First of all, apologies in advance if this is not the correct forum for this question. I'm new to all things SCAP. I'll try to be as concise as possible.
Here's the command I'm running:
oscap oval eval --report $OUTDIR/$OUTFILE /usr/share/scap_content/vulnerabilities/Red_Hat_Enterprise_Linux_7.xml
Here's the result I get for a specific test having to do with java-1.7.0-openjdk:
Rule oval:com.redhat.rhsa:def:20162658
Result false
Class patch
Ident [RHSA-2016:2658-03], [CVE-2016-5542], [CVE-2016-5554], [CVE-2016-5573], [CVE-2016-5582], [CVE-2016-5597]
Title RHSA-2016:2658: java-1.7.0-openjdk security update (Important)
My first question is...why does this test return false if I don't have java installed at all?
My second question is...how can I modify the test to make it return true if java is not installed on the machine?
Thanks!
Greg