mirror of
https://github.com/dev-sec/ansible-collection-hardening
synced 2024-11-10 09:14:18 +00:00
9.2 KiB
9.2 KiB
Changelog
7.1.0 (2021-02-02)
Implemented enhancements:
- Default value for ssh_max_startups should be changed #366
- Comment in configuration files should state which collection was there #345
- Error on applying the sysctl vars on Debian Jessy #230
- add Support for OpenSSH HostCertificate config option #380 (mpraeger)
- Syncookie #372 (joubbi)
- Sorted sysctl values and lists in READMEs alphabetically
No functional changes
. #371 (joubbi) - make auditd 'max_log_file' configurable #370 (tgueldner-mms)
- reduce maximum unauthenticated ssh sessions #368 (schurzi)
- add a runtime.yml to declare minimum ansible version #363 (rndmh3ro)
- change inclusion of os specific defaults #353 (schurzi)
- make the os_env_umask variable usable #351 (sprat)
- Fix #348: make ssh configuration files paths configurable #350 (sprat)
- Removed Protocol statement in later versions of sshd, since the code … #342 (joubbi)
- Improvements of comments in opensshd.conf.j2 #338 #339 (joubbi)
Fixed bugs:
- Comments in opensshd.conf.j2 should be improved #338
- check for correct cpu vendor in initramfs-tools #374 (schurzi)
- set hidepid=0 on RHEL/CentOS 7 #369 (schurzi)
Closed issues:
- initramfs-tools modules.j2 does not seem to be able to detect AMD CPUs #373
- How do i install this on Centos 8? #367
- hidepid=2 gives error when running systemctl on EL7 #364
- Allow putting the ssh/sshd config in alternative files #348
- os_env_umask has no effect #344
- Don't modify /etc/sysctl.conf #343
Merged pull requests:
- use version tag for changelog action #386 (schurzi)
- make release workflow manually runnable #384 (schurzi)
- run labeler workflow with higher privileges #383 (schurzi)
- remove issue labels from changelog #382 (schurzi)
- Added comment on top of templates about which role manages the file #378 (joubbi)
- Regenerate RSA key with size 4096 bits #376 (ssttehrani)
- fix second changelog generation task, too #349 (rndmh3ro)
- fix changelog generation #341 (rndmh3ro)
- Improve README for ssh_hardening #335 (szEvEz)
7.0.0 (2020-11-11)
Breaking changes:
Implemented enhancements:
- Breaking change in ansible-lint - set file permissions explicitly #299
- Improve Documentation #315 (schurzi)
- Arch support #303 (rndmh3ro)
- fix linting for molecule #301 (schurzi)
- file permissions explicitly defined #300 (danielkubat)
- Optimize and unify when clause #295 (Alexhha)
- use find module instead of shell #294 (danielkubat)
- improve testing #287 (schurzi)
- Mount proc filesystem using hidepid option #283 (alegrey91)
- unify changelog and release actions #279 (rndmh3ro)
- purge insecure packages #275 (chris-rock)
- add changelog and release workflow #271 (rndmh3ro)
Fixed bugs:
- Task "set 10.hardcore.conf perms to 0400 and root ownership" fails in check mode #313
- use touch for 10.hardcore.conf to avoid problems with dry-run #314 (schurzi)
- use touch with no date changes #310 (rndmh3ro)
- do not touch sysctl file to avoid idempotency problems #309 (rndmh3ro)
- replace module parameter fixed #297 (danielkubat)
Closed issues:
- Any planned support for RHEL/CentOS 8? #298
Merged pull requests:
- prettier markdown files action added #322 (danielkubat)
- adjust permissions on shadow file on suse #311 (rndmh3ro)
- fix fedora build #296 (rndmh3ro)
- do not blacklist used filesystems #289 (schurzi)
- move hidepid vars into defaults so theyre overwritable #285 (rndmh3ro)
- install procps in debian so sysctl.conf exists #282 (rndmh3ro)
* This Changelog was automatically generated by github_changelog_generator