New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Waivers cleanup (scap-security-guide 0.1.74 stabilization) #253

Merged

comps merged 1 commit into RHSecurityCompliance:main from mildas:0174_waiver_cleanup

Aug 8, 2024

Contributor

mildas commented Aug 8, 2024

I have checked 2 recent stabilization test runs and checked warn if some of the waivers are still there or gone

/hardening/.*/cis[^/]*/sshd_use_approved_ciphers - sshd_use_approved_ciphers fails for all CIS profiles in all test cases ComplianceAsCode/content#12096 closed as completed
/scanning/disa-alignment/.*/CCE-90811-1 - CCE-90811-1 is notselected by SSG, however for DISA STIG it fail ComplianceAsCode/content#11803 closed as completed
/static-checks/html-links/http://chrony.tuxfamily.org/ - CCE-90811-1 is notselected by SSG, however for DISA STIG it fail ComplianceAsCode/content#11803 closed as completed
/hardening/host-os/oscap/ism_o/firewalld_sshd_port_enabled - firewalld_sshd_port_enabled fails on aarch64 in ism_o profile ComplianceAsCode/content#12233 closed as completed
/scanning/disa-alignment/.*/accounts_tmout - rule accounts_tmout is misaligned with DISA STIG ComplianceAsCode/content#11548 issue still opened. I will double check and close issue as not relevant anymore

The rest of issues are without reported issue.

On this PR, I will perform daily productization test run to see if some of the waiver removals was incorrect.


          Waivers cleanup (scap-security-guide 0.1.74 stabilization)

021b4d5

comps merged commit c91bc7c into RHSecurityCompliance:main

3 checks passed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet