[ol9_appstream] scap-security-guide-doc-0.1.76-1.0.1.el9.noarch

The scap-security-guide-doc package contains HTML formatted documents containing
hardening guidances that have been generated from XCCDF benchmarks
present in scap-security-guide package.

Changelog (Show File list) (Show related packages)

• Mon Mar 31 2025 Armando Acosta <armando.acosta@oracle.com> - 0.1.76-1.0.1

  - Update OL9 profiles [Orabug: 37767857]
  - Update bash for rules modifying sudo to allow the '/'
    character [Orabug: 37767857]
  - Support Rainerscrypt syntax in rsyslog rules [Orabug: 37767857]
  - Remove unnecesary rules from OL8 STIG [Orabug: 37767857]

• Wed Mar 26 2025 Release Engineering <releng@openela.org> - 0.1.76.openela.1.0

  - Add OpenELA as derivative of RHEL

• Tue Feb 25 2025 Vojtech Polasek <vpolasek@redhat.com> - 0.1.76-1

  - rebase scap-security-guide to the latest upstream version 0.1.76 (RHEL-74240)
  - modify the rule require_singleuser_auth to honor overriding mechanism offered by Systemd (RHEL-71936)
  - make the rule sysctl_user_max_user_namespaces informational and unscored in RHEL 9 STIG profile (RHEL-40120)
  - align checking of approved SSH ciphers with latest STIG policy (RHEL-65432)

• Fri Nov 15 2024 Matthew Burket <mburket@redhat.com> - 0.1.75-1

  - Rebase to new release (RHEL-66154)
  - the rule sshd_use_priv_separation is no longer used (RHEL-66057)
  - add a rule checking for presence of chrony to CIS RHEL 9 profile (RHEL-60005)
  - remediation of Networkmanager DNS mode now remediates value "default" (RHEL-53426)
  - Adjust mount_option_nodev_nonroot_local_partitions to work in Image Builder environments. (RHEL-45018)
  - Adjusted rules related to sshd ensure constancy in checked values and ensure that drop in configuration files are checked. (RHEL-38206)

• Fri Aug 09 2024 Matthew Burket <mburket@redhat.com> - 0.1.74-1

  - Rebase to a new upstream release 0.1.74 (RHEL-53865)
  - Ensure authselect features are preserved by enable_authselect rule (RHEL-39383)
  - Fix check for passwords last changed date (RHEL-47129)
  - Remediations of Journald configuration files now include a correct section (RHEL-38531)
  - Adjust service requirements for CIS profiles (RHEL-23852)
  - Update password hashing settings for ANSSI-BP-028 (RHEL-44983)

• Wed Aug 07 2024 Milan Lysonek <mlysonek@redhat.com> - 0.1.73-2

  - Switch gating to tmt plan (RHEL-43243)

• Mon May 20 2024 Vojtech Polasek <vpolasek@redhat.com> - 0.1.73-1

  - Rebase to a new upstream release 0.1.73 (RHEL-36663)
  - Correctly parse sudo options even if they are not quoted (RHEL-31976)
  - Ensure that web links within kickstart files are valid (RHEL-30735)
  - Align set of allowed SSH ciphers with STIG requirement (RHEL-29684)
  - Add audit rules on /etc/sysconfig/network-scripts (RHEL-29308)
  - Remove rule restricting user namespaces from stig_gui profile (RHEL-10416)
  - Add rule which enables auditing of files within /etc/sysconfig/network-scripts (RHEL-1093)

• Tue Feb 13 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-1

  - Rebase to a new upstream release 0.1.72 (RHEL-21425)
  - Check dropin files in /etc/systemd/journald.conf.d/ (RHEL-14484)
  - Fix remediation to not update comments (RHEL-1484)
  - Fix package check on SCAP tests for dnf settings (RHEL-17417)
  - Update description for audit_rules_kernel_module_loading (RHEL-1489)
  - Disable remediation for /dev/shm options in offline mode (RHEL-16801)
  - Include explanatory comment in the remediation of CCE-83871-4 (RHEL-17418)

• Tue Dec 05 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-3

  - Align STIG profile with official DISA STIG for RHEL 9 (RHEL-1807)

• Thu Aug 17 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-2

  - Remove OpenSSH crypto policy hardening rules from STIG profile (RHBZ#2221697)
  - Fix ANSSI High profile with secure boot (RHBZ#2221697)