[Bug 1658759] [NEW] oscap with com.ubuntu.xenial.cve.oval.xml wrongly reports many unpatched (and unknown) non-installed packages on Ubuntu Xenial 16.04.1 LTS

Norbert Mon, 23 Jan 2017 10:11:04 -0800

Public bug reported:

Steps to reproduce:
1. Download OVAL definitions
  cd /tmp
  wget 
https://people.canonical.com/~ubuntu-security/oval/com.ubuntu.xenial.cve.oval.xml


2. Install OpenSCAP
  2a.  from official repository
sudo apt-get install libopenscap8
  2b. build from sources
    (see my comment 27 on 
https://answers.launchpad.net/ubuntu/+source/openscap/+question/242354)

3. Check system and open report
  oscap oval eval --results /tmp/results-xenial.xml --report 
/tmp/report-xenial.html /tmp/com.ubuntu.xenial.cve.oval.xml
  firefox /tmp/report-xenial.html

Expected results:
  Fully upgraded system should have 
    0 Non-Compliant/Vulnerable/Unpatched
    0 Unknown
  OVAL scanning results.

Actual results:
  Fully upgraded system has
    1531 Non-Compliant/Vulnerable/Unpatched
    1690 Unknown
  OVAL scanning results.

Notes:
  1. 'oscap oval eval' command works normally on Ubuntu 12.04 LTS and 14.04 LTS 
with openscap from https://github.com/OpenSCAP/openscap. It correctly reports 0 
"Non-Compliant/Vulnerable/Unpatched", 0 "Unknown" OVAL scanning results on 
fully upgraded systems.
  2. Error about "com.ubuntu.xenial.cve.oval.xml" was reported on mail-list 
(https://lists.ubuntu.com/archives/ubuntu-hardened/2016-October/000870.html) 
with no result.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: libopenscap8 1.2.8-1
ProcVersionSignature: Ubuntu 4.4.0-59.80-generic 4.4.35
Uname: Linux 4.4.0-59-generic i686
ApportVersion: 2.20.1-0ubuntu2.5
Architecture: i386
CurrentDesktop: MATE
Date: Mon Jan 23 20:22:42 2017
InstallationDate: Installed on 2016-10-08 (107 days ago)
InstallationMedia: Ubuntu-MATE 16.04.1 LTS "Xenial Xerus" - Release i386 
(20160719)
SourcePackage: openscap
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: openscap (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: apport-bug xenial

** Tags removed: i386

** Summary changed:

- oscap with com.ubuntu.xenial.cve.oval.xml wrongly reports many unpatched (and 
) non-installed packages on Ubuntu Xenial 16.04.1 LTS
+ oscap with com.ubuntu.xenial.cve.oval.xml wrongly reports many unpatched (and 
unknown) non-installed packages on Ubuntu Xenial 16.04.1 LTS

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1658759

Title:
  oscap with com.ubuntu.xenial.cve.oval.xml wrongly reports many
  unpatched (and unknown) non-installed packages on Ubuntu Xenial
  16.04.1 LTS

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1658759/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1658759] [NEW] oscap with com.ubuntu.xenial.cve.oval.xml wrongly reports many unpatched (and unknown) non-installed packages on Ubuntu Xenial 16.04.1 LTS

Reply via email to