I am trying to write an OVAL test that is predicated on the value of the PACKAGER tag for a given RPM package. I did not see this tag in the list of rpminfo tags exposed in the current OVAL schema. I was hoping there was a way to get this information without needing to extend the OVAL language itself (thus creating a fork that users of my content might not have access to). Is this possible, or is support for pulling in this information only possible through language extension? Thank you, Nathan Banek Forcepoint LLC

Hello, I don't know the details and rationale for your use case. Nevertheless, I cannot imagine the reason, why I would check the packager tag of RPM. Anyone capable of building rpms is able to put any packager tag they wish. And thus it thus tag is more of informational than something I could rely onto. What I would advise instead is check signature of rpm. See signature_keyid element within rpminfo_state. By checking the key that has signed given rpm you get much greater certainty about the origins of the given package than any other way. Kind regards, -- Šimon Lukašík Member of technical staff Office of the Chief Technologist Red Hat Public Sector Banek, Nathan <Nathan.Banek@forcepoint.com> writes: > I am trying to write an OVAL test that is predicated on the value of the PACKAGER tag for a given RPM package. I did not see this tag in the list of rpminfo tags exposed in the current OVAL schema. I was hoping there was a way to get this information without needing to extend the OVAL language itself (thus creating a fork that users of my content might not have access to). > > Is this possible, or is support for pulling in this information only possible through language extension? > > Thank you, > Nathan Banek > Forcepoint LLC > > > _______________________________________________ > OVAL_Developer mailing list > OVAL_Developer@lists.cisecurity.org > http://lists.cisecurity.org/mailman/listinfo/oval_developer_lists.cisecurity.org