mirror of
https://github.com/dev-sec/linux-baseline
synced 2024-11-26 04:50:21 +00:00
1742c2268e
Signed-off-by: Christoph Hartmann <chris@lollyrock.com>
13 KiB
13 KiB
Change Log
2.2.1 (2018-05-14)
Closed issues:
- /etc/shadow permissions false positive on Fedora #89
Merged pull requests:
- Skip auditd and sysctl tests for containers #91 (artem-sidorenko)
- Fixes #89 false positive /etc/shadow on Fedora #90 (marcelhuth)
- Fix typos in
inspec.yml
#88 (jerryaldrichiii)
2.2.0 (2017-12-01)
Closed issues:
- linux-baseline os-06 can not be skipped #86
- control os-10 fails
/etc/modprobe.d/dev-sec.conf
#80 - package-08 error on amazon linux #79
Merged pull requests:
- deferring the execution of permissions to profile execution #87 (chris-rock)
- CIS 4.1.1.3 #85 (tomhaynes)
- Update Fedora controls #84 (shoekstra)
- Fix log_dir_group for Ubuntu 14.04+ #83 (shoekstra)
- Tune some parameters for RedHat system #82 (strangeman)
- add logdir-check #81 (rndmh3ro)
- Optimize file search routines #77 (mcgege)
- Check for Amazon Linux when determining audit package. #76 (HenryTheHamster)
- Update package_spec.rb #74 (lnxchk)
- CIS 1.5.4 Ensure prelink is disabled #73 (bitvijays)
- Added net.ipv4.conf.default.log_martians for Martian Packets in sysctl_spec.rb #72 (bitvijays)
- 1.1.1 CIS Disable unused filesystem #71 (bitvijays)
- os-02: Fix for SUSE environments #70 (mcgege)
- On SUSE environments 'auditd' is part of package 'audit' #69 (mcgege)
- use recommended spdx license identifier #68 (chris-rock)
2.1.1 (2017-06-02)
Closed issues:
Merged pull requests:
- CI: update to ruby 2.4.1 and rubocop 0.49.1 #66 (artem-sidorenko)
- Use assignment_regex, only_if and bump profile version #64 (alexpop)
- num_logs has different values on different distros #63 (artem-sidorenko)
- Allow verification if kernel modules loading is disabled #62 (artem-sidorenko)
- Fix: more generic auditd settings #61 (artem-sidorenko)
2.1.0 (2017-05-08)
Merged pull requests:
- update metadata #58 (chris-rock)
- update gemfile #57 (atomic111)
- restrict ruby testing to version 2.3.3 #56 (atomic111)
- Properly verify the kernel dump setting #52 (artem-sidorenko)
- auditd package is called audit in the rhel family #51 (rdeusser)
- Ignore inspec.lock file #50 (techraf)
- Remove duplicated expectation from sysctl-16 #49 (techraf)
- update links in readme #47 (chris-rock)
- essay: differentiate redhat/debian, add extra conditions #44 (juju4)
2.0.1 (2016-12-21)
Closed issues:
Merged pull requests:
- update profile metadata & tooling #46 (chris-rock)
- update Gemfile #43 (atomic111)
- Update links in README file #42 (netflash)
- Fix cpu flags and change default for net.ipv4.conf.all.log_martians #39 (chris-rock)
2.0.0 (2016-04-29)
Merged pull requests:
- inspec profile #38 (chris-rock)
1.3.0 (2016-04-25)
Fixed bugs:
- update identifier #37 (chris-rock)
Merged pull requests:
1.2.0 (2015-12-08)
Merged pull requests:
1.1.0 (2015-10-15)
Merged pull requests:
- Remove whitespace #34 (rndmh3ro)
- Improve Ansible tests #33 (rndmh3ro)
- Fix typos #31 (rndmh3ro)
- update urls #30 (chris-rock)
- bugfix: add missing: ipv6 accept_ra = 0 #29 (arlimus)
- Ansible support #28 (rndmh3ro)
- add json format option #26 (atomic111)
- Update common #25 (arlimus)
- feature: add schroot to suid/sgid whitelist #24 (arlimus)
- Update common #23 (arlimus)
- updating common files #22 (arlimus)
- changed GIS to DTAG SEC #21 (atomic111)
- bugfix: lint error #20 (chris-rock)
1.0.0 (2014-08-13)
Merged pull requests:
- Lockdown mode #19 (arlimus)
- split sysctl_spec.rb, added suid whitliste and uid unique search #18 (atomic111)
- added additional test #17 (atomic111)
- add travis config, add default task to rakefile #16 (ehaselwanter)
- update rubocop, add common linter task, fix rubocop issues #15 (ehaselwanter)
- fix exec-shield test #14 (chris-rock)
- add lint rake task with robocop and fix issues #13 (chris-rock)
- added Telekom Security Requirement numbers to the corresponding kitchen test #12 (atomic111)
- add ruby gem source #11 (chris-rock)
- add standalone usage feature #10 (ehaselwanter)
- serverspec has a contract on running commands remote. this fixes the local #9 (ehaselwanter)
- add lockfiles and delete them from tree #8 (ehaselwanter)
- rubocop fixes #7 (ehaselwanter)
- moved site.pp to the shared test, were it belongs #6 (ehaselwanter)
- bugfix: arp restrictions should apply to all, not just eth0 #5 (arlimus)
- one folder level up #4 (ehaselwanter)
- Fix: change value of log_martians to the cookbook default #3 (atomic111)
- discard one level to be able to use the defaults in test-kitchen by just #2 (ehaselwanter)
- added tests from chef-os-hardening #1 (ehaselwanter)
* This Change Log was automatically generated by github_changelog_generator