The bug was in the past very broadly defined. It was about discrepancies between our content and the content of CIS assessor.
During the discussion one particular example was used, which was indeed identified as a bug.
The problem is that the rule sudo_custom_logfile does not accept the case when the file path to the log file is surrounded by quotes. This should be valid from the point of view of sudoers syntax.How to reproduce:
1. add the following to the /etc/sudoers:
Defaults logfile="/var/log/sudo.log"

2. run oscap xccdf eval --remediate --profile cis_server_l1 --rule xccdf_org.ssgproject.content_rule_sudo_custom_logfile <path_rto_ds>

3. Inspect the /etc/sudoers file.

Result:
The remediation will end with "error" and there will be two lines in /etc/sudoers.

Defaults logfile="/var/log/sudo.log"

and

Defaults logfile=/var/log/sudo.log

Expected result:

The rule will accept the quoted file path.

Running into issues in the following scenario;

• build rhel 9 hardened with CIS Benchmarking Build Kit according to server L1 recommendations
• run oscap remediation of profile `xccdf_org.ssgproject.content_profile_cis_server_l1` 
• investigate failures and find both profiles remediate some issues in different ways

For example, rule identifier CCE-83527-2, CIS remediates by adding a file /etc/sudoers.d/cis_sudoers.conf. OSCAP provided by RHEL will remediate this by adding the same line in /etc/sudoers instead. Remediating with both profiles you will find the line twice, the sudo.log file created and logging, but oscap runs will still detect it as a failure.

{{}}