-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathProfiles_20160303_104506.yaml
112 lines (111 loc) · 3.47 KB
/
Profiles_20160303_104506.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
---
- MiqPolicySet:
name: 3b66a1d8-e099-11e5-af41-0050568dc0ef
description: Linux Security
set_type: MiqPolicySet
guid: 3b66a1d8-e099-11e5-af41-0050568dc0ef
read_only:
set_data:
mode:
owner_type:
owner_id:
userid:
group_id:
MiqPolicy:
- name: 13ddc746-e084-11e5-af41-0050568dc0ef
description: DROWN Vulnerability
expression: !ruby/object:MiqExpression
exp:
INCLUDES:
field: Vm-platform
value: Linux
context_type:
towhat: Vm
guid: 13ddc746-e084-11e5-af41-0050568dc0ef
created_by: admin
updated_by: admin
notes: |
Red Hat Product Security has been made aware of a vulnerability in the SSLv2 protocol, which has been assigned CVE-2016-0800 and is used in a cross-protocol attack referred to as DROWN - Decrypting RSA using Obsolete and Weakened eNcryption.
https://access.redhat.com/security/vulnerabilities/drown
https://access.redhat.com/articles/2176731
active: true
mode: compliance
MiqPolicyContent:
- qualifier: failure
failure_sequence: 1
failure_synchronous: true
MiqEventDefinition:
name: vm_compliance_check
description: VM Compliance Check
guid: c5583f72-acce-11e5-9802-0050568dc0ef
event_type: Default
definition:
default:
enabled:
MiqAction:
name: compliance_failed
description: Mark as Non-Compliant
guid: c1fba882-acce-11e5-9802-0050568dc0ef
action_type: default
options: {}
- qualifier: failure
failure_sequence: 2
failure_synchronous: true
MiqEventDefinition:
name: vm_compliance_check
description: VM Compliance Check
guid: c5583f72-acce-11e5-9802-0050568dc0ef
event_type: Default
definition:
default:
enabled:
MiqAction:
name: log
description: Generate log message
guid: c1eb8c7c-acce-11e5-9802-0050568dc0ef
action_type: default
options: {}
- qualifier: failure
failure_sequence: 3
failure_synchronous: true
MiqEventDefinition:
name: vm_compliance_check
description: VM Compliance Check
guid: c5583f72-acce-11e5-9802-0050568dc0ef
event_type: Default
definition:
default:
enabled:
MiqAction:
name: evm_event
description: Show EVM Event on Timeline
guid: c1ec1908-acce-11e5-9802-0050568dc0ef
action_type: default
options: {}
Condition:
- name: 2d9b2368-e08e-11e5-af41-0050568dc0ef
description: DROWN Vulnerability
modifier: allow
expression: !ruby/object:MiqExpression
exp:
and:
- CONTAINS:
field: Vm.guest_applications-name
value: openssl
- FIND:
search:
"=":
field: Vm.guest_applications-version
value: 1.0.1e
checkall:
REGULAR EXPRESSION MATCHES:
field: Vm.guest_applications-release
value: ''
context_type:
towhat: Vm
file_mtime:
guid: 2d9b2368-e08e-11e5-af41-0050568dc0ef
filename:
applies_to_exp:
miq_policy_id:
notes: