Blame SOURCES/scap-security-guide-0.1.59-fix_6844-PR_7673.patch

ff1465
From 155a46f32b02fec3fa9a99d2a6fa2f1a5287fcaf Mon Sep 17 00:00:00 2001
ff1465
From: Matthew Burket <mburket@redhat.com>
ff1465
Date: Wed, 29 Sep 2021 09:43:56 -0500
ff1465
Subject: [PATCH] Add RHEL8 FIPS STIG ID to few rules
ff1465
ff1465
---
ff1465
 .../integrity/crypto/configure_ssh_crypto_policy/rule.yml        | 1 +
ff1465
 .../harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml      | 1 +
ff1465
 .../crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml  | 1 +
ff1465
 3 files changed, 3 insertions(+)
ff1465
ff1465
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
ff1465
index 9ac0b55f65a..2f4fb79eb54 100644
ff1465
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
ff1465
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
ff1465
@@ -29,6 +29,7 @@ references:
ff1465
     nerc-cip: CIP-003-3 R4.2,CIP-007-3 R5.1,CIP-007-3 R7.1
ff1465
     nist: AC-17(a),AC-17(2),CM-6(a),MA-4(6),SC-13
ff1465
     srg: SRG-OS-000250-GPOS-00093
ff1465
+    stigid@rhel8: RHEL-08-010020
ff1465
 
ff1465
 ocil_clause: 'the CRYPTO_POLICY variable is not set or is commented in the /etc/sysconfig/sshd'
ff1465
 
ff1465
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
ff1465
index 682ca436b8d..adeae314fff 100644
ff1465
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
ff1465
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
ff1465
@@ -30,6 +30,7 @@ references:
ff1465
     disa: CCI-001453
ff1465
     nist: AC-17(2)
ff1465
     srg: SRG-OS-000250-GPOS-00093
ff1465
+    stigid@rhel8: RHEL-08-010020
ff1465
 
ff1465
 ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
ff1465
 
ff1465
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
ff1465
index d21f68ac17a..12e527ca33d 100644
ff1465
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
ff1465
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
ff1465
@@ -28,6 +28,7 @@ references:
ff1465
     disa: CCI-001453
ff1465
     nist: AC-17(2)
ff1465
     srg: SRG-OS-000250-GPOS-00093
ff1465
+    stigid@rhel8: RHEL-08-010020
ff1465
 
ff1465
 ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
ff1465