Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: rhel-9.4.z
Affects Version/s: rhel-9.2.0
Component/s: openscap
Labels:
- MigratedToJIRA

Fixed in Build:
openscap-1.3.10-1.el9_4
Regression:
None
Severity:
None

Pool Team:

rhel-sst-security-compliance
Sub-System Group:

ssg_security

Story Points:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Sprint:
None

Acceptance Criteria:

Hide

(Sanity check) Check that OSCAP_PROBE_MAX_COLLECTED_ITEMS and OSCAP_PROBE_IGNORE_PATHS env variables are used by openscap.

Check result of smoke-test (especially skip_path tests).

Show
(Sanity check) Check that OSCAP_PROBE_MAX_COLLECTED_ITEMS and OSCAP_PROBE_IGNORE_PATHS env variables are used by openscap. Check result of smoke-test (especially skip_path tests).
Git Pull Request:
https://github.com/OpenSCAP/openscap/pull/2051, https://github.com/OpenSCAP/openscap/pull/2052
Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/130343
Test Coverage:
None

Experience:
Architecture:

Unspecified
Bugzilla Bug:
RHBZ: 2208929

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Description of problem:
It looks like the version is affect by the problem. This can result in an denial of service attack.

Version-Release number of selected component (if applicable):
libxml2-2.9.13-3.el9_1.x86_64

Additional info:
https://www.suse.com/support/kb/doc/?id=000019477

external trackers

PnT-DevOps Jira RHELPLAN-159675

Red Hat Issue Tracker RHELPLAN-157803

links to

https://tcms.engineering.redhat.com/case/75476/?from_plan=3867

relevant Google Document

RHBA-2024:130343 openscap bug fix and enhancement update

Assignee:: Jan Cerny

Reporter:: Frank Büttner

Developer:: Jan Cerny

QA Contact:: Milan Lysonek

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Created:: 2023/09/15 5:31 PM

Updated:: 2024/11/08 1:55 AM

Resolved:: 2024/04/25 9:38 AM

Release Date:: 2024/04/25