[Open-scap] EXT :Re: SecState Evaluation

Shawn Wells shawn at redhat.com
Thu Dec 13 23:35:36 UTC 2012


On 12/13/12 6:33 PM, Shawn Wells wrote:
> On 12/11/12 6:35 PM, Rodrian, Logan P (IS) wrote:
>> Steve-
>>
>> I in-lined my answers to your questions.  Did the CSV or XLS come 
>> through on the list?
>>
>> I am using the CLIP RedHat 6.2 distribution and the versions of the 
>> tools that are included with it.  I can certainly run any other tools 
>> to verify if that will help.  As I mentioned, I have emailed the 
>> secstate list and they directed me here due to the explanation of 
>> where the problem could exist.
>
> Jumping in late here. Part of your fun here is that CLIP/SecState 
> embeds content from multiple projects, so tracking down bugs with CLIP 
> can be fun.
>
> In reviewing your attachments many (most?) of these appear to be bugs 
> within the SCAP Security Guide content itself, specifically those on 
> the "AUDIT - *" tabs of your spreadsheet. I'll create tickets for the 
> items on the "AUDIT - *" tabs. Please direct correspondence on these 
> items to the SSG project: https://fedorahosted.org/scap-security-guide
>
> Everything on the "Bugs" and "Remediate" tabs appear to be coming from 
> Aqueduct: https://fedorahosted.org/aqueduct/
>
And P.S. -- thank you for the feedback!!

-- 
Shawn Wells
Technical Director,
U.S. Intelligence Programs
(e) shawn at redhat.com
(c) 443.534.0130




More information about the Open-scap-list mailing list