From df4b123dd0415beb2a0798884cb3e619e690aea7 Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Wed, 1 Oct 2025 16:47:12 +0300
Subject: [PATCH 1/4] Add SUSE SLE 16 platform to build procedure

---
 CMakeLists.txt                                |  5 ++
 build_product                                 |  1 +
 products/sle16/CMakeLists.txt                 | 10 ++++
 products/sle16/product.yml                    | 47 +++++++++++++++++++
 products/sle16/transforms/constants.xslt      |  9 ++++
 products/sle16/transforms/table-style.xslt    |  5 ++
 .../transforms/xccdf-apply-overlay-stig.xslt  |  8 ++++
 .../sle16/transforms/xccdf2table-cce.xslt     |  9 ++++
 .../xccdf2table-profileccirefs.xslt           |  9 ++++
 ssg/constants.py                              |  5 +-
 10 files changed, 106 insertions(+), 2 deletions(-)
 create mode 100644 products/sle16/CMakeLists.txt
 create mode 100644 products/sle16/product.yml
 create mode 100644 products/sle16/transforms/constants.xslt
 create mode 100644 products/sle16/transforms/table-style.xslt
 create mode 100644 products/sle16/transforms/xccdf-apply-overlay-stig.xslt
 create mode 100644 products/sle16/transforms/xccdf2table-cce.xslt
 create mode 100644 products/sle16/transforms/xccdf2table-profileccirefs.xslt

