[Bug 1851682] Re: oscap is broken in ubuntu 19.10
This bug was fixed in the package openscap - 1.2.15-1ubuntu0.2 --- openscap (1.2.15-1ubuntu0.2) bionic; urgency=medium * debian/patches/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74.patch: Fix dangling '*' in dpkginfo_free_reply declaration (LP: #1851682). -- Mark Morlino Wed, 25 Mar 2020 09:53:38 -0400 ** Changed in: openscap (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
This bug was fixed in the package openscap - 1.2.16-2ubuntu3.1 --- openscap (1.2.16-2ubuntu3.1) focal; urgency=medium * debian/patches/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74.patch: Fix dangling '*' in dpkginfo_free_reply declaration (LP: #1851682). -- Mark Morlino Wed, 25 Mar 2020 14:39:37 -0400 ** Changed in: openscap (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
Verified this on both bionic and focal. Testcase: (focal) $ dpkg -l | grep libopenscap8 ii libopenscap8 1.2.16-2ubuntu3.1 amd64Set of libraries enabling integration of the SCAP line of standards $ oscap oval eval --report cve-report.html com.ubuntu.focal.cve.oval.xml The scan was successful and generated a report. Testcase: (bionic) $ dpkg -l | grep libopenscap8 ii libopenscap8 1.2.15-1ubuntu0.2 amd64Set of libraries enabling integration of the SCAP line of standards $oscap oval eval --report cve-report.html com.ubuntu.bionic.cve.oval.xml The scan was successful and generate a report. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
Hello god, or anyone else affected, Accepted openscap into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openscap/1.2.15-1ubuntu0.2 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-bionic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: openscap (Ubuntu Bionic) Status: New => Fix Committed ** Tags added: verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
Hello god, or anyone else affected, Accepted openscap into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openscap/1.2.16-2ubuntu3.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: openscap (Ubuntu Focal) Status: Confirmed => Fix Committed ** Tags added: verification-needed verification-needed-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
This has already been fixed in Groovy, and Eoan just went EOL. I have uploaded your patches to Focal and Bionic, and they are waiting in the respective queues. I tweaked the version numbers and made sure the LP bug number was in the changelog, following SRU policy. I also changed bionic-security to bionic in your Bionic diff changelog, since in order for it to be SRU'ed it can't go directly to -security. In the future, try to follow DEP-3 patch headers. It makes it easier for others to review your patch, for uploading and further maintenance. You can find more details here: https://dep-team.pages.debian.net/deps/dep3/ Also, please look at the Security Team document for version numbers: https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging Thank you for your contribution! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
** Changed in: openscap (Ubuntu Groovy) Status: Confirmed => Fix Released ** No longer affects: openscap (Ubuntu Eoan) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
** Also affects: openscap (Ubuntu Groovy) Importance: Low Status: Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
Because the focal change wasn't picked up before 20.04 LTS's release, groovy will probably need a fix, too, before these packages can be released. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
** Changed in: openscap (Ubuntu Bionic) Importance: Undecided => Low ** Changed in: openscap (Ubuntu Eoan) Importance: Undecided => Low ** Changed in: openscap (Ubuntu Focal) Importance: Undecided => Low -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
** Description changed: + I think this needs an SRU, as such I'm modifying the description based + on the SRU template. I'll update the title and attach debdiffs shortly. + + [Impact] + + The bug causes oscap to fail to run with OVAL files produced by the + Ubuntu Security team. + + This is the upstream issue: + https://github.com/OpenSCAP/openscap/issues/1367 + + The fix is simple and I've tested in under bionic, eoan, and focal. + + The patch corrects an typo or copy/paste error in the original code. + https://github.com/OpenSCAP/openscap/commit/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74 + + [Test Case] + + This can be reproduced on eoan and focal by following the instructions + for using ubuntu security oval data here: https://people.canonical.com + /~ubuntu-security/oval/ + + The bug does not manifest directly in