-0.1.32.zip
>  
> (Zip archive using OVAL-5.11.1 language version)
> * 
> https://github.com/OpenSCAP/scap-security-guide/releases/download/v0.1.32/scap-security-guide-0.1.32-oval-5.10.zip
>  
> (Zip archive using OVAL-5.10 language version only)
> 
> Thank you to everyone who contributed with issues, patches and discussion.
> 
> Happy hardening!
> 
> With regards,
> Watson Sato
> 
> 
> -- 
> Watson Sato
> Security Technologies | Red Hat, Inc
> ___
> scap-security-guide mailing list -- scap-security-gu...@lists.fedorahosted.org
> To unsubscribe send an email to 
> scap-security-guide-le...@lists.fedorahosted.org

___
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list

Re: [Open-scap] SCAP Security Guide 0.1.32

Re: [Open-scap] SCAP Security Guide 0.1.32

2 matches

Site Navigation

Mail list logo

Footer information