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 57a1830abd7..8595a1f13f5 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -114,6 +114,7 @@ option(SSG_PRODUCT_RHEL10 "If enabled, the RHEL10 SCAP content will be built" ${
 option(SSG_PRODUCT_RHV4 "If enabled, the RHV4 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
 option(SSG_PRODUCT_SLE12 "If enabled, the SLE12 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
 option(SSG_PRODUCT_SLE15 "If enabled, the SLE15 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
+option(SSG_PRODUCT_SLE16 "If enabled, the SLE16 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
 option(SSG_PRODUCT_SLMICRO5 "If enabled, the SLE Micro 5 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
 option(SSG_PRODUCT_SLMICRO6 "If enabled, the SLE Micro 6 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
 option(SSG_PRODUCT_TENCENTOS4 "If enabled, the TencentOS Server 4 SCAP content will be built" ${SSG_PRODUCT_DEFAULT})
@@ -355,6 +356,7 @@ message(STATUS "RHEL 10: ${SSG_PRODUCT_RHEL10}")
 message(STATUS "RHV 4: ${SSG_PRODUCT_RHV4}")
 message(STATUS "SUSE 12: ${SSG_PRODUCT_SLE12}")
 message(STATUS "SUSE 15: ${SSG_PRODUCT_SLE15}")
+message(STATUS "SUSE 16: ${SSG_PRODUCT_SLE16}")
 message(STATUS "SLE Micro 5: ${SSG_PRODUCT_SLMICRO5}")
 message(STATUS "SLE Micro 6: ${SSG_PRODUCT_SLMICRO6}")
 message(STATUS "TencentOS Server 4: ${SSG_PRODUCT_TENCENTOS4}")
@@ -475,6 +477,9 @@ endif()
 if(SSG_PRODUCT_SLE15)
     add_subdirectory("products/sle15" "sle15")
 endif()
+if(SSG_PRODUCT_SLE16)
+    add_subdirectory("products/sle16" "sle16")
+endif()
 if(SSG_PRODUCT_SLMICRO5)
     add_subdirectory("products/slmicro5" "slmicro5")
 endif()
diff --git a/build_product b/build_product
index 8fd2b5c3278..c67e704cd5c 100755
--- a/build_product
+++ b/build_product
@@ -357,6 +357,7 @@ all_cmake_products=(
 	RHV4
 	SLE12
 	SLE15
+	SLE16
 	SLMICRO5
 	SLMICRO6
 	TENCENTOS4
diff --git a/products/sle16/CMakeLists.txt b/products/sle16/CMakeLists.txt
new file mode 100644
index 00000000000..c105c69cd8a
--- /dev/null
+++ b/products/sle16/CMakeLists.txt
@@ -0,0 +1,10 @@
+# Sometimes our users will try to do: "cd sle16; cmake ." That needs to error in a nice way.
+if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_CURRENT_SOURCE_DIR}")
+    message(FATAL_ERROR "cmake has to be used on the root CMakeLists.txt, see the Building ComplianceAsCode section in the Developer Guide!")
+endif()
+
+set(PRODUCT "sle16")
+ssg_build_product("sle16")
+
+
+ssg_build_html_cce_table(${PRODUCT})
diff --git a/products/sle16/product.yml b/products/sle16/product.yml
new file mode 100644
index 00000000000..c6550fdbd65
--- /dev/null
+++ b/products/sle16/product.yml
@@ -0,0 +1,47 @@
+product: sle16
+full_name: SUSE Linux Enterprise Server 16
+type: platform
+
+families:
+  - suse
+
+major_version_ordinal: 16
+
+benchmark_id: SLE-16
+benchmark_root: "../../linux_os/guide"
+
+profiles_root: "./profiles"
+
+init_system: "systemd"
+
+pkg_manager: "zypper"
+pkg_manager_config_file: "/etc/zypp/zypp.conf"
+
+aide_bin_path: "/usr/bin/aide"
+
+cpes_root: "../../shared/applicability"
+cpes:
+  - sle16:
+      name: "cpe:/o:suse:sles:16.0"
+      title: "SUSE Linux Enterprise Server 16.0"
+      check_id: installed_OS_is_sle16
+
+platform_package_overrides:
+  login_defs: "shadow"
+  grub2: "grub2"
+  sssd: "sssd"
+  crontabs: "cronie"
+  passwd: "shadow"
+
+reference_uris:
+  suse-base-sle16: 'not_publicly_available'
+
+dconf_gdm_dir: "gdm.d"
+
+sysctl_remediate_drop_in_file: "true"
+journald_conf_dir_path: /etc/systemd/journal.d
+xwindows_packages:
+  - xorg-x11-server
+  - xorg-x11-server-extra
+  - xorg-x11-server-Xvfb
+  - xwayland
diff --git a/products/sle16/transforms/constants.xslt b/products/sle16/transforms/constants.xslt
new file mode 100644
index 00000000000..830c77a787d
--- /dev/null
+++ b/products/sle16/transforms/constants.xslt
@@ -0,0 +1,9 @@
