[ol9_appstream] scap-security-guide-0.1.73-1.0.2.el9_4.noarch

Name:	scap-security-guide
Version:	0.1.73
Release:	1.0.2.el9_4
Architecture:	noarch
Group:	Unspecified
Size:	90010950
License:	BSD-3-Clause
RPM:	scap-security-guide-0.1.73-1.0.2.el9_4.noarch.rpm
Source RPM:	scap-security-guide-0.1.73-1.0.2.el9_4.src.rpm
Build Date:	Wed Jul 31 2024
Build Host:	build-ol9-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://github.com/ComplianceAsCode/content/
Summary:	Security guidance and baselines in SCAP formats
Description:	The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. The system administrator can use the oscap CLI tool from openscap-scanner package, or the scap-workbench GUI tool from scap-workbench package to verify that the system conforms to provided guideline. Refer to scap-security-guide(8) manual page for further information.

Changelog (Show File list) (Show related packages)

Mon Jul 29 2024 Armando Acosta <armando.acosta@oracle.com> - 0.1.73-1.0.2

- Update stig profile version to v2r1 for ol8 [Orabug: 36888059]
- Add ansible remediation to
  accounts_user_dot_no_world_writable_programs
  no_tmux_in_shells
  account_password_selinux_faillock_dir
  configure_usbguard_auditbackend [Orabug: 36888059]
- Fix bash bug account_disable_inactivity* [Orabug: 36888059]

Fri Jun 07 2024 Armando Acosta <armando.acosta@oracle.com> - 0.1.73-1.0.1

- Rebase oracle patches to v0.1.73-1 [Orabug: 36711050]
- Update OL9 STIG Draft to match DISA draft requirements [Orabug: 36665429]

Wed Jun 05 2024 Release Engineering <releng@openela.org> - 0.1.73.openela.1.0
```
- Add OpenELA as derivative of RHEL
```

Mon May 20 2024 Vojtech Polasek <vpolasek@redhat.com> - 0.1.73-1

- Rebase to a new upstream release 0.1.73 (RHEL-36663)
- Correctly parse sudo options even if they are not quoted (RHEL-31976)
- Ensure that web links within kickstart files are valid (RHEL-30735)
- Align set of allowed SSH ciphers with STIG requirement (RHEL-29684)
- Add audit rules on /etc/sysconfig/network-scripts (RHEL-29308)
- Remove rule restricting user namespaces from stig_gui profile (RHEL-10416)
- Add rule which enables auditing of files within /etc/sysconfig/network-scripts (RHEL-1093)

Tue Feb 13 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-1

- Rebase to a new upstream release 0.1.72 (RHEL-21425)
- Check dropin files in /etc/systemd/journald.conf.d/ (RHEL-14484)
- Fix remediation to not update comments (RHEL-1484)
- Fix package check on SCAP tests for dnf settings (RHEL-17417)
- Update description for audit_rules_kernel_module_loading (RHEL-1489)
- Disable remediation for /dev/shm options in offline mode (RHEL-16801)
- Include explanatory comment in the remediation of CCE-83871-4 (RHEL-17418)

Tue Dec 05 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-3

- Align STIG profile with official DISA STIG for RHEL 9 (RHEL-1807)

Thu Aug 17 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-2

- Remove OpenSSH crypto policy hardening rules from STIG profile (RHBZ#2221697)
- Fix ANSSI High profile with secure boot (RHBZ#2221697)

Wed Aug 09 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-1

- Rebase to a new upstream release 0.1.69 (RHBZ#2221697)
- Improve CIS benchmark rules related to auditing of kernel module related events (RHBZ#2209657)
- SSSD configuration files are now created with correct permissions whenever remediating SSSD related rules (RHBZ#2211511)
- add warning about migration of network configuration files when upgrading from RHEL 8 to RHEL 9 (RHBZ#2172555)
- Correct URL used to download CVE checks. (RHBZ#2223178)
- update ANSSI BP-028 profiles to be aligned with version 2.0 (RHBZ#2155790)
- Fixed excess quotes in journald configuration files (RHBZ#2193169)
- Change rules checking home directories to apply only to local users (RHBZ#2203791)
- Change rules checking password age to apply only to local users (RHBZ#2213958)
- Updated man page (RHBZ#2060028)

Mon Feb 13 2023 Watson Sato <wsato@redhat.com> - 0.1.66-1

- Rebase to a new upstream release 0.1.66 (RHBZ#2169443)
- Fix remediation of audit watch rules (RHBZ#2169441)
- Fix check firewalld_sshd_port_enabled (RHBZ#2169443)
- Fix accepted control flags for pam_pwhistory (RHBZ#2169443)
- Unselect rule logind_session_timeout (RHBZ#2169443)
- Add support rainer scripts in rsyslog rules (RHBZ#2169445)

Thu Aug 25 2022 Gabriel Becker <ggasparb@redhat.com> - 0.1.63-5
```
- OSPP: fix rule related to coredump (RHBZ#2081688)
```