[ol8_appstream] scap-security-guide-doc-0.1.66-2.0.3.el8_7.noarch

The scap-security-guide-doc package contains HTML formatted documents containing
hardening guidances that have been generated from XCCDF benchmarks
present in scap-security-guide package.

Changelog (Show File list) (Show related packages)

• Thu Apr 27 2023 Edgar Aguilar <edgar.aguilar@oracle.com> - 0.1.66-2.0.3

  - Fix ansible to content to manage correctly binary dirs when they have hardlinks. And
    manage correctly fstab entries where the mount point has a blank space in mount
    point [Orabug: 35338979]
  - Update OVAL content to allow spaces in postfix configuration. And recognize locked
    accounts with hashed password in /etc/passwd [Orabug: 35338979]
  - Add rule package_mailx_installed and ensure_oracle_gpgkey_installed to stig profile
    to cover new STIG ids OL08-00-010358 and OL08-00-010019 [Orabug: 35338979]
  - Update references to reflect STIG V1R6 compliance [Orabug: 35338979]
  - Update bash condition to recognize uefi applicability [Orabug: 35338979]

• Fri Mar 31 2023 Federico Ramírez <federico.r.ramirez@oracle.com> - 0.1.66-2.0.2

  - Introduce a new OVAL macro to consistently identify interactive users [Orabug: 35214522]
  - Update accounts_user_dot_no_world_writable_programs rule to look for
   initialization files on the user's homedirs only and to prevent the search for
   world-writables to descend to other file systems [Orabug: 35214522]

• Mon Feb 27 2023 Edgar Aguilar <edgar.aguilar@oracle.com> - 0.1.66-2.0.1

  - Update rules dealing with sshd_config to look into files added to the include
   keyword [Orabug: 34893225]
  - Update remediation in sebool_secure_mode_insmod which wasn't letting the system boot when
   running anssi-high profile [Orabug: 34893225]
  - Update OL stig profile rule selection remove sshd_disable_compression [Orabug: 35017186]
  - Introduce new rules, sshd_use_approved_kex_ordered_stig, configure_bashrc_tmux,
   configure_tmux_lock_keybinding [Orabug: 35017186]
  - Update rules modifying pam files to handle /etc/pam.d/system-auth precedence over
   other configuration files [Orabug: 35017186]
  - Update version of stig profiles to V1R5 [Orabug: 35017186]

• Mon Feb 13 2023 Watson Sato <wsato@redhat.com> - 0.1.66-2

  - Unselect rule logind_session_timeout (RHBZ#2168079)

• Mon Feb 06 2023 Watson Sato <wsato@redhat.com> - 0.1.66-1

  - Rebase to a new upstream release 0.1.66 (RHBZ#2168079)
  - Update RHEL8 STIG profile to V1R9 (RHBZ#2168075)
  - Fix levels of CIS rules (RHBZ#2168072)
  - Remove unused RHEL8 STIG control file (RHBZ#2168069)
  - Fix handling of space in sudo_require_reauthentication (RHBZ#2168066)
  - Add rule for audit immutable login uids (RHBZ#2168063)
  - Fix remediation of audit watch rules (RHBZ#2168060)
  - Align file_permissions_sshd_private_key with DISA Benchmark (RHBZ#2168057)
  - Fix applicability of kerberos rules (RHBZ#2168054)
  - Add support rainer scripts in rsyslog rules (RHBZ#2168050)

• Wed Aug 17 2022 Watson Sato <wsato@redhat.com> - 0.1.63-4

  - Fix check of enable_fips_mode on s390x (RHBZ#2070564)

• Mon Aug 15 2022 Watson Sato <wsato@redhat.com> - 0.1.63-3

  - Fix Ansible partition conditional (RHBZ#2032403)

• Wed Aug 10 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.63-2

  - aligning with the latest STIG update (RHBZ#2112937)
  - OSPP: use Authselect minimal profile (RHBZ#2117192)
  - OSPP: change rules for protecting of boot (RHBZ#2116440)
  - add warning about configuring of TCP queues to rsyslog_remote_loghost (RHBZ#2078974)
  - fix handling of Defaults clause in sudoers (RHBZ#2083109)
  - make rules checking for mount options of /tmp and /var/tmp applicable only when the partition really exists (RHBZ#2032403)
  - fix handling of Rsyslog include directives (RHBZ#2075384)

• Mon Aug 01 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.63-1

  - Rebase to a new upstream release 0.1.63 (RHBZ#2070564)

• Wed Jun 01 2022 Matej Tyc <matyc@redhat.com> - 0.1.62-1

  - Rebase to a new upstream release (RHBZ#2070564)