Package scap-security-guide-doc-0.1.76-1.el9.noarch content_copy download

×

* Tue Feb 25 2025 Vojtech Polasek <vpolasek@redhat.com> - 0.1.76-1
- rebase scap-security-guide to the latest upstream version 0.1.76 (RHEL-74240)
- modify the rule require_singleuser_auth to honor overriding mechanism offered by Systemd (RHEL-71936)
- make the rule sysctl_user_max_user_namespaces informational and unscored in RHEL 9 STIG profile (RHEL-40120)
- align checking of approved SSH ciphers with latest STIG policy (RHEL-65432)

* Fri Nov 15 2024 Matthew Burket <mburket@redhat.com> - 0.1.75-1
- Rebase to new release (RHEL-66154)
- the rule sshd_use_priv_separation is no longer used (RHEL-66057)
- add a rule checking for presence of chrony to CIS RHEL 9 profile (RHEL-60005)
- remediation of Networkmanager DNS mode now remediates value "default" (RHEL-53426)
- Adjust mount_option_nodev_nonroot_local_partitions to work in Image Builder environments. (RHEL-45018)
- Adjusted rules related to sshd ensure constancy in checked values and ensure that drop in configuration files are checked. (RHEL-38206)

* Fri Aug 09 2024 Matthew Burket <mburket@redhat.com> - 0.1.74-1
- Rebase to a new upstream release 0.1.74 (RHEL-53865)
- Ensure authselect features are preserved by enable_authselect rule (RHEL-39383)
- Fix check for passwords last changed date (RHEL-47129)
- Remediations of Journald configuration files now include a correct section (RHEL-38531)
- Adjust service requirements for CIS profiles (RHEL-23852)
- Update password hashing settings for ANSSI-BP-028 (RHEL-44983)

* Wed Aug 07 2024 Milan Lysonek <mlysonek@redhat.com> - 0.1.73-2
- Switch gating to tmt plan (RHEL-43243)

* Mon May 20 2024 Vojtech Polasek <vpolasek@redhat.com> - 0.1.73-1
- Rebase to a new upstream release 0.1.73 (RHEL-36663)
- Correctly parse sudo options even if they are not quoted (RHEL-31976)
- Ensure that web links within kickstart files are valid (RHEL-30735)
- Align set of allowed SSH ciphers with STIG requirement (RHEL-29684)
- Add audit rules on /etc/sysconfig/network-scripts (RHEL-29308)
- Remove rule restricting user namespaces from stig_gui profile (RHEL-10416)
- Add rule which enables auditing of files within /etc/sysconfig/network-scripts (RHEL-1093)

* Tue Feb 13 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-1
- Rebase to a new upstream release 0.1.72 (RHEL-21425)
- Check dropin files in /etc/systemd/journald.conf.d/ (RHEL-14484)
- Fix remediation to not update comments (RHEL-1484)
- Fix package check on SCAP tests for dnf settings (RHEL-17417)
- Update description for audit_rules_kernel_module_loading (RHEL-1489)
- Disable remediation for /dev/shm options in offline mode (RHEL-16801)
- Include explanatory comment in the remediation of CCE-83871-4 (RHEL-17418)

* Tue Dec 05 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-3
- Align STIG profile with official DISA STIG for RHEL 9 (RHEL-1807)

* Mon Oct 09 2023 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 0.1.69-2
- Rebuilt for MSVSphere 9.3 beta

* Thu Aug 17 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-2
- Remove OpenSSH crypto policy hardening rules from STIG profile (RHBZ#2221697)
- Fix ANSSI High profile with secure boot (RHBZ#2221697)

* Wed Aug 09 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-1
- Rebase to a new upstream release 0.1.69 (RHBZ#2221697)
- Improve CIS benchmark rules related to auditing of kernel module related events (RHBZ#2209657)
- SSSD configuration files are now created with correct permissions whenever remediating SSSD related rules (RHBZ#2211511)
- add warning about migration of network configuration files when upgrading from RHEL 8 to RHEL 9 (RHBZ#2172555)
- Correct URL used to download CVE checks. (RHBZ#2223178)
- update ANSSI BP-028 profiles to be aligned with version 2.0 (RHBZ#2155790)
- Fixed excess quotes in journald configuration files (RHBZ#2193169)
- Change rules checking home directories to apply only to local users (RHBZ#2203791)
- Change rules checking password age to apply only to local users (RHBZ#2213958)
- Updated man page (RHBZ#2060028)