Add functionality to allow updating a profile to a new STIG version with changed Vuln IDs #18

wdower · 2021-04-21T21:17:00Z

I would like to use inspec_delta to go from the RHEL 7 profile to a RHEL 8 profile.

At present, RHEL 8's STIG controls have different Vul IDs than RHEL 7 (RHEL 7 STIG controls start with V-7, V-8, or V-9, while the RHEL 8 controls start with V-2). As a result inspec_delta will simply stub out control metadata for what it parses as "new" controls, even though I suspect that many of the controls' describe blocks for RHEL 8 will wind up being very similar to RHEL 7.

It would be very helpful if inspec_delta had a way to map new Vuln IDs to their old counterparts to allow the control code to transfer to the new profile (while still using the new STIG's tags, description, etc.).

The text was updated successfully, but these errors were encountered:

wdower linked a pull request Feb 1, 2022 that will close this issue

added ability to compare new benchmarks to old profiles still using deprecated IDs (V-XXXXXX) mitre/inspec_delta#1

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add functionality to allow updating a profile to a new STIG version with changed Vuln IDs #18

Add functionality to allow updating a profile to a new STIG version with changed Vuln IDs #18

wdower commented Apr 21, 2021

Add functionality to allow updating a profile to a new STIG version with changed Vuln IDs #18

Add functionality to allow updating a profile to a new STIG version with changed Vuln IDs #18

Comments

wdower commented Apr 21, 2021