[ol8_appstream] scap-security-guide-0.1.74-3.0.1.el8_10.noarch

The scap-security-guide project provides a guide for configuration of the
system from the final system's security point of view. The guidance is specified
in the Security Content Automation Protocol (SCAP) format and constitutes
a catalog of practical hardening advice, linked to government requirements
where applicable. The project bridges the gap between generalized policy
requirements and specific implementation guidelines. The system
administrator can use the oscap CLI tool from openscap-scanner package, or the
scap-workbench GUI tool from scap-workbench package to verify that the system
conforms to provided guideline. Refer to scap-security-guide(8) manual page for
further information.

Changelog (Show File list) (Show related packages)

• Wed Aug 28 2024 Edgar Aguilar <edgar.aguilar@oracle.com> - 0.1.74-3.0.1

  - Rebase Oracle patches to 0.1.74.openela.1.0 [Orabug: 36996310]
  - Fix bash bug for rules account_disable_inactivity* [Orabug: 36879143]
  - Finish ansible implementation for OL9 STIG [Orabug: 37006303]
  - Create ISM profile for OL9 [Orabug: 37006308]
  - Hide CJIS profile in OL8 [Orabug: 36996310]

• Mon Aug 26 2024 Release Engineering <releng@openela.org> - 0.1.74.openela.1.0

  - Make OpenELA a derivative of RHEL

• Mon Aug 19 2024 Vojtech Polasek <vpolasek@redhat.com> - 0.1.74-3

  - fix build
  - keep firefox and rhel8 ds-1.2 files in the package in form of symbolic links to regular ds files

• Fri Aug 16 2024 Vojtech Polasek <vpolasek@redhat.com> - 0.1.74-2

  - include RHEL 7 artifacts from the last RHEL 7 build

• Fri Aug 09 2024 Matthew Burket <mburket@redhat.com> - 0.1.74-1

  - Rebase to a new upstream release 0.1.74 (RHEL-53913)
  - Improve Rsyslog rules to support RainerScript syntax (RHEL-1816)
  - Update password hashing settings for ANSSI-BP-028 (RHEL-54390)

• Wed Aug 07 2024 Milan Lysonek <mlysonek@redhat.com> - 0.1.73-2

  - Switch gating to tmt plan (RHEL-43242)

• Tue May 21 2024 Jan Černý <jcerny@redhat.com> - 0.1.73-1

  - Rebase scap-security-guide package to version 0.1.73 (RHEL-36733)
  - Change crypto policy used in the CUI profile to FIPS (RHEL-30346)
  - Fix file path identification in Rsyslog configuration (RHEL-17202)
  - Use a correct chrony server address in STIG profile (RHEL-1814)
  - Don't BuildRequire /usr/bin/python3 (RHEL-2244)

• Fri Feb 16 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-2

  - Unlist profiles no longer maintained in RHEL8.

• Wed Feb 14 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-1

  - Rebase to a new upstream release 0.1.72 (RHEL-25250)
  - Increase CIS standards coverage regarding SSH and cron (RHEL-1314)
  - Increase compatibility of accounts_tmout rule for ksh (RHEL-16896 and RHEL-1811)
  - Align Ansible and Bash remediation in sssd_certificate_verification rule (RHEL-1313)
  - Add a warning to rule service_rngd_enabled about rule applicability (RHEL-1819)
  - Add rule to terminate idle user sessions after defined time (RHEL-1801)
  - Allow spaces around equal sign in /etc/sudoers (RHEL-1904)
  - Add remediation for rule fapolicy_default_deny (RHEL-1817)
  - Fix invalid syntax in file /usr/share/scap-security-guide/ansible/rhel8-playbook-ospp.yml (RHEL-19127)
  - Refactor ensure_pam_wheel_group_empty (RHEL-1905)
  - Prevent remediation of display_login_attempts rule from creating redundant configuration entries (RHEL-1809)
  - Update PCI-DSS to v4 (RHEL-1808)
  - Fix regex in Ansible remediation of configure_ssh_crypto_policy (RHEL-1820)

• Thu Aug 17 2023 Vojtech Polasek <vpolasek@redhat.com> - 0.1.69-2

  - remove problematic rule from ANSSI High profile (RHBZ#2221695)