Version 5.6 RC 2 has been posted

I am pleased to announce that Version 5.6 RC 2 has been posted.

http://oval.mitre.org/language/download/schema/version5.6/index.html

With this release candidate we are also delaying the official release of version 5.6 by one week. The new release date is September 4^th. If you have any questions or comments, please let us know.

Thanks,

Jon

The following known issues have been fixed in Version 5.6 RC 2:

-          BUG - Missing lower bound on the max_depth attribute in all file behaviors to -1.

While updating the interpreter we noticed that the schema did not set a lower bound on this attribute despite the fact that the schema documentation implied a lower bound of -1 and one was intended.

-          BUG - Missing Schematron rule to ind-def:textfilecontent_test and ind-def:textfilecontent54_test.

The schema documentation specified that the line entity uses a pattern match only the Schematron rule enforcing this was missing.

-          BUG - Missing state_operator attribute to the oval-res:TestType definition.

When updating the oval-def:TestType to support a single test referencing multiple states the state_operator attribute was added to the oval-def:TestType, but it was not added to the oval-res:TestType.

-          BUG – Documentation of new state_operator did not align with intended behavior.

While implementing support for the new state_operator in the OVAL Interpreter we realized that the documentation for this new attribute was not clear and would likely lead to the wrong implementation.

-          BUG – Incorrect documentation on the ind-def:ldap_test

The documentation specifically disallowed the collection of data from LDAP objects that did not contain a relative_dn value (relative_dn set to nil) as it also required that the attribute entity to also be set to nil.  As a result, data from the LDAP objects that only include a suffix value such as the domain (DC=Example,DC=Com) could not be collected.

-          BUG - Incorrect the documentation on the win-def:activedirectory_test

The documentation specifically disallowed the collection of data from Active Directory objects that did not contain a relative_dn value (relative_dn set to nil) as it also required the attribute entity to also be set to nil.  As a result, data from Active Directory objects that only include a naming context value such as the domain (DC=Example,DC=Com), configuration (CN=Configuration,DC=Example,DC=Com), and schema ( CN=Schema,CN=Configuration,DC=Example,DC=Com) could not be collected.

-          FEATURE REQUEST - Request for new IBM AIX test for examining interim fixes.

There has also been a request for a new test in the AIX component schema that will support checking interim fixes without this support OVAL cannot be used to support this kind of patch checking any other way. Adding this test now will greatly reduce the level of effort required to get this new test into the language. The alternative is to do a 5.7 release on an shortened release timeline to add this test. A 5.7 will not be finalized in time for the next revision of SCAP whereas 5.6 will. This means that vendors that must support SCAP may have to support two versions of OVAL.

-          FEATURE REQUEST - Request for new behavior on the win-def:wuaupdatesearcher_object.

There has also been a request for a new behavior on the win-def:wuaupdatesearcher_object that will allow a content author to specifically include or exclude updates that have been superseded. Adding this behavior now will make this test much more useful.