[ol9_appstream] scap-security-guide-0.1.75-1.0.2.el9.noarch

Name:	scap-security-guide
Version:	0.1.75
Release:	1.0.2.el9
Architecture:	noarch
Group:	Unspecified
Size:	95530969
License:	BSD-3-Clause
RPM:	scap-security-guide-0.1.75-1.0.2.el9.noarch.rpm
Source RPM:	scap-security-guide-0.1.75-1.0.2.el9.src.rpm
Build Date:	Thu Feb 06 2025
Build Host:	build-ol9-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://github.com/ComplianceAsCode/content/
Summary:	Security guidance and baselines in SCAP formats
Description:	The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. The system administrator can use the oscap CLI tool from openscap-scanner package, or the scap-workbench GUI tool from scap-workbench package to verify that the system conforms to provided guideline. Refer to scap-security-guide(8) manual page for further information.

Changelog (Show File list) (Show related packages)

Wed Jan 29 2025 Armando Acosta <armando.acosta@oracle.com> - 0.1.75-1.0.2

- Update OL9 STIG alignment [Orabug: 37560515]
- Add CCN profile to OL9 [Orabug: 37560515]
- Update all OL8 profiles, align STIG with V2R3 and align the others
  with upstream [Orabug: 37545355]

Thu Dec 05 2024 Armando Acosta <armando.acosta@oracle.com> - 0.1.75-1.0.1

- Remove rules not applicable to OL [Orabug: 37383594]
- Remove references to other vendors [Orabug: 37383594]
- Add default tailoring file [Orabug: 37383600]
- Fix system with kernel-applicability condition [Orabug: 37383594]

Thu Dec 05 2024 Release Engineering <releng@openela.org> - 0.1.75.openela.1.0
```
- Add OpenELA as derivative of RHEL
```

Fri Nov 15 2024 Matthew Burket <mburket@redhat.com> - 0.1.75-1

- Rebase to new release (RHEL-66154)
- the rule sshd_use_priv_separation is no longer used (RHEL-66057)
- add a rule checking for presence of chrony to CIS RHEL 9 profile (RHEL-60005)
- remediation of Networkmanager DNS mode now remediates value "default" (RHEL-53426)
- Adjust mount_option_nodev_nonroot_local_partitions to work in Image Builder environments. (RHEL-45018)
- Adjusted rules related to sshd ensure constancy in checked values and ensure that drop in configuration files are checked. (RHEL-38206)

Fri Aug 09 2024 Matthew Burket <mburket@redhat.com> - 0.1.74-1

- Rebase to a new upstream release 0.1.74 (RHEL-53865)
- Ensure authselect features are preserved by enable_authselect rule (RHEL-39383)
- Fix check for passwords last changed date (RHEL-47129)
- Remediations of Journald configuration files now include a correct section (RHEL-38531)
- Adjust service requirements for CIS profiles (RHEL-23852)
- Update password hashing settings for ANSSI-BP-028 (RHEL-44983)

Wed Aug 07 2024 Milan Lysonek <mlysonek@redhat.com> - 0.1.73-2
```
- Switch gating to tmt plan (RHEL-43243)
```

Mon May 20 2024 Vojtech Polasek <vpolasek@redhat.com> - 0.1.73-1

- Rebase to a new upstream release 0.1.73 (RHEL-36663)
- Correctly parse sudo options even if they are not quoted (RHEL-31976)
- Ensure that web links within kickstart files are valid (RHEL-30735)
- Align set of allowed SSH ciphers with STIG requirement (RHEL-29684)
- Add audit rules on /etc/sysconfig/network-scripts (RHEL-29308)
- Remove rule restricting user namespaces from stig_gui profile (RHEL-10416)
- Add rule which enables auditing of files within /etc/sysconfig/network-scripts (RHEL-1093)

Tue Feb 13 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-1

- Rebase to a new upstream release 0.1.72 (RHEL-21425)
- Check dropin files in /etc/systemd/journald.conf.d/ (RHEL-14484)
- Fix remediation to not update comments (RHEL-1484)
- Fix package check on SCAP tests for dnf settings (RHEL-17417)
- Update description for audit_rules_kernel_module_loading (RHEL-1489)
- Disable remediation for /dev/shm options in offline mode (RHEL-16801)
- Include explanatory comment in the remediation of CCE-83871-4 (RHEL-17418)

Tue Dec 05 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-3

- Align STIG profile with official DISA STIG for RHEL 9 (RHEL-1807)

Thu Aug 17 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-2

- Remove OpenSSH crypto policy hardening rules from STIG profile (RHBZ#2221697)
- Fix ANSSI High profile with secure boot (RHBZ#2221697)