Description of problem:

For the context, I am new to OpenSCAP. I successfully ran on a Debian 12 (Bookworm) system an oscap oval eval using the definitions found at https://www.debian.org/security/oval/ and I am now trying to use the SCAP Security Guide.

Since there's no Debian 12 profiles in the ssg-debian package, I build and install from sources. But when I then try to run an oscap xccdf eval using the freshly installed definitions, it stops with the following error:

oscap: ./src/XCCDF_POLICY/xccdf_policy.c:627: xccdf_policy_is_item_selected: Assertion `false' failed.

SCAP Security Guide Version:

I am using the commit 59013f6 from master branch.

Operating System Version:

Debian 12 (Bookworm)

Steps to Reproduce:

1. Build using a Python virtual environment

$ python -m venv env
$ source env/bin/activate
(env)$ python -m pip install -r requirements.txt
(env)$ cd build
(env)$ cmake ..
(env)$ make -j10
(env)$ sudo make install

No error, everything looks good.

2. Run oscap xccdf eval using the freshly installed definitions and the virtual environment still active:

(env) $ oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results-arf arf.xml --report report.html --oval-results /usr/local/share/xml/scap/ssg/content/ssg-debian12-xccdf.xml
...
Title   Enable the NTP Daemon
Rule    xccdf_org.ssgproject.content_rule_service_ntp_enabled
Result  notapplicable

Title   Set SSH Client Alive Count Max to zero
Rule    xccdf_org.ssgproject.content_rule_sshd_set_keepalive_0
Result  notapplicable

oscap: ./src/XCCDF_POLICY/xccdf_policy.c:627: xccdf_policy_is_item_selected: Assertion `false' failed.
Abandon

Actual Results:

oscap: ./src/XCCDF_POLICY/xccdf_policy.c:627: xccdf_policy_is_item_selected: Assertion `false' failed.

Expected Results:

An arf.xml file and a HTML report.

Additional Information/Debugging Steps: