Package scap-security-guide-doc-0.1.77-3.el9.noarch content_copy download

×

* Fri Jun 27 2025 Vojtech Polasek <vpolasek@redhat.com> - 0.1.77-3
- fix incorrect applicability of Grub2 UEFI specific rules
- replace grub-mkconfig with grub2-mkconfig in rule descriptions

* Fri Jun 06 2025 Matthew Burket <mburket@redhat.com> - 0.1.77-2
- Turn on SCE for this release (RHEL-94803)

* Tue Jun 03 2025 Matthew Burket <mburket@redhat.com> - 0.1.77-1
- Rebase to scap-security-guide version 0.1.77 (RHEL-94803)
- rule networkmanager_dns_mode now checks dropin files and has more resilient regex (RHEL-62843)
- rsyslog_remote_loghost checks for Rainer Script syntax as well (RHEL-62731)
- improve checking of Grub2 superuser and password configuration (RHEL-58818)

* Tue Feb 25 2025 Vojtech Polasek <vpolasek@redhat.com> - 0.1.76-1
- rebase scap-security-guide to the latest upstream version 0.1.76 (RHEL-74240)
- modify the rule require_singleuser_auth to honor overriding mechanism offered by Systemd (RHEL-71936)
- make the rule sysctl_user_max_user_namespaces informational and unscored in RHEL 9 STIG profile (RHEL-40120)
- align checking of approved SSH ciphers with latest STIG policy (RHEL-65432)

* Fri Nov 15 2024 Matthew Burket <mburket@redhat.com> - 0.1.75-1
- Rebase to new release (RHEL-66154)
- the rule sshd_use_priv_separation is no longer used (RHEL-66057)
- add a rule checking for presence of chrony to CIS RHEL 9 profile (RHEL-60005)
- remediation of Networkmanager DNS mode now remediates value "default" (RHEL-53426)
- Adjust mount_option_nodev_nonroot_local_partitions to work in Image Builder environments. (RHEL-45018)
- Adjusted rules related to sshd ensure constancy in checked values and ensure that drop in configuration files are checked. (RHEL-38206)

* Fri Aug 09 2024 Matthew Burket <mburket@redhat.com> - 0.1.74-1
- Rebase to a new upstream release 0.1.74 (RHEL-53865)
- Ensure authselect features are preserved by enable_authselect rule (RHEL-39383)
- Fix check for passwords last changed date (RHEL-47129)
- Remediations of Journald configuration files now include a correct section (RHEL-38531)
- Adjust service requirements for CIS profiles (RHEL-23852)
- Update password hashing settings for ANSSI-BP-028 (RHEL-44983)

* Wed Aug 07 2024 Milan Lysonek <mlysonek@redhat.com> - 0.1.73-2
- Switch gating to tmt plan (RHEL-43243)

* Mon May 20 2024 Vojtech Polasek <vpolasek@redhat.com> - 0.1.73-1
- Rebase to a new upstream release 0.1.73 (RHEL-36663)
- Correctly parse sudo options even if they are not quoted (RHEL-31976)
- Ensure that web links within kickstart files are valid (RHEL-30735)
- Align set of allowed SSH ciphers with STIG requirement (RHEL-29684)
- Add audit rules on /etc/sysconfig/network-scripts (RHEL-29308)
- Remove rule restricting user namespaces from stig_gui profile (RHEL-10416)
- Add rule which enables auditing of files within /etc/sysconfig/network-scripts (RHEL-1093)

* Tue Feb 13 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-1
- Rebase to a new upstream release 0.1.72 (RHEL-21425)
- Check dropin files in /etc/systemd/journald.conf.d/ (RHEL-14484)
- Fix remediation to not update comments (RHEL-1484)
- Fix package check on SCAP tests for dnf settings (RHEL-17417)
- Update description for audit_rules_kernel_module_loading (RHEL-1489)
- Disable remediation for /dev/shm options in offline mode (RHEL-16801)
- Include explanatory comment in the remediation of CCE-83871-4 (RHEL-17418)

* Tue Dec 05 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-3
- Align STIG profile with official DISA STIG for RHEL 9 (RHEL-1807)