linux-baseline/CHANGELOG.md
2022-12-12 08:42:57 +00:00

25 KiB

Changelog

2.8.4 (2022-12-12)

Full Changelog

Implemented enhancements:

Fixed bugs:

2.8.3 (2022-09-29)

Full Changelog

Fixed bugs:

  • fix handling of sysctl fs.protected_fifos and fs.protected_regular #172 (schurzi)

Closed issues:

  • Remove control 'os-08' because entropy is always at 256 #176
  • How to deal with squashfs in Ubuntu 22 #174
  • why keep_logs? #171
  • sysctl-34 - fs.protected_regular is Ubuntu specific #170

Merged pull requests:

2.8.2 (2022-01-12)

Full Changelog

Merged pull requests:

2.8.1 (2022-01-12)

Full Changelog

Closed issues:

  • Add checks for mount options noexec, nosuid, nodev #163
  • Ensure links are protected #159

Merged pull requests:

  • use input instead of attribute #166 (micheelengronne)
  • feat(os-14) add rule to check noexec, nosuid and nodev mount options #164 (cmhe)
  • added sysctl-34 for checking link protection settings #160 (cmhe)

2.8.0 (2021-05-06)

Full Changelog

Implemented enhancements:

  • remove sysctl-18 - ipv6 no longer needs to be disabled #155 (schurzi)
  • Disable source routing for IPv6. #152 (joubbi)

Closed issues:

  • Remove package-07 test #149

Merged pull requests:

2.7.0 (2021-02-22)

Full Changelog

Implemented enhancements:

2.6.4 (2021-02-02)

Full Changelog

Closed issues:

  • os-06: Check for SUID/ SGID blacklist control previously passing is now falling #146

Merged pull requests:

2.6.3 (2021-01-29)

Full Changelog

Merged pull requests:

2.6.2 (2021-01-29)

Full Changelog

Merged pull requests:

2.6.1 (2020-12-28)

Full Changelog

Merged pull requests:

2.6.0 (2020-12-16)

Full Changelog

Implemented enhancements:

  • feat(osbaseline): support validation for cpu vulnerabilities #138 (imjoseangel)

Closed issues:

  • cpu-vulnerability-directory 1 failed - Ubuntu #139
  • Support for validation of cpu vulnerabilities #114

Merged pull requests:

  • only check cpu vulnerabilities if not in container #141 (schurzi)

2.5.0 (2020-08-25)

Full Changelog

Implemented enhancements:

Closed issues:

  • os-10: CIS: Disable unused filesystems 1 failed #135

2.4.6 (2020-07-23)

Full Changelog

Closed issues:

  • Default umask 077/027 leads into several problems installing software packages #133

Merged pull requests:

2.4.5 (2020-06-30)

Full Changelog

Closed issues:

  • /etc/passwd should not contain any password hashes #117

Merged pull requests:

2.4.4 (2020-05-19)

Full Changelog

Merged pull requests:

2.4.3 (2020-05-19)

Full Changelog

Merged pull requests:

2.4.2 (2020-05-19)

Full Changelog

Merged pull requests:

2.4.1 (2020-05-19)

Full Changelog

Closed issues:

Merged pull requests:

2.4.0 (2020-03-26)

Full Changelog

Closed issues:

  • net.ipv4.ip_forward needs to be '1' on docker hosts #126
  • sysctl-19 should check the sysctl_forwarding attribute #124
  • Issue after upgrading to the latest version of Inspec. #122
  • Support for ESXi #116
  • Deprecation Warnings #115
  • systctl-33 - undefined method `expect' #107

Merged pull requests:

  • skip the sysctl-19 control when sysctl_forwarding is true #125 (b-dean)
  • add documentation for missing package-04 control #123 (chris-rock)
  • Allow core dumps to be piped into a program with an absolute path. #121 (samjmarshall)
  • Allow for lowercase auditd config flush value. #120 (samjmarshall)
  • Fixing some deprecation notices #119 (jjasghar)

2.3.0 (2019-05-15)

Full Changelog

Closed issues:

  • Audit Daemon Fails on Amazon Linux 2 #109
  • os-11 fails on vanilla Ubuntu 16.04/18.04 #104
  • Container conditions to skip tests? #102
  • Duplicate testing for telnetd instead of rsh #97
  • Profile summary VS Test Summary #93
  • Control Sysctl 31-b from sysctl_spec.rb causing Inspec to exit with error code #92

Merged pull requests:

2.2.2 (2018-07-19)

Full Changelog

Merged pull requests:

2.2.1 (2018-05-14)

Full Changelog

Closed issues:

  • /etc/shadow permissions false positive on Fedora #89

Merged pull requests:

2.2.0 (2017-12-01)

Full Changelog

Closed issues:

  • linux-baseline os-06 can not be skipped #86
  • control os-10 fails /etc/modprobe.d/dev-sec.conf #80
  • package-08 error on amazon linux #79

Merged pull requests:

2.1.1 (2017-06-02)

Full Changelog

Closed issues:

  • systctl-33 doesn't see nx flag #65
  • check for audit(d) fails on aws linux ami #60

Merged pull requests:

2.1.0 (2017-05-08)

Full Changelog

Merged pull requests:

2.0.1 (2016-12-21)

Full Changelog

Closed issues:

  • permissions /etc/shadow #41
  • False positives in control os-06 #40

Merged pull requests:

2.0.0 (2016-04-29)

Full Changelog

Merged pull requests:

1.3.0 (2016-04-25)

Full Changelog

Fixed bugs:

Merged pull requests:

1.2.0 (2015-12-08)

Full Changelog

Merged pull requests:

  • removed serverspec support and created all inspec tests #35 (atomic111)

1.1.0 (2015-10-15)

Full Changelog

Merged pull requests:

1.0.0 (2014-08-13)

Full Changelog

Merged pull requests:

* This Changelog was automatically generated by github_changelog_generator