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+<xsl:include href="../../../shared/transforms/shared_constants.xslt"/>
+
+<xsl:variable name="product_long_name">SUSE Linux Enterprise Server 16.0</xsl:variable>
+<xsl:variable name="product_short_name">SLES 16</xsl:variable>
+<xsl:variable name="prod_type">sle16</xsl:variable>
+
+</xsl:stylesheet>
diff --git a/products/sle16/transforms/table-style.xslt b/products/sle16/transforms/table-style.xslt
new file mode 100644
index 00000000000..8b6caeab8cd
--- /dev/null
+++ b/products/sle16/transforms/table-style.xslt
@@ -0,0 +1,5 @@
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+<xsl:import href="../../../shared/transforms/shared_table-style.xslt"/>
+
+</xsl:stylesheet>
diff --git a/products/sle16/transforms/xccdf-apply-overlay-stig.xslt b/products/sle16/transforms/xccdf-apply-overlay-stig.xslt
new file mode 100644
index 00000000000..4789419b80a
--- /dev/null
+++ b/products/sle16/transforms/xccdf-apply-overlay-stig.xslt
@@ -0,0 +1,8 @@
+<?xml version="1.0"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns="http://checklists.nist.gov/xccdf/1.1" xmlns:xccdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xhtml="http://www.w3.org/1999/xhtml" exclude-result-prefixes="xccdf">
+
+<xsl:include href="../../../shared/transforms/shared_xccdf-apply-overlay-stig.xslt"/>
+<xsl:include href="constants.xslt"/>
+<xsl:variable name="overlays" select="document($overlay)/xccdf:overlays" />
+
+</xsl:stylesheet>
diff --git a/products/sle16/transforms/xccdf2table-cce.xslt b/products/sle16/transforms/xccdf2table-cce.xslt
new file mode 100644
index 00000000000..f156a669566
--- /dev/null
+++ b/products/sle16/transforms/xccdf2table-cce.xslt
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:cce="http://cce.mitre.org" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:xhtml="http://www.w3.org/1999/xhtml">
+
+<xsl:import href="../../../shared/transforms/shared_xccdf2table-cce.xslt"/>
+
+<xsl:include href="constants.xslt"/>
+<xsl:include href="table-style.xslt"/>
+
+</xsl:stylesheet>
diff --git a/products/sle16/transforms/xccdf2table-profileccirefs.xslt b/products/sle16/transforms/xccdf2table-profileccirefs.xslt
new file mode 100644
index 00000000000..9d8d3e5faf1
--- /dev/null
+++ b/products/sle16/transforms/xccdf2table-profileccirefs.xslt
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8" standalone="yes"?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cdf="http://checklists.nist.gov/xccdf/1.1" xmlns:cci="https://www.cyber.mil/stigs/cci" xmlns:xhtml="http://www.w3.org/1999/xhtml" xmlns:ovalns="http://oval.mitre.org/XMLSchema/oval-definitions-5">
+
+<xsl:import href="../../../shared/transforms/shared_xccdf2table-profileccirefs.xslt"/>
+
+<xsl:include href="constants.xslt"/>
+<xsl:include href="table-style.xslt"/>
+
+</xsl:stylesheet>
diff --git a/ssg/constants.py b/ssg/constants.py
index 0dd3752b308..de789d849aa 100644
--- a/ssg/constants.py
+++ b/ssg/constants.py
@@ -59,7 +59,7 @@
     'openembedded',
     'rhel8', 'rhel9', 'rhel10',
     'rhv4',
-    'sle12', 'sle15', 'slmicro5', 'slmicro6',
+    'sle12', 'sle15', 'sle16', 'slmicro5', 'slmicro6',
     'tencentos4',
     'ubuntu2204', 'ubuntu2404'
 ]
@@ -238,6 +238,7 @@
     "Red Hat Virtualization 4": "rhv4",
     "SUSE Linux Enterprise 12": "sle12",
     "SUSE Linux Enterprise 15": "sle15",
+    "SUSE Linux Enterprise 16": "sle16",
     "SUSE Linux Enterprise Micro 5": "slmicro5",
     "SUSE Linux Enterprise Micro 6": "slmicro6",
     "TencentOS Server 4": "tencentos4",
@@ -315,7 +316,7 @@
     "multi_platform_rhcos": ["rhcos4"],
     "multi_platform_rhel": ["rhel8", "rhel9", "rhel10"],
     "multi_platform_rhv": ["rhv4"],
-    "multi_platform_sle": ["sle12", "sle15"],
+    "multi_platform_sle": ["sle12", "sle15", "sle16"],
     "multi_platform_slmicro": ["slmicro5", "slmicro6"],
     "multi_platform_tencentos": ["tencentos4"],
     "multi_platform_ubuntu": ["ubuntu2204", "ubuntu2404"],