bionic but if you include + libopenscap8 in a snap based on core18, the version of oscap in the snap + will produce the same behavior when you run the snap on eoan or focal + + [Regression Potential] + + The potential for regression seems low in this case. I've built the deb + locally for bionic, eoan, and focal and smoke tested in in VMs using the + ubuntu security OVAL files and the test file from the comment below + https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/comments/2 + + If a regression were to exist, it would likely manifest itself with a + runtime error much like the original problem. + + + ORIGINAL BUG REPORT BELOW + ### oscap segfaults while trying to check using ubuntu-security definitions: The command: oscap oval eval --report /tmp/oscap_report.html /var/tmp/com.ubuntu.eoan.cve.oval.xml Segfault: ... Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Probe with PID=26379 has been killed with signal 11 [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:178] Probe with PID=26379 has core dumped. [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:182] Unable to close probe sd [../../../src/OVAL/oval_probe_ext.c:424] Unable to receive a message from probe [../../../src/OVAL/oval_probe_ext.c:579] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Probe with PID=26393 has been killed with signal 11 [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:178] Probe with PID=26393 has core dumped. [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:182] Unable to close probe sd [../../../src/OVAL/oval_probe_ext.c:424] Unable to receive a message from probe [../../../src/OVAL/oval_probe_ext.c:579] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] The OVAL definitions are taken directly from https://people.canonical.com/~ubuntu- security/oval/com.ubuntu.eoan.cve.oval.xml Version: oscap --version OpenSCAP command line tool (oscap) 1.2.16 Copyright 2009--2017 Red Hat Inc., Durham, North Carolina. Supported specifications XCCDF Version: 1.2 OVAL Version: 5.11.1 CPE Version: 2.3 CVSS Version: 2.0 CVE Version: 2.0 Asset Identification Version: 1.1 Asset Reporting Format Version: 1.1 CVRF Version: 1.1 Capabilities added by auto-loaded plugins SCE Version: 1.0 (from libopenscap_sce.so.8) Paths Schema files: /usr/share/openscap/schemas Default CPE files: /usr/share/openscap/cpe Probes: /usr/lib/x86_64-linux-gnu/openscap ** Patch added: "bionic debdiff" https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+attachment/5342345/+files/openscap_1.2.15-1ubuntu0.2.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
** Patch added: "focal debdiff" https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+attachment/5342347/+files/openscap_1.2.16-2ubuntu4.debdiff ** Description changed: - I think this needs an SRU, as such I'm modifying the description based - on the SRU template. I'll update the title and attach debdiffs shortly. - [Impact] The bug causes oscap to fail to run with OVAL files produced by the Ubuntu Security team. This is the upstream issue: https://github.com/OpenSCAP/openscap/issues/1367 The fix is simple and I've tested in under bionic, eoan, and focal. The patch corrects an typo or copy/paste error in the original code. https://github.com/OpenSCAP/openscap/commit/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74 [Test Case] This can be reproduced on eoan and focal by following the instructions for using ubuntu security oval data here: https://people.canonical.com /~ubuntu-security/oval/ The bug does not manifest directly in bionic but if you include libopenscap8 in a snap based on core18, the version of oscap in the snap will produce the same behavior when you run the snap on eoan or focal [Regression Potential] The potential for regression seems low in this case. I've built the deb locally for bionic, eoan, and focal and smoke tested in in VMs using the ubuntu security OVAL files and the test file from the comment below https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/comments/2 If a regression were to exist, it would likely manifest itself with a runtime error much like the original problem. ORIGINAL BUG REPORT BELOW ### oscap segfaults while trying to check using ubuntu-security definitions: The command: oscap oval eval --report /tmp/oscap_report.html /var/tmp/com.ubuntu.eoan.cve.oval.xml Segfault: ... Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Probe with PID=26379 has been killed with signal 11 [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:178] Probe with PID=26379 has core dumped. [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:182] Unable to close probe sd [../../../src/OVAL/oval_probe_ext.c:424] Unable to receive a message from probe [../../../src/OVAL/oval_probe_ext.c:579] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] Probe with PID=26393 has been killed with signal 11 [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:178] Probe with PID=26393 has core dumped. [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:182] Unable to close probe sd [../../../src/OVAL/oval_probe_ext.c:424] Unable to receive a message from probe [../../../src/OVAL/oval_probe_ext.c:579] Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179] The OVAL definitions are taken directly from https://people.canonical.com/~ubuntu- security/oval/com.ubuntu.eoan.cve.oval.xml Version: oscap --version OpenSCAP command line tool (oscap) 1.2.16 Copyright 2009--2017 Red Hat Inc., Durham, North Carolina. Supported specifications XCCDF Version: 1.2 OVAL Version: 5.11.1 CPE Version: 2.3 CVSS Version: 2.0 CVE Version: 2.0 Asset Identification Version: 1.1 Asset Reporting Format Version: 1.1 CVRF Version: 1.1 Capabilities added by auto-loaded plugins SCE Version: 1.0 (from libopenscap_sce.so.8) Paths Schema files: /usr/share/openscap/schemas Default CPE files: /usr/share/openscap/cpe Probes: /usr/lib/x86_64-linux-gnu/openscap -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
** Patch added: "eoan debdiff" https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+attachment/5342346/+files/openscap_1.2.16-2ubuntu1.1.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
** Also affects: openscap (Ubuntu Bionic) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
I created a test OVAL file to dig into this a little bit more. $ cat com.ubuntu.test.cve.oval.xml http://oval.mitre.org/XMLSchema/oval-definitions-5; xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent; xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5; xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix; xmlns:linux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#macos linux-definitions-schema.xsd"> Canonical CVE OVAL Generator 1.1 5.11.1 2020-03-03T10:37:20 CVE-1970-0200 on Ubuntu - high. OVAL TEST To simulate a vunlerable package with no available patch being installed on the system. Checks for the 'linux-doesnotexist-base' package to be installed on the system. There is no 'linux-doesnotexist-base' package so it will never be installed. This test should always return false (not vulnerable) and appear green in the report. Ubuntu High Copyright (C) 2018 Canonical Ltd. 2018-01-24 10:29:00 UTC CVE-1970-0300 on Ubuntu - high. OVAL TEST This is the opposite of the previous test, just to confirm that oscap correct detects the installed package Checks for the 'linux-base' package to be installed on the system. There should always be a 'linux-base' package installed. This test should always return true (vulnerable) and appear red/orange in the report. Ubuntu High Copyright (C) 2018 Canonical Ltd. 2018-01-24 10:29:00 UTC CVE-1907-0400 on Ubuntu - high. OVAL TEST To simulate an installed package that is vulnerable when there is an available version to fix the CVE. Checks for version less than '99:99.9.9+dfsg-9ubuntu9.9' of the 'linux-base' package to be installed on the system. There should always be a 'linux-base' package installed and the version will be less than '99:99.9.9+dfsg-9ubuntu9.9'. This test should always return true (vulnerable) and appear red/orange in the report. Ubuntu High Copyright (C) 2017 Canonical Ltd. 2017-03-27 17:59:00 UTC 2017-03-27 CVE-1907-0500 on Ubuntu - high. OVAL TEST To simulate an installed package that is updated to a patched version and not vulnerable to CVE. Checks for version less than '00:00.0.0+dfsg-0ubuntu0.0' of the 'linux-base' package to be installed on the system. There should always be a 'linux-base' package installed and the version will be greater than '00:00.0.0+dfsg-0ubuntu0.0'. This test should always return false (not vulnerable) and appear green in the report. Ubuntu https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6458; /> High Copyright (C) 2017 Canonical Ltd. 2017-03-27 17:59:00 UTC 2017-03-27
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
** Also affects: openscap (Ubuntu Focal) Importance: Undecided Status: Confirmed ** Also affects: openscap (Ubuntu Eoan) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1851682] Re: oscap is broken in ubuntu 19.10
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: openscap (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851682 Title: oscap is broken in ubuntu 19.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1851682/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs