[ol7_latest] scap-security-guide-0.1.73-1.0.3.el7_9.noarch

Name:	scap-security-guide
Version:	0.1.73
Release:	1.0.3.el7_9
Architecture:	noarch
Group:	System Environment/Base
Size:	273692274
License:	BSD-3-Clause
RPM:	scap-security-guide-0.1.73-1.0.3.el7_9.noarch.rpm
Source RPM:	scap-security-guide-0.1.73-1.0.3.el7_9.src.rpm
Build Date:	Thu Aug 08 2024
Build Host:	build-ol7-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://github.com/ComplianceAsCode/content
Summary:	Security guidance and baselines in SCAP formats
Description:	The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. The Oracle Linux 7 system administrator can use the oscap command-line tool from the openscap-utils package to verify that the system conforms to provided guideline. Refer to scap-security-guide(8) manual page for further information.

Changelog (Show File list) (Show related packages)

Tue Aug 06 2024 Edgar Aguilar <edgar.aguilar@oracle.com> - 0.1.73-1.0.3

- Update stig profile version to v2r1 for ol8 [Orabug: 36