[ol7_latest] scap-security-guide-0.1.63-1.0.3.el7_9.noarch

The scap-security-guide project provides a guide for configuration of the
system from the final system's security point of view. The guidance is
specified in the Security Content Automation Protocol (SCAP) format and
constitutes a catalog of practical hardening advice, linked to government
requirements where applicable. The project bridges the gap between generalized
policy requirements and specific implementation guidelines. The Oracle
Linux 7 system administrator can use the oscap command-line tool
from the openscap-utils package to verify that the system conforms to provided
guideline. Refer to scap-security-guide(8) manual page for further information.

Changelog (Show File list) (Show related packages)

• Fri Feb 03 2023 Federico Ramírez <federico.r.ramirez@oracle.com> - 0.1.63-1.0.3

  - Sync OL7 stig profile with DISA STIG v2r9 [Orabug: 35049043]
  - Sync OL7 stig profile with DISA STIG v2r10 [Orabug: 35049052]

• Fri Sep 30 2022 Federico Ramírez <federico.r.ramirez@oracle.com> - 0.1.63-1.0.1

  - Update rhel7 project profiles to use oracle gpgkey [Orabug: 33612582]
  - Update rhel7 profiles to generate Oracle Linux 7 content [Orabug: 33612582]
  - Update source to generate Oracle Linux 7 content [Orabug: 33612582]
  - Use separate rule for each audit syscall in pci-dss profile [Orabug: 33612582]
  - Add ntpd and chronyd OL approved servers support [Orabug: 33612582]
  - Add UEFI boot loader rules to Oracle Linux 7 profiles [Orabug: 33612582]
  - Fix OL7 mapping in stable_profile_ids test [Orabug: 33612582]
  - Update OL7 Essential Eight profile [Orabug: 33612582]
  - Disable cis profile [Orabug: 33612582]
  - Disable new CIS and stig_gui profiles for RHEL7 product [Orabug: 34195638]
  - Bump OL7 STIG profile version to v2r8 [Orabug: 34492873]
  - Allow configurations in sudo rules to appear in multiple files [Orabug: 34492873]
  - Update OVAL content for auditd_name_format rule [Orabug: 34664858]
  - Update regex for audit_rules_suid_privilege_function rule [Orabug: 34664858]
  - Introduce mount_option_home template [Orabug: 34664858]
  - Introduce support for "at"-includes in sudoers files [Orabug: 34664858]

• Tue Aug 09 2022 Watson Sato <wsato@redhat.com> - 0.1.63-1

  - Update to the latest upstream release (RHBZ#2116359)
  - Fix SSH Key permissions (RHBZ#2021258)
  - Remove PCI-DSS Benchmark(RHBZ2038165)
  - Updated source of CVE data feed(RHBZ#2028432)
  - Improved alignment with DISA's RHEL7 STIG(RHBZ#1967950)
  - Update RHEL7 STIG profile to v3r8 (RHBZ#2112939)
  - Add warning how to override audit buffer (RHBZ#1993822)
  - Fix smartcard_auth rule for systems installed without authconfig (RHBZ#2116359)
  - Fix check of enable_fips_mode on s390x (RHBZ#2116359)
  - Fix applicability of pam_pkcs11 and grub2 rules on s390x (RHBZ#2116359)

• Tue May 03 2022 Watson Sato <wsato@redhat.com> - 0.1.57-8

  - Remove warning how to override audit buffer (RHBZ#1993822)

• Wed Apr 27 2022 Watson Sato <wsato@redhat.com> - 0.1.57-7

  - Add warning how to override audit buffer (RHBZ#1993822)
  - Fix name of antivirus package in STIG profile (RHBZ#2066321)
  - Update RHEL7 DISA STIG profile to v3r7 (RHBZ#2079217)

• Fri Feb 25 2022 Gabriel Becker <ggasparb@redhat.com> - 0.1.57-6

  - Fix bash remediation of sudo_require_reauthentication (RHBZ#2049532)

• Thu Feb 17 2022 Gabriel Becker <ggasparb@redhat.com> - 0.1.57-5

  - Update RHEL7 DISA STIG profile to v3r6 (RHBZ#2049532)

• Tue Nov 02 2021 Gabriel Becker <ggasparb@redhat.com> - 0.1.57-4

  - Update RHEL7 DISA STIG profile to v3r5 (RHBZ#1996678)

• Thu Oct 21 2021 Gabriel Becker <ggasparb@redhat.com> - 0.1.57-3

  - Fix broken SELinux documentation links (RHBZ#1996678)

• Wed Oct 20 2021 Gabriel Becker <ggasparb@redhat.com> - 0.1.57-2

  - Fix auditd_overflow_action configuration path for RHEL7 (RHBZ#1996678)