From ae931341924108054c1db621eacdb84b5e352656 Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Wed, 1 Oct 2025 17:46:14 +0300
Subject: [PATCH 2/4] Add initial profile for SLE16 platform

---
 controls/base_sle16.yml                      | 23 +++++++
 products/sle16/profiles/base.profile         | 19 ++++++
 shared/checks/oval/installed_OS_is_sle16.xml | 69 ++++++++++++++++++++
 3 files changed, 111 insertions(+)
 create mode 100644 controls/base_sle16.yml
 create mode 100644 products/sle16/profiles/base.profile
 create mode 100644 shared/checks/oval/installed_OS_is_sle16.xml

diff --git a/controls/base_sle16.yml b/controls/base_sle16.yml
new file mode 100644
index 00000000000..da44120a375
--- /dev/null
+++ b/controls/base_sle16.yml
@@ -0,0 +1,23 @@
+---
+policy: Basis System Security Profile for SUSE Linux Enterprise 16
+title: asis System Security Profile SUSE Linux Enterprise 16
+id: base_sle16
+version: '1.0'
+source: not_publicly_available
+reference_type: suse-base-sle16
+
+levels:
+    - id: high
+    - id: medium
+    - id: low
+
+product: sle16
+
+controls:
+    - id: SLES-16-16016015
+      levels:
+          - high
+      title: SLES 16 must be a vendor-supported release.
+      rules:
+          - installed_OS_is_vendor_supported
+      status: automated
diff --git a/products/sle16/profiles/base.profile b/products/sle16/profiles/base.profile
new file mode 100644
index 00000000000..b1b0d2f46d3
--- /dev/null
+++ b/products/sle16/profiles/base.profile
@@ -0,0 +1,19 @@
+documentation_complete: true
+
+metadata:
+    version: 1.0
+    SMEs:
+        - svet-se
+        - rumch-se
+        - teacup-on-rockingchair
+
+reference: not_publicly_available
+
+title: 'General System Security Profile for SUSE Linux Enterprise (SLES) 16'
+
+description: |-
+    This profile contains configuration checks that align to the
+    General System Security Profile for SUSE Linux Enterprise (SLES) 16.
+
+selections:
+    - base_sle16:all
diff --git a/shared/checks/oval/installed_OS_is_sle16.xml b/shared/checks/oval/installed_OS_is_sle16.xml
new file mode 100644
index 00000000000..282e64eb0c8
--- /dev/null
+++ b/shared/checks/oval/installed_OS_is_sle16.xml
@@ -0,0 +1,69 @@
+<def-group>
+  <definition class="inventory"
+  id="installed_OS_is_sle16" version="1">
+    <metadata>
+      <title>SUSE Linux Enterprise 16</title>
+      <affected family="unix">
+        <platform>multi_platform_all</platform>
+      </affected>
+      <reference ref_id="cpe:/o:suse:linux_enterprise_server:16"
+      source="CPE" />
+      <reference ref_id="cpe:/o:suse:linux_enterprise_desktop:16"
+      source="CPE" />
+      <description>The operating system installed on the system is
+      SUSE Linux Enterprise 15.</description>
+    </metadata>
+    <criteria>
+      <criterion comment="Installed operating system is part of the unix family"
+      test_ref="test_sle15_unix_family" />
+      <criteria operator="OR">
+       <criterion comment="SLE 16 Desktop is installed" test_ref="test_sle16_desktop" />
+       <criterion comment="SLE 16 Server is installed" test_ref="test_sle16_server" />
+       <criterion comment="SLES 16 for SAP Applications is installed" test_ref="test_sles_16_for_sap" />
+      </criteria>
+    </criteria>
+  </definition>
+
+  <ind:family_test check="all" check_existence="at_least_one_exists" comment="installed OS part of unix family" id="test_sle16_unix_family" version="1">
+    <ind:object object_ref="obj_sle16_unix_family" />
+    <ind:state state_ref="state_sle16_unix_family" />
+  </ind:family_test>
+  <ind:family_state id="state_sle16_unix_family" version="1">
+    <ind:family>unix</ind:family>
+  </ind:family_state>
+  <ind:family_object id="obj_sle16_unix_family" version="1" />
+
+  <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="sled-release is version 16" id="test_sle16_desktop" version="1">
+    <linux:object object_ref="obj_sle16_desktop" />
+    <linux:state state_ref="state_sle16_desktop" />
+  </linux:rpminfo_test>
+  <linux:rpminfo_state id="state_sle16_desktop" version="1">
+    <linux:version operation="pattern match">^16.*$</linux:version>
+  </linux:rpminfo_state>
+  <linux:rpminfo_object id="obj_sle16_desktop" version="1">
+    <linux:name>sled-release</linux:name>
+  </linux:rpminfo_object>
+
+  <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="sles-release is version 16" id="test_sle16_server" version="1">
+    <linux:object object_ref="obj_sle16_server" />
+    <linux:state state_ref="state_sle16_server" />
+  </linux:rpminfo_test>
+  <linux:rpminfo_state id="state_sle16_server" version="1">
+    <linux:version operation="pattern match">^16.*$</linux:version>
+  </linux:rpminfo_state>
+  <linux:rpminfo_object id="obj_sle16_server" version="1">
+    <linux:name>sles-release</linux:name>
+  </linux:rpminfo_object>
+
+  <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="SLES_SAP-release is version 16" id="test_sles_16_for_sap" version="1">
+    <linux:object object_ref="obj_sles_16_for_sap" />
+    <linux:state state_ref="state_sles_16_for_sap" />
+  </linux:rpminfo_test>
+  <linux:rpminfo_state id="state_sles_16_for_sap" version="1">
+    <linux:version operation="pattern match">^16.*$</linux:version>
+  </linux:rpminfo_state>
+  <linux:rpminfo_object id="obj_sles_16_for_sap" version="1">
+    <linux:name>SLES_SAP-release</linux:name>
+  </linux:rpminfo_object>
+
+</def-group>

From c6b0d1b1ba7695072722f3944fe2bae7912a037c Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Sun, 12 Oct 2025 12:40:10 +0300
Subject: [PATCH 3/4] Mark control and profiles as DRAFT as SLE16 platform is
 still not finalized

