SUSE-RU-2021:1964-1: moderate: Recommended update for scap-security-guide

sle-updates at lists.suse.com sle-updates at lists.suse.com
Fri Jun 11 19:20:30 UTC 2021 

   SUSE Recommended Update: Recommended update for scap-security-guide
______________________________________________________________________________

Announcement ID:    SUSE-RU-2021:1964-1
Rating:             moderate
References:         ECO-3319 
Affected Products:
                    SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________

   An update that has 0 recommended fixes and contains one
   feature can now be installed.

Description:

   This update for scap-security-guide fixes the following issues:

   scap-security-guide was updated to 0.1.56 release (jsc#ECO-3319)

   - Align ism_o profile with latest ISM SSP (#6878)
   - Align RHEL 7 STIG profile with DISA STIG V3R3
   - Creating new RHEL 7 STIG GUI profile (#6863)
   - Creating new RHEL 8 STIG GUI profile (#6862)
   - Add the RHEL9 product (#6801)
   - Initial support for SUSE SLE-15 (#6666)
   - add support for osbuild blueprint remediations (#6970)

   This update brings the following SUSE Linux Enterprise STIG SCAP
   automations:

   - SCAP STIG automation for SUSE Linux Enterprise 12 (SUSE supplied, nearly
     complete, missing 4 rules)
   - SCAP STIG automation for SUSE Linux Enterprise 15 (SUSE supplied, nearly
     complete, missing 4 rules)
   - CIS automation for SUSE Linux Enterprise 15 (community supplied)

   It can be evaluated using "oscap" from "openscap-utils", e.g. by doing on
   SUSE Linux Enterprise 12:

   - oscap xccdf eval --profile stig
     /usr/share/xml/scap/ssg/content/ssg-sle12-ds.xml

   On SUSE Linux Enterprise 15:

   - oscap xccdf eval --profile stig
     /usr/share/xml/scap/ssg/content/ssg-sle15-ds.xml

   or the community supplied CIS on SUSE Linux Enterprise 15:

   - oscap xccdf eval --profile cis
     /usr/share/xml/scap/ssg/content/ssg-sle15-ds.xml

   More content will be added in future updates.


Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1964=1



Package List:

   - SUSE Linux Enterprise Server 12-SP5 (noarch):

      scap-security-guide-0.1.56-3.11.1
      scap-security-guide-debian-0.1.56-3.11.1
      scap-security-guide-redhat-0.1.56-3.11.1
      scap-security-guide-ubuntu-0.1.56-3.11.1


References:

More information about the sle-updates mailing list