Merge pull request #11594 from jan-cerny/reference_removal

Use control files to generate references

applications/openshift/logging/audit_profile_set/rule.yml

@@ -57,7 +57,6 @@ references:
   nerc-cip: CIP-003-8 R4,CIP-003-8 R4.1,CIP-003-8 R4.2,CIP-003-8 R5.2,CIP-003-8 R6,CIP-004-6 R2.2.2,CIP-004-6 R2.2.3,CIP-004-6 R3.3,CIP-007-3 R.1.3,CIP-007-3 R5,CIP-007-3 R5.1.1,CIP-007-3 R5.2,CIP-007-3 R5.3.1,CIP-007-3 R5.3.2,CIP-007-3 R5.3.3,CIP-007-3 R6.5
   nist: AU-2,AU-3,AU-3(1),AU-6,AU-6(1),AU-7,AU-7(1),AU-8,AU-8(1),AU-9,AU-12,AU-12(1),AU-12(3),CM-5(1),SI-11,SI-12,SI-4(20),SI-4(23)
   pcidss: Req-2.2,Req-12.5.5
-  pcidss4: '10.2.2'
   srg: SRG-APP-000089-CTR-000150,SRG-APP-000090-CTR-000155,SRG-APP-000101-CTR-000205
 
 ocil_clause: 'The proper audit profile is not set'

controls/ccn_rhel9.yml

@@ -12,6 +12,8 @@ levels:
   - id: advanced
     inherits_from:
       - intermediate
+reference_type: ccn
+product: rhel9
 
 controls:
   - id: reload_dconf_db

controls/pcidss_4.yml

@@ -5,6 +5,7 @@ version: '4.0'
 source: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf
 levels:
 - id: base
+reference_type: pcidss4
 
 controls:
   - id: '1.1'

controls/stig_rhel9.yml

@@ -3,6 +3,8 @@ title: 'Red Hat Enterprise Linux 9 Security Technical Implementation Guide'
 id: stig_rhel9
 source: https://public.cyber.mil/stigs/downloads/
 version: V1R2
+reference_type: stigid
+product: rhel9
 levels:
     -   id: high
     -   id: medium

linux_os/guide/services/avahi/disable_avahi_group/service_avahi-daemon_disabled/rule.yml

@@ -34,7 +34,6 @@ references:
     iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.9.1.2
     nist: CM-7(a),CM-7(b),CM-6(a)
     nist-csf: PR.IP-1,PR.PT-3
-    pcidss4: "2.2.4"
 
 ocil_clause: |-
     {{{ ocil_clause_service_disabled(service="avahi-daemon") }}}

linux_os/guide/services/base/service_kdump_disabled/rule.yml

@@ -41,7 +41,6 @@ references:
     stigid@ol8: OL08-00-010670
     stigid@rhel7: RHEL-07-021300
     stigid@rhel8: RHEL-08-010670
-    stigid@rhel9: RHEL-09-213115
     stigid@sle12: SLES-12-010840
     stigid@sle15: SLES-15-040190
     stigid@ubuntu2004: UBTU-20-010413

linux_os/guide/services/cron_and_at/file_groupowner_cron_d/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232235
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/cron.d", group="root") }}}'
 

linux_os/guide/services/cron_and_at/file_groupowner_cron_daily/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232235
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/cron.daily", group="root") }}}'
 

linux_os/guide/services/cron_and_at/file_groupowner_cron_deny/rule.yml

@@ -21,7 +21,6 @@ references:
     disa: CCI-000366
     nist: CM-6 b
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232235
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/cron.deny", group="root") }}}'
 

linux_os/guide/services/cron_and_at/file_groupowner_cron_hourly/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232235
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/cron.hourly", group="root") }}}'
 

linux_os/guide/services/cron_and_at/file_groupowner_cron_monthly/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232235
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/cron.monthly", group="root") }}}'
 

linux_os/guide/services/cron_and_at/file_groupowner_cron_weekly/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232235
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/cron.weekly", group="root") }}}'
 

linux_os/guide/services/cron_and_at/file_groupowner_crontab/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232235
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/crontab", group="root") }}}'
 

linux_os/guide/services/cron_and_at/file_owner_cron_d/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232230
 
 ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/cron.d", owner="root") }}}'
 

linux_os/guide/services/cron_and_at/file_owner_cron_daily/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232230
 
 ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/cron.daily", owner="root") }}}'
 

linux_os/guide/services/cron_and_at/file_owner_cron_deny/rule.yml

@@ -21,7 +21,6 @@ references:
     disa: CCI-000366
     nist: CM-6 b
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232230
 
 
 ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/cron.deny", owner="root") }}}'

linux_os/guide/services/cron_and_at/file_owner_cron_hourly/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232230
 
 ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/cron.hourly", owner="root") }}}'
 

linux_os/guide/services/cron_and_at/file_owner_cron_monthly/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232230
 
 ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/cron.monthly", owner="root") }}}'
 

linux_os/guide/services/cron_and_at/file_owner_cron_weekly/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232230
 
 ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/cron.weekly", owner="root") }}}'
 

linux_os/guide/services/cron_and_at/file_owner_crontab/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: '2.2.6'
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232230
 
 ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/crontab", owner="root") }}}'
 

linux_os/guide/services/cron_and_at/file_permissions_cron_d/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: "2.2.6"
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232040
 
 ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/cron.d", perms="-rwx------") }}}'
 

linux_os/guide/services/cron_and_at/file_permissions_cron_daily/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: "2.2.6"
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232040
 
 ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/cron.daily", perms="-rwx------") }}}'
 

linux_os/guide/services/cron_and_at/file_permissions_cron_hourly/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: "2.2.6"
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232040
 
 ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/cron.hourly", perms="-rwx------") }}}'
 

linux_os/guide/services/cron_and_at/file_permissions_cron_monthly/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: "2.2.6"
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232040
 
 ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/cron.monthly", perms="-rwx------") }}}'
 

linux_os/guide/services/cron_and_at/file_permissions_cron_weekly/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: "2.2.6"
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232040
 
 ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/cron.weekly", perms="-rwx------") }}}'
 

linux_os/guide/services/cron_and_at/file_permissions_crontab/rule.yml

@@ -32,9 +32,7 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: "2.2.6"
     srg: SRG-OS-000480-GPOS-00227
-    stigid@rhel9: RHEL-09-232265
 
 ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/crontab", perms="-rw-------") }}}'
 

linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_at_deny_not_exist/rule.yml

@@ -24,7 +24,6 @@ references:
     cis@sle12: 5.1.9
     cis@sle15: 5.1.9
     cis@ubuntu2204: 5.1.9
-    pcidss4: "2.2.6"
 
 ocil_clause: 'the file /etc/at.deny exists'
 

linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/rule.yml

@@ -25,7 +25,6 @@ references:
     cis@sle12: 5.1.8
     cis@sle15: 5.1.8
     cis@ubuntu2204: 5.1.8
-    pcidss4: "2.2.6"
 
 ocil_clause: 'the file /etc/cron.deny exists'
 

linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_at_allow/rule.yml

@@ -24,7 +24,6 @@ references:
     cis@sle15: 5.1.9
     cis@ubuntu2004: 5.1.9
     cis@ubuntu2204: 5.1.9
-    pcidss4: "2.2.6"
 
 ocil_clause: '{{{ ocil_clause_file_group_owner(file="/etc/at.allow", group="root") }}}'
 

linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_groupowner_cron_allow/rule.yml

@@ -33,7 +33,6 @@ references:
     iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.3,A.9.4.1,A.9.4.4,A.9.4.5
     nist: CM-6(a),AC-6(1)
     nist-csf: PR.AC-4,PR.DS-5
-    pcidss4: "2.2.6"
     srg: SRG-OS-000480-GPOS-00227
     stigid@ol7: OL07-00-021120
     stigid@rhel7: RHEL-07-021120

linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_owner_at_allow/rule.yml

@@ -25,7 +25,6 @@ references:
     cis@sle15: 5.1.9
     cis@ubuntu2004: 5.1.9
     cis@ubuntu2204: 5.1.9
-    pcidss4: "2.2.6"
 
 ocil_clause: '{{{ ocil_clause_file_owner(file="/etc/at.allow", owner="root") }}}'
 

linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_at_allow/rule.yml

@@ -34,7 +34,6 @@ references:
     cis@sle15: 5.1.9
     cis@ubuntu2004: 5.1.9
     cis@ubuntu2204: 5.1.9
-    pcidss4: "2.2.6"
 
 ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/at.allow", perms=target_perms) }}}'
 

linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/rule.yml

@@ -35,7 +35,6 @@ references:
     cis@sle15: 5.1.8
     cis@ubuntu2004: 5.1.8
     cis@ubuntu2204: 5.1.8
-    pcidss4: "2.2.6"
     srg: SRG-OS-000480-GPOS-00227
 
 ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/cron.allow", perms=target_perms) }}}'

linux_os/guide/services/cron_and_at/service_cron_enabled/rule.yml

@@ -31,7 +31,6 @@ references:
     iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.9.1.2
     nist: CM-6(a)
     nist-csf: PR.IP-1,PR.PT-3
-    pcidss4: "2.2.6"
 
 ocil: |-
     {{{ ocil_service_enabled(service="cron") }}}

linux_os/guide/services/dhcp/disabling_dhcp_server/package_dhcp_removed/rule.yml

@@ -40,7 +40,6 @@ references:
     iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4,A.9.1.2
     nist: CM-7(a),CM-7(b),CM-6(a)
     nist-csf: PR.IP-1,PR.PT-3
-    pcidss4: "2.2.4"
 
 {{% if 'ubuntu' in product %}}
 {{{ complete_ocil_entry_package(package="isc-dhcp-server") }}}

linux_os/guide/services/dns/disabling_dns_server/package_bind_removed/rule.yml

@@ -21,7 +21,6 @@ identifiers:
     cce@sle15: CCE-91285-7
 
 references:
-    ccn@rhel9: A.8.SEC-RHEL4
     cis-csc: 11,14,3,9
     cis@sle12: 2.2.9
     cis@sle15: 2.2.9

linux_os/guide/services/fapolicyd/package_fapolicyd_installed/rule.yml

@@ -23,7 +23,6 @@ references:
     srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230
     stigid@ol8: OL08-00-040135
     stigid@rhel8: RHEL-08-040135
-    stigid@rhel9: RHEL-09-433010
 
 ocil_clause: 'the fapolicyd package is not installed'
 

linux_os/guide/services/fapolicyd/service_fapolicyd_enabled/rule.yml

@@ -25,7 +25,6 @@ references:
     srg: SRG-OS-000370-GPOS-00155,SRG-OS-000368-GPOS-00154,SRG-OS-000480-GPOS-00230
     stigid@ol8: OL08-00-040136
     stigid@rhel8: RHEL-08-040136
-    stigid@rhel9: RHEL-09-433015
 
 ocil_clause: 'the service is not enabled'
 

linux_os/guide/services/ftp/disabling_vsftpd/package_vsftpd_removed/rule.yml

@@ -19,7 +19,6 @@ identifiers:
     cce@sle15: CCE-85700-3
 
 references:
-    ccn@rhel9: A.8.SEC-RHEL4
     cis-csc: 11,14,3,9
     cis@sle12: 2.2.10
     cis@sle15: 2.2.10
@@ -37,7 +36,6 @@ references:
     stigid@ol8: OL08-00-040360
     stigid@rhel7: RHEL-07-040690
     stigid@rhel8: RHEL-08-040360
-    stigid@rhel9: RHEL-09-215015
     stigid@sle12: SLES-12-030011
     stigid@sle15: SLES-15-010030
 

linux_os/guide/services/ftp/package_ftp_removed/rule.yml

@@ -24,8 +24,6 @@ identifiers:
     cce@rhel8: CCE-90745-1
     cce@rhel9: CCE-86075-9
 
-references:
-    pcidss4: '2.2.4'
 
 ocil: '{{{ describe_package_remove(package="ftp") }}}'
 

linux_os/guide/services/http/securing_httpd/httpd_configure_log_format/rule.yml

@@ -22,8 +22,6 @@ severity: medium
 identifiers:
     cce@rhel7: CCE-80548-1
 
-references:
-    stigid: WA00612
 
 ocil_clause: 'it is not'
 

linux_os/guide/services/http/securing_httpd/httpd_configure_max_keepalive_requests/rule.yml

@@ -22,8 +22,6 @@ severity: medium
 identifiers:
     cce@rhel7: CCE-80551-5
 
-references:
-    stigid: WG110
 
 ocil_clause: 'it is not'
 

linux_os/guide/services/http/securing_httpd/httpd_configure_os_protect_web_server/httpd_antivirus_scan_uploads/rule.yml

@@ -23,9 +23,6 @@ severity: medium
 identifiers:
     cce@rhel7: CCE-80561-4
 
-references:
-    stigid: WG237
-
 ocil_clause: 'it is not'
 
 ocil: |-