Hello all,
I would like to propose a new Github issue template which should make
requesting a new SCAP rule easier. It should guide the issue reporter
and answer questions which are important for content authors right away.
Here is the list of questions I would like to have in the template.
Please feel free to give any feedback, ideally until Monday November 16.
~~~
##Which products does the rule apply to?
##Describe the configuration setting enforced by this rule.
##Why is the configuration security relevant?
##How to check the configuration?
###Is it order dependent? (does it need to be at certain place in the file?
###What is correct and incorrect syntax?
##How to remediate
###Does any command need to be run?
##Are there going to be other rules like (similar configuration) this in
the future? (is it worth creating template?)
##Are there any caveats to be considered when testing?
##Is the configuration loaded directly by the <software> or is it stored
in some intermediate database (similar to dconf)? (We want to edit the
lowest level possible, if appropriate)
##Is it possible to check / remediate this configuration in offline
mode? (scanning containers or offline systems)
## Please provide security policy references if possible e.g. STIG
~~~
Have a nice weekend,
--
Vojtech Polasek
Software engineer, security compliance
Red Hat <https://www.redhat.com>
vpolasek(a)redhat.com <mailto:vpolasek@redhat.com>
<https://www.redhat.com>
Hello all,
*Release of Content version 0.1.53 is scheduled for November 13th*, so
I've created a stabilization branch for it.
Now is a good time to hunt for bugs and propose fixes for them. Starting
today, merged Pull Requests should be assigned to milestone v0.1.54.
Bug fixes should be proposed to master and labeled "bugfix", they will
be cherry-picked to the stabilization branch.
The next release 0.1.54 will happen on January 22nd. Stabilization phase
will start on January 11th.
Best regards,
--
Vojtech Polasek
Software engineer, security compliance
Red Hat <https://www.redhat.com>
vpolasek(a)redhat.com <mailto:vpolasek@redhat.com>
<https://www.redhat.com>