---
 controls/base_sle16.yml              | 4 ++--
 products/sle16/profiles/base.profile | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/controls/base_sle16.yml b/controls/base_sle16.yml
index da44120a375..a71bac72070 100644
--- a/controls/base_sle16.yml
+++ b/controls/base_sle16.yml
@@ -1,6 +1,6 @@
 ---
-policy: Basis System Security Profile for SUSE Linux Enterprise 16
-title: asis System Security Profile SUSE Linux Enterprise 16
+policy: DRAFT Basis System Security Profile for SUSE Linux Enterprise 16
+title: DRAFT Basis System Security Profile SUSE Linux Enterprise 16
 id: base_sle16
 version: '1.0'
 source: not_publicly_available
diff --git a/products/sle16/profiles/base.profile b/products/sle16/profiles/base.profile
index b1b0d2f46d3..1d6c2bcfd35 100644
--- a/products/sle16/profiles/base.profile
+++ b/products/sle16/profiles/base.profile
@@ -9,7 +9,7 @@ metadata:
 
 reference: not_publicly_available
 
-title: 'General System Security Profile for SUSE Linux Enterprise (SLES) 16'
+title: 'DRAFT General System Security Profile for SUSE Linux Enterprise (SLES) 16'
 
 description: |-
     This profile contains configuration checks that align to the

From cd93aac0dce868fea155342aece2db5fb21d1601 Mon Sep 17 00:00:00 2001
From: teacup-on-rockingchair
 <315160+teacup-on-rockingchair@users.noreply.github.com>
Date: Sun, 12 Oct 2025 13:02:40 +0300
Subject: [PATCH 4/4] Fix check for installed OS SLE16

Extend definition of installed_OS_is_vendor_supported with sle16
---
 .../oval/shared.xml                           |  1 +
 .../installed_OS_is_vendor_supported/rule.yml |  4 +--
 products/sle16/product.yml                    |  4 +--
 shared/checks/oval/installed_OS_is_sle16.xml  | 35 ++++++++-----------
 4 files changed, 20 insertions(+), 24 deletions(-)

diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
index 98cd1fdfbb0..a028877c12a 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/oval/shared.xml
@@ -13,6 +13,7 @@
       <extend_definition comment="Installed OS is OL9" definition_ref="installed_OS_is_ol9" />
       <extend_definition comment="Installed OS is SLE12" definition_ref="installed_OS_is_sle12" />
       <extend_definition comment="Installed OS is SLE15" definition_ref="installed_OS_is_sle15" />
+      <extend_definition comment="Installed OS is SLE16" definition_ref="installed_OS_is_sle16" />
       <extend_definition comment="Installed OS is SLE Micro 5" definition_ref="installed_OS_is_slmicro5" />
       <extend_definition comment="Installed OS is SLE Micro 6" definition_ref="installed_OS_is_slmicro6" />
       <extend_definition comment="Installed OS is Ubuntu 24.04" definition_ref="installed_OS_is_ubuntu2404" />
diff --git a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
index 4858543fdf9..10185da504f 100644
--- a/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
+++ b/linux_os/guide/system/software/integrity/certified-vendor/installed_OS_is_vendor_supported/rule.yml
@@ -8,7 +8,7 @@ description: |-
 {{% if 'ol' in product %}}
     Oracle Linux is supported by Oracle Corporation. As the Oracle
     Linux vendor, Oracle Corporation is responsible for providing security patches.
-{{% elif product in ["sle12", "sle15", "slmicro5", "slmicro6"] %}}
+{{% elif product in ["sle12", "sle15", "sle16", "slmicro5", "slmicro6"] %}}
     SUSE Linux Enterprise is supported by SUSE. As the SUSE Linux Enterprise
     vendor, SUSE is responsible for providing security patches.
 {{% elif 'almalinux' in product %}}
@@ -39,7 +39,7 @@ identifiers:
     cce@sle12: CCE-83001-8
     cce@sle15: CCE-83260-0
     cce@slmicro5: CCE-93601-3
-    cce@slmicro6: CCE-95035-2 
+    cce@slmicro6: CCE-95035-2
 
