Type: | BUG |
Severity: | NA |
Release Date: | 2023-10-07 |
[0.1.69-2.0.1]
- Update STIG rule selection [Orabug: 35663552]
- Update ssh MACs and Ciphers allowed by STIG profile [Orabug: 35663552]
- Update references to reflect STIG V1R7 compliance [Orabug: 35663552]
- Fix unreachable code in sssd_enable_smartcards bash remediation [Orabug: 35663552]
- Update regex to better find included files in sshd_config [Orabug: 35663552]
- Fix false-negatives in sshd_use_approved_kex_ordered_stig OVAL [Orabug: 35876286]
- Update regex in ansible for sshd_lineinfile template to take into account
leading blank space [Orabug: 35875779]
- Fix regex in remediation content for accounts_umask rules [Orabug: 35875779]
[0.1.69-2]
- remove problematic rule from ANSSI High profile (RHBZ#2221695)
[0.1.69-1]
- Rebase to a new upstream release 0.1.69 (RHBZ#2221695)
- Fixed CCE link URL (RHBZ#2178516)
- align remediations with rule description for rule configuring OpenSSL cryptopolicy (RHBZ#2192893)
- Add rule audit_rules_login_events_faillock to STIG profile (RHBZ#2167999)
- Fixed rules related to AIDE configuration (RHBZ#2175684)
- Allow default permissions for files stored on EFI FAT partitions (RHBZ#2184487)
- Add appropriate STIGID to accounts_passwords_pam_faillock_interval rule (RHBZ#2209073)
- improved and unified OVAL checks checking for interactive users (RHBZ#2157877)
- update ANSSI BP-028 profiles to be aligned with version 2.0 (RHBZ#2155789)
- unify OVAL checks to correctly identify interactive users (RHBZ#2178740)
- make rule checking for Postfix unrestricted relay accept more variants of valid configuration syntax (RHBZ#2170530)
- Fixed excess quotes in journald configuration files (RHBZ#2169857)
- rules related to polyinstantiated directories are not applied when building images for Image Builder (RHBZ#2130182)
- evaluation and remediation of rules related to mount points have been enhanced for Image Builder (RHBZ#2130185)
- do not enable FIPS mode when creating hardened images for Image Builder (RHBZ#2130181)
- Correct URL used to download CVE checks (RHBZ#2222583)
- mention exact required configuration value in description of some PAM related rules (RHBZ#2175882)
- make mount point related rules not applicable when no such mount points exist (RHBZ#2176008)
- improve checks determining if FIPS mode is enabled (RHBZ#2129100)
Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
Oracle Linux 8 (aarch64) | scap-security-guide-0.1.69-2.0.1.el8_8.src.rpm | ffa959342e1e6e3f18351db4f13cba61 | - | ol8_aarch64_appstream |
scap-security-guide-0.1.69-2.0.1.el8_8.noarch.rpm | a018da6d2335a9345d90760560e0d978 | - | ol8_aarch64_appstream | |
scap-security-guide-doc-0.1.69-2.0.1.el8_8.noarch.rpm | 34d2932482fa37b8fdb60a02c078cd77 | - | ol8_aarch64_appstream | |
Oracle Linux 8 (x86_64) | scap-security-guide-0.1.69-2.0.1.el8_8.src.rpm | ffa959342e1e6e3f18351db4f13cba61 | - | ol8_x86_64_appstream |
scap-security-guide-0.1.69-2.0.1.el8_8.noarch.rpm | a018da6d2335a9345d90760560e0d978 | - | ol8_x86_64_appstream | |
scap-security-guide-doc-0.1.69-2.0.1.el8_8.noarch.rpm | 34d2932482fa37b8fdb60a02c078cd77 | - | ol8_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team