Tree - rpms/scap-security-guide

skyler / rpms / scap-security-guide

Forked from rpms/scap-security-guide 3 years ago
Source
Stats
Files

Blob Blame History Raw
From d1b9040748605416220e09feb56fc5a6b6402f1e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
Date: Tue, 7 Jul 2020 16:37:30 +0200
Subject: [PATCH] Add zipl to CPE dictionaries in all Linux products

The CPE platform `cpe:/a:zipl` has been set as a platform for XCCDF
group `bootloader-zipl` but the definition of the CPE was missing from
the CPE dictionary in some datastreams, for example fedora datastream.
This triggered error SRC-15 in NIST scapval tool.
---
 debian10/cpe/debian10-cpe-dictionary.xml       | 4 ++++
 debian8/cpe/debian8-cpe-dictionary.xml         | 4 ++++
 debian9/cpe/debian9-cpe-dictionary.xml         | 4 ++++
 fedora/cpe/fedora-cpe-dictionary.xml           | 4 ++++
 ol7/cpe/ol7-cpe-dictionary.xml                 | 4 ++++
 ol8/cpe/ol8-cpe-dictionary.xml                 | 4 ++++
 opensuse/cpe/opensuse-cpe-dictionary.xml       | 4 ++++
 rhel6/cpe/rhel6-cpe-dictionary.xml             | 4 ++++
 rhel7/cpe/rhel7-cpe-dictionary.xml             | 4 ++++
 rhv4/cpe/rhv4-cpe-dictionary.xml               | 4 ++++
 sle11/cpe/sle11-cpe-dictionary.xml             | 4 ++++
 sle12/cpe/sle12-cpe-dictionary.xml             | 4 ++++
 ubuntu1404/cpe/ubuntu1404-cpe-dictionary.xml   | 4 ++++
 ubuntu1604/cpe/ubuntu1604-cpe-dictionary.xml   | 4 ++++
 ubuntu1804/cpe/ubuntu1804-cpe-dictionary.xml   | 4 ++++
 wrlinux1019/cpe/wrlinux1019-cpe-dictionary.xml | 4 ++++
 wrlinux8/cpe/wrlinux8-cpe-dictionary.xml       | 4 ++++
 19 files changed, 76 insertions(+)

diff --git a/debian10/cpe/debian10-cpe-dictionary.xml b/debian10/cpe/debian10-cpe-dictionary.xml
index f2dbd09cfc..ddb68c34bd 100644
--- a/debian10/cpe/debian10-cpe-dictionary.xml
+++ b/debian10/cpe/debian10-cpe-dictionary.xml
@@ -72,4 +72,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/debian8/cpe/debian8-cpe-dictionary.xml b/debian8/cpe/debian8-cpe-dictionary.xml
index f385709052..24bbca69cd 100644
--- a/debian8/cpe/debian8-cpe-dictionary.xml
+++ b/debian8/cpe/debian8-cpe-dictionary.xml
@@ -72,4 +72,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/debian9/cpe/debian9-cpe-dictionary.xml b/debian9/cpe/debian9-cpe-dictionary.xml
index bc90a12bae..d5595fd594 100644
--- a/debian9/cpe/debian9-cpe-dictionary.xml
+++ b/debian9/cpe/debian9-cpe-dictionary.xml
@@ -72,4 +72,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/fedora/cpe/fedora-cpe-dictionary.xml b/fedora/cpe/fedora-cpe-dictionary.xml
index ff7cebc322..bef1337fc9 100644
--- a/fedora/cpe/fedora-cpe-dictionary.xml
+++ b/fedora/cpe/fedora-cpe-dictionary.xml
@@ -107,4 +107,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/ol7/cpe/ol7-cpe-dictionary.xml b/ol7/cpe/ol7-cpe-dictionary.xml
index 613f853a6d..5d4691aaf6 100644
--- a/ol7/cpe/ol7-cpe-dictionary.xml
+++ b/ol7/cpe/ol7-cpe-dictionary.xml
@@ -72,4 +72,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/ol8/cpe/ol8-cpe-dictionary.xml b/ol8/cpe/ol8-cpe-dictionary.xml
index 912fe01346..35167b1f70 100644
--- a/ol8/cpe/ol8-cpe-dictionary.xml
+++ b/ol8/cpe/ol8-cpe-dictionary.xml
@@ -67,4 +67,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/opensuse/cpe/opensuse-cpe-dictionary.xml b/opensuse/cpe/opensuse-cpe-dictionary.xml
index 7f485b800e..6b95e46d3f 100644
--- a/opensuse/cpe/opensuse-cpe-dictionary.xml
+++ b/opensuse/cpe/opensuse-cpe-dictionary.xml
@@ -87,4 +87,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/rhel6/cpe/rhel6-cpe-dictionary.xml b/rhel6/cpe/rhel6-cpe-dictionary.xml
index 2c8a82ebc5..bca8986f7a 100644
--- a/rhel6/cpe/rhel6-cpe-dictionary.xml
+++ b/rhel6/cpe/rhel6-cpe-dictionary.xml
@@ -87,4 +87,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/rhel7/cpe/rhel7-cpe-dictionary.xml b/rhel7/cpe/rhel7-cpe-dictionary.xml
index f232b7ed29..bc2aa869e8 100644
--- a/rhel7/cpe/rhel7-cpe-dictionary.xml
+++ b/rhel7/cpe/rhel7-cpe-dictionary.xml
@@ -102,4 +102,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/rhv4/cpe/rhv4-cpe-dictionary.xml b/rhv4/cpe/rhv4-cpe-dictionary.xml
index db1b4b239b..02450d6efc 100644
--- a/rhv4/cpe/rhv4-cpe-dictionary.xml
+++ b/rhv4/cpe/rhv4-cpe-dictionary.xml
@@ -72,4 +72,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/sle11/cpe/sle11-cpe-dictionary.xml b/sle11/cpe/sle11-cpe-dictionary.xml
index 1b6b3e2518..b7cb4e1fd5 100644
--- a/sle11/cpe/sle11-cpe-dictionary.xml
+++ b/sle11/cpe/sle11-cpe-dictionary.xml
@@ -77,4 +77,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/sle12/cpe/sle12-cpe-dictionary.xml b/sle12/cpe/sle12-cpe-dictionary.xml
index b1b66e1294..73cddd7740 100644
--- a/sle12/cpe/sle12-cpe-dictionary.xml
+++ b/sle12/cpe/sle12-cpe-dictionary.xml
@@ -77,4 +77,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/ubuntu1404/cpe/ubuntu1404-cpe-dictionary.xml b/ubuntu1404/cpe/ubuntu1404-cpe-dictionary.xml
index 7f3ce4271b..3f5447741b 100644
--- a/ubuntu1404/cpe/ubuntu1404-cpe-dictionary.xml
+++ b/ubuntu1404/cpe/ubuntu1404-cpe-dictionary.xml
@@ -72,4 +72,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/ubuntu1604/cpe/ubuntu1604-cpe-dictionary.xml b/ubuntu1604/cpe/ubuntu1604-cpe-dictionary.xml
index 83f0c8c516..e3e842842b 100644
--- a/ubuntu1604/cpe/ubuntu1604-cpe-dictionary.xml
+++ b/ubuntu1604/cpe/ubuntu1604-cpe-dictionary.xml
@@ -72,4 +72,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/ubuntu1804/cpe/ubuntu1804-cpe-dictionary.xml b/ubuntu1804/cpe/ubuntu1804-cpe-dictionary.xml
index 77b78d74ec..897673c6f5 100644
--- a/ubuntu1804/cpe/ubuntu1804-cpe-dictionary.xml
+++ b/ubuntu1804/cpe/ubuntu1804-cpe-dictionary.xml
@@ -72,4 +72,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/wrlinux1019/cpe/wrlinux1019-cpe-dictionary.xml b/wrlinux1019/cpe/wrlinux1019-cpe-dictionary.xml
index cc4e806a4d..ef7e803505 100644
--- a/wrlinux1019/cpe/wrlinux1019-cpe-dictionary.xml
+++ b/wrlinux1019/cpe/wrlinux1019-cpe-dictionary.xml
@@ -71,4 +71,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
diff --git a/wrlinux8/cpe/wrlinux8-cpe-dictionary.xml b/wrlinux8/cpe/wrlinux8-cpe-dictionary.xml
index 824c575a6a..7184ebfd0b 100644
--- a/wrlinux8/cpe/wrlinux8-cpe-dictionary.xml
+++ b/wrlinux8/cpe/wrlinux8-cpe-dictionary.xml
@@ -71,4 +71,8 @@
             <!-- the check references an OVAL file that contains an inventory definition -->
             <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_yum_package</check>
       </cpe-item>
+      <cpe-item name="cpe:/a:zipl">
+            <title xml:lang="en-us">System uses zipl</title>
+            <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5" href="filename">installed_env_has_zipl_package</check>
+      </cpe-item>
 </cpe-list>
skyler / rpms / scap-security-guide

Source Code

Files
