[Open-scap] SecState Evaluation
Simon Lukasik
slukasik at redhat.com
Wed Dec 12 09:25:43 UTC 2012
On 12/11/2012 10:59 PM, Rodrian, Logan P (IS) wrote:
> Hello-
>
Hello Rodrigan,
What led you to conclusion that these failures are caused by bugs in
OpenSCAP scanner?
> Along with the recent release of CLIP, I have begun using SecState to
> perform auditing and remediation for my system. In performing these
> tasks and viewing the reports, I found that there were multiple issues
> with the checks being performed incorrectly.
>
>>From the common profile, which is what I am running, I found the following:
>
> Check Incorrect (Pre Remediation) 15
> Check Incorrect (Post Remediation) 15+19 (34)
>
> I have compiled a spreadsheet documenting my findings.
>
> I have contacted the SecState mailing list and I was directed to submit
> identified errors in the checks to this list. I have attached 2 CSV
> files containing both the Pre and Post incorrectness as well as the
> larger XLS spreadsheet.
>
> Please take a look at the findings. If you could provide any detail on
> the status/state of these issues (are they already known? are these
> new?) and/or the planned date of future release that may include any
> fixes, it would be much appreciated. Additionally, if there is a single
> point of contact appropriate to work with on this, that information
> would be useful.
>
> Thank you.
>
> Logan Rodrian
>
--
Simon Lukasik
Security Technologies
More information about the Open-scap-list
mailing list