STIGQter STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

Vendor-packaged SUSE operating system security patches and updates must be installed and up to date.

DISA Rule

SV-234802r622137_rule

Vulnerability Number

V-234802

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

SLES-15-010010

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Install the applicable SUSE operating system patches available from SUSE by running the following command:

> sudo zypper patch

Check Contents

Verify the SUSE operating system security patches and updates are installed and up to date.

Note: Updates are required to be applied with a frequency determined by the site or Program Management Office (PMO).

Check for required SUSE operating system patches and updates with the following command:

> sudo zypper patch-check

0 patches needed (0 security patches)

If the patch repository data is corrupt, check that the available package security updates have been installed on the system with the following command:

> cut -d "|" -f 1-4 -s --output-delimiter " | " /var/log/zypp/history | grep -v " radd "

2016-12-14 11:59:36 | install | libapparmor1-32bit | 2.8.0-2.4.1
2016-12-14 11:59:36 | install | pam_apparmor | 2.8.0-2.4.1
2016-12-14 11:59:36 | install | pam_apparmor-32bit | 2.8.0-2.4.1

If the SUSE operating system has not been patched within the site or PMO frequency, this is a finding.

Vulnerability Number

V-234802

Documentable

False

Rule Version

SLES-15-010010

Severity Override Guidance

Verify the SUSE operating system security patches and updates are installed and up to date.

Note: Updates are required to be applied with a frequency determined by the site or Program Management Office (PMO).

Check for required SUSE operating system patches and updates with the following command:

> sudo zypper patch-check

0 patches needed (0 security patches)

If the patch repository data is corrupt, check that the available package security updates have been installed on the system with the following command:

> cut -d "|" -f 1-4 -s --output-delimiter " | " /var/log/zypp/history | grep -v " radd "

2016-12-14 11:59:36 | install | libapparmor1-32bit | 2.8.0-2.4.1
2016-12-14 11:59:36 | install | pam_apparmor | 2.8.0-2.4.1
2016-12-14 11:59:36 | install | pam_apparmor-32bit | 2.8.0-2.4.1

If the SUSE operating system has not been patched within the site or PMO frequency, this is a finding.

Check Content Reference

M

Target Key

5274

Comments