OL7 stig v2r10 update

linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/rule.yml

@@ -54,6 +54,8 @@ ocil: |-
 
 {{% if product == "rhel7" %}}
 platform: rhel7_older_than_7_4
+{{% elif product == "ol7" %}}
+platform: ol7_older_than_7_4
 {{% endif %}}
 
 fixtext: '{{{ fixtext_sshd_lineinfile("Compression", xccdf_value("var_sshd_disable_compression"), no) }}}'

linux_os/guide/system/permissions/restrictions/sysctl_kernel_dmesg_restrict/rule.yml

@@ -27,6 +27,7 @@ references:
     hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3),164.308(a)(4),164.310(b),164.310(c),164.312(a),164.312(e)
     nist: SI-11(a),SI-11(b)
     srg: SRG-OS-000132-GPOS-00067,SRG-OS-000138-GPOS-00069
+    stigid@ol7: OL07-00-010375
     stigid@ol8: OL08-00-010375
     stigid@rhel7: RHEL-07-010375
     stigid@rhel8: RHEL-08-010375

products/ol7/profiles/stig.profile

@@ -4,7 +4,7 @@ title: 'DISA STIG for Oracle Linux 7'
 
 description: |-
     This profile contains configuration checks that align to the
-    DISA STIG for Oracle Linux V2R9.
+    DISA STIG for Oracle Linux V2R10.
 
 selections:
     - login_banner_text=dod_banners
@@ -159,7 +159,7 @@ selections:
     - file_permissions_var_log_audit
     - file_ownership_var_log_audit
     - audit_rules_system_shutdown
-    - var_audit_failure_mode=panic
+    - var_audit_failure_mode=printk
     - auditd_audispd_configure_remote_server
     - auditd_audispd_encrypt_sent_records
     - auditd_audispd_disk_full_action
@@ -332,3 +332,5 @@ selections:
     - auditd_audispd_remote_daemon_path
     - auditd_audispd_remote_daemon_type
     - account_emergency_expire_date
+    - package_screen_installed
+    - sysctl_kernel_dmesg_restric

products/ol7/profiles/stig_gui.profile

@@ -4,7 +4,7 @@ title: 'DISA STIG with GUI for Oracle Linux 7'
 
 description: |-
     This profile contains configuration checks that align to the
-    DISA STIG with GUI for Oracle Linux V2R9.
+    DISA STIG with GUI for Oracle Linux V2R10.
 
     Warning: The installation and use of a Graphical User Interface (GUI)
     increases your attack vector and decreases your overall security posture. If

shared/applicability/ol7_older_than_7_4.yml

@@ -0,0 +1,3 @@
+name: "cpe:/o:oracle:linux:7:older_than_7_4"
+title: "OL 7 is older than 7.4"
+check_id: ol7_older_than_7_4

shared/checks/oval/ol7_older_than_7_4.xml

@@ -0,0 +1,34 @@
+<def-group>
+  <definition class="inventory" id="ol7_older_than_7_4" version="1">
+    <metadata>
+      <title>Oracle Linux 7 older than 7.4</title>
+      <affected family="unix">
+        <platform>multi_platform_all</platform>
+      </affected>
+      <reference ref_id="cpe:/o:oracle:linux:7:older_than_7_4"
+        source="CPE" />
+      <description>The operating system installed on the system is
+        Oracle Linux 7 older than 7.4</description>
+    </metadata>
+    <criteria>
+      <extend_definition comment="Installed OS is part of the Unix family"
+        definition_ref="installed_OS_is_part_of_Unix_family" />
+      <criteria operator="OR">
+          <criterion comment="Oracle Linux 7 System is installed"
+            test_ref="test_ol7_system_older_than_7_4" />
+      </criteria>
+    </criteria>
+  </definition>
+
+  <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="oraclelinux-release is version 7" id="test_ol7_system_older_than_7_4" version="1">
+    <linux:object object_ref="obj_ol7_system_older_than_7_4" />
+    <linux:state state_ref="state_ol7_system_older_than_7_4" />
+  </linux:rpminfo_test>
+  <linux:rpminfo_state id="state_ol7_system_older_than_7_4" version="1">
+    <linux:version operation="less than" datatype="version">7.4</linux:version>
+  </linux:rpminfo_state>
+  <linux:rpminfo_object id="obj_ol7_system_older_than_7_4" version="1">
+    <linux:name>oraclelinux-release</linux:name>
+  </linux:rpminfo_object>
+
+</def-group>