STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Oracle Linux 7 Security Technical Implementation Guide

V-221704

CAT I (High)

Oracle Linux 7 must not install packages from the Extra Packages for Enterprise Linux (EPEL) repository.

Rule ID

SV-221704r1155286_rule

STIG

Oracle Linux 7 Security Technical Implementation Guide

Version

V3R5

CCIs

CCI-000381

Discussion

The EPEL is a repository of high-quality open-source packages for enterprise-class Linux distributions such as RHEL, CentOS, AlmaLinux, Rocky Linux, and Oracle Linux. These packages are not part of the official distribution but are built using the same Fedora build system to ensure compatibility and maintain quality standards.

Check Content

Verify OL 7 is not able to install packages from the EPEL with the following command:

# yum repolist enabled | grep -i 'epel'

If any output is returned, this is a finding.

Fix Text

Configure OL7 to not have access to the EPEL repo.

Remove the repo with the following command:

# yum remove oracle-epel-release-el7