[ol9_appstream] scap-security-guide-doc-0.1.69-3.0.2.el9_3.noarch

The scap-security-guide-doc package contains HTML formatted documents containing
hardening guidances that have been generated from XCCDF benchmarks
present in scap-security-guide package.

Changelog (Show File list) (Show related packages)

• Mon Jan 29 2024 Edgar Aguilar <edgar.aguilar@oracle.com> - 0.1.69-3.0.2

  - Update stig profiles to latest DISA standard, v1r9 for OL8 and V2r14 
    for OL7 [Orabug: 36237404]
  - Add automation content for account_password_pam_faillock_system_auth
    & account_password_pam_faillock_password_auth rules [Orabug: 36237404]
  - Make sssd rules look into /etc/sssd/conf.d/*.conf files for the desired
    configuration [Orabug: 36237404]

• Mon Jan 08 2024 Edgar Aguilar <edgar.aguilar@oracle.com> - 0.1.69-3.0.1

  - Fix bash and ansible for rule accounts_umask_interactive_users [Orabug: 35848632]
  - Enable OL8 & OL7 content build [Orabug: 36166472]
  - Update OL8 STIG rule selection [Orabug: 35663552]
  - Update references to reflect STIG V1R7 compliance [Orabug: 35663552]
  - Fix unreachable code in sssd_enable_smartcards bash remediation [Orabug: 35663552]
  - Update regex to better find included files in sshd_config [Orabug: 35663552]
  - Fix false-negatives in sshd_use_approved_kex_ordered_stig OVAL [Orabug: 35876286]

• Tue Dec 05 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-3

  - Align STIG profile with official DISA STIG for RHEL 9 (RHEL-1807)

• Thu Aug 17 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-2

  - Remove OpenSSH crypto policy hardening rules from STIG profile (RHBZ#2221697)
  - Fix ANSSI High profile with secure boot (RHBZ#2221697)

• Wed Aug 09 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-1

  - Rebase to a new upstream release 0.1.69 (RHBZ#2221697)
  - Improve CIS benchmark rules related to auditing of kernel module related events (RHBZ#2209657)
  - SSSD configuration files are now created with correct permissions whenever remediating SSSD related rules (RHBZ#2211511)
  - add warning about migration of network configuration files when upgrading from RHEL 8 to RHEL 9 (RHBZ#2172555)
  - Correct URL used to download CVE checks. (RHBZ#2223178)
  - update ANSSI BP-028 profiles to be aligned with version 2.0 (RHBZ#2155790)
  - Fixed excess quotes in journald configuration files (RHBZ#2193169)
  - Change rules checking home directories to apply only to local users (RHBZ#2203791)
  - Change rules checking password age to apply only to local users (RHBZ#2213958)
  - Updated man page (RHBZ#2060028)

• Mon Feb 13 2023 Watson Sato <wsato@redhat.com> - 0.1.66-1

  - Rebase to a new upstream release 0.1.66 (RHBZ#2169443)
  - Fix remediation of audit watch rules (RHBZ#2169441)
  - Fix check firewalld_sshd_port_enabled (RHBZ#2169443)
  - Fix accepted control flags for pam_pwhistory (RHBZ#2169443)
  - Unselect rule logind_session_timeout (RHBZ#2169443)
  - Add support rainer scripts in rsyslog rules (RHBZ#2169445)

• Thu Aug 25 2022 Gabriel Becker <ggasparb@redhat.com> - 0.1.63-5

  - OSPP: fix rule related to coredump (RHBZ#2081688)

• Tue Aug 23 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.63-4

  - use sysctl_kernel_core_pattern rule again in RHEL9 OSPP (RHBZ#2081688)

• Thu Aug 11 2022 Matej Tyc <matyc@redhat.com> - 0.1.63-3

  - Readd rules to the benchmark to be compatible across all minor versions of RHEL9 (RHBZ#2117669)

• Wed Aug 10 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.63-2

  - OSPP: utilize different audit rule set for different hardware platforms (RHBZ#1998583)
  - OSPP: update rules related to coredumps (RHBZ#2081688)
  - OSPP: update rules related to BPF (RHBZ#2081728)
  - fix description of require_singleuser_mode (RHBZ#2092799)
  - fix remediation of OpenSSL cryptopolicy (RHBZ#2108569)
  - OSPP: use minimal Authselect profile(RHBZ#2114979)