 references:
     cis-csc: 18,20,4
diff --git a/products/sle16/product.yml b/products/sle16/product.yml
index c6550fdbd65..326e1138e52 100644
--- a/products/sle16/product.yml
+++ b/products/sle16/product.yml
@@ -22,8 +22,8 @@ aide_bin_path: "/usr/bin/aide"
 cpes_root: "../../shared/applicability"
 cpes:
   - sle16:
-      name: "cpe:/o:suse:sles:16.0"
-      title: "SUSE Linux Enterprise Server 16.0"
+      name: "cpe:/o:suse:linux_enterprise_server:16"
+      title: "SUSE Linux Enterprise Server 16"
       check_id: installed_OS_is_sle16
 
 platform_package_overrides:
diff --git a/shared/checks/oval/installed_OS_is_sle16.xml b/shared/checks/oval/installed_OS_is_sle16.xml
index 282e64eb0c8..a2c5b1618ee 100644
--- a/shared/checks/oval/installed_OS_is_sle16.xml
+++ b/shared/checks/oval/installed_OS_is_sle16.xml
@@ -6,20 +6,16 @@
       <affected family="unix">
         <platform>multi_platform_all</platform>
       </affected>
-      <reference ref_id="cpe:/o:suse:linux_enterprise_server:16"
-      source="CPE" />
-      <reference ref_id="cpe:/o:suse:linux_enterprise_desktop:16"
-      source="CPE" />
-      <description>The operating system installed on the system is
-      SUSE Linux Enterprise 15.</description>
+      <reference ref_id="cpe:/o:suse:linux_enterprise_server:16" source="CPE" />
+      <description>The operating system installed on the system is SUSE Linux Enterprise Server 16.</description>
     </metadata>
     <criteria>
       <criterion comment="Installed operating system is part of the unix family"
-      test_ref="test_sle15_unix_family" />
+      test_ref="test_sle16_unix_family" />
       <criteria operator="OR">
-       <criterion comment="SLE 16 Desktop is installed" test_ref="test_sle16_desktop" />
        <criterion comment="SLE 16 Server is installed" test_ref="test_sle16_server" />
        <criterion comment="SLES 16 for SAP Applications is installed" test_ref="test_sles_16_for_sap" />
+       <criterion comment="SLES 16 for High Availability Extension is installed" test_ref="test_sles_16_for_ha" />
       </criteria>
     </criteria>
   </definition>
@@ -33,17 +29,6 @@
   </ind:family_state>
   <ind:family_object id="obj_sle16_unix_family" version="1" />
 
-  <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="sled-release is version 16" id="test_sle16_desktop" version="1">
-    <linux:object object_ref="obj_sle16_desktop" />
-    <linux:state state_ref="state_sle16_desktop" />
-  </linux:rpminfo_test>
-  <linux:rpminfo_state id="state_sle16_desktop" version="1">
-    <linux:version operation="pattern match">^16.*$</linux:version>
-  </linux:rpminfo_state>
-  <linux:rpminfo_object id="obj_sle16_desktop" version="1">
-    <linux:name>sled-release</linux:name>
-  </linux:rpminfo_object>
-
   <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="sles-release is version 16" id="test_sle16_server" version="1">
     <linux:object object_ref="obj_sle16_server" />
     <linux:state state_ref="state_sle16_server" />
@@ -52,7 +37,7 @@
     <linux:version operation="pattern match">^16.*$</linux:version>
   </linux:rpminfo_state>
   <linux:rpminfo_object id="obj_sle16_server" version="1">
-    <linux:name>sles-release</linux:name>
+    <linux:name>SLES-release</linux:name>
   </linux:rpminfo_object>
 
   <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="SLES_SAP-release is version 16" id="test_sles_16_for_sap" version="1">
@@ -66,4 +51,14 @@
     <linux:name>SLES_SAP-release</linux:name>
   </linux:rpminfo_object>
 
+  <linux:rpminfo_test check="all" check_existence="at_least_one_exists" comment="sle-ha-release is version 16" id="test_sles_16_for_ha" version="1">
+    <linux:object object_ref="obj_sles_16_for_ha" />
+    <linux:state state_ref="state_sles_16_for_ha" />
+  </linux:rpminfo_test>
+  <linux:rpminfo_state id="state_sles_16_for_ha" version="1">
+    <linux:version operation="pattern match">^16.*$</linux:version>
+  </linux:rpminfo_state>
+  <linux:rpminfo_object id="obj_sles_16_for_ha" version="1">
+    <linux:name>sle-ha-release</linux:name>
+  </linux:rpminfo_object>
 </def-group>