[ubuntu-hardened] OVAL shows vulnerabilities when software is not installed
Steve Beattie
sbeattie at ubuntu.com
Tue Oct 25 16:51:11 UTC 2016
On Tue, Oct 25, 2016 at 01:12:15PM +0200, Jesus Linares wrote:
> OVAL files are failing again. It is due to the following error:
>
> > File 'com.ubuntu.xenial.cve.oval.xml' line 65535: Element '{
> > http://oval.mitre.org/XMLSchema/oval-definitions-5}criterion', attribute
> > 'negate': 'True' is not a valid value of the atomic type 'xs:boolean'.
>
>
> I think it could be fixed by changing "*T*rue" for "*t*rue".
Ah nice catch. I've fixed it and caused the OVAL files to be
regenerated, and verified them with "oscap oval validate".
Thanks!
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20161025/065b3a0c/attachment.pgp>
More information about the ubuntu-hardened
mailing list