Entity: line 1: parser error : StartTag: invalid element name <!doctype html>

Question

Entity: line 1: parser error : StartTag: invalid element name <!doctype html>

hectoralicea opened this issue 5 months ago · comments

Hector Alicea commented 5 months ago

Is this an issue with SCAP Workbench?
- No
Is this an issue with SCAP Security Guide (i.e., related to the content of scans, not the scanner proper)?
- Yes
Is this an issue during the OS installation process?
- No

Description of Problem:

Unable to run openscap on Amazon Linux 2 using the amazon or redhat7 profile

OpenSCAP Version:

# oscap --version
OpenSCAP command line tool (oscap) 1.2.17
Copyright 2009--2017 Red Hat Inc., Durham, North Carolina.

==== Supported specifications ====
XCCDF Version: 1.2
OVAL Version: 5.11.1
CPE Version: 2.3
CVSS Version: 2.0
CVE Version: 2.0
Asset Identification Version: 1.1
Asset Reporting Format Version: 1.1
CVRF Version: 1.1

Operating System & Version:

# cat /etc/os-release
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"
SUPPORT_END="2025-06-30"

Steps to Reproduce:

After installing openscap on an Amazon Linux, execute the following command

oscap xccdf eval  --fetch-remote-resources  --profile xccdf_org.ssgproject.content_profile_stig --stig-viewer /var/tmp/results-stig.xml /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml

or

oscap xccdf eval  --fetch-remote-resources  --profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa  --stig-viewer /var/tmp/amzn2-stig-latest/results-stig.xml  /usr/share/xml/scap/ssg/content/ssg-amzn2-ds.xml

or any other permutation.

Actual Results:

[root@ip-10-70-4-35 tmp]# oscap xccdf eval  --fetch-remote-resources  --profile xccdf_org.ssgproject.content_profile_stig  --stig-viewer /var/tmp/rhel8-stig-latest/results-stig.xml  /usr/share/xml/scap/ssg/content/ssg-amzn2-ds.xml >  /var/tmp/rhel8-stig-latest/results-stig.stdout.txt
Downloading: https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml.bz2 ... ok
OpenSCAP Error: Extra content at the end of the document [oscap_source.c:272]
Entity: line 1: parser error : StartTag: invalid element name
<!doctype html>
^
Entity: line 1: parser error : Extra content at the end of the document
<!doctype html>
^
Unable to parse XML from user memory buffer [oscap_source.c:274]
Failed to create OVAL definition model from: 'https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml.bz2'. [xccdf_session.c:1030]

Expected Results:

a valid run without error

Additional Information / Debugging Steps:

No other

Ashley · Answer 1 · Sat Mar 16 2024 06:25:57 GMT+0800 (China Standard Time)

I am facing the same issue

Gabriel Becker · Answer 2 · Sat Mar 16 2024 20:29:44 GMT+0800 (China Standard Time)

The remote resource content doesn't exist anymore:
https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml.bz2

It should use this instead I believe:
https://www.redhat.com/security/data/oval/v2/RHEL7/rhel-7.oval.xml.bz2

But this is a content related issue and should be reported in https://github.com/ComplianceAsCode/content/

It might be even fixed already.

Matthew Burket · Answer 3 · Mon Mar 18 2024 22:52:04 GMT+0800 (China Standard Time)

The URL was fixed in ComplianceAsCode/content#10842

And removed in ComplianceAsCode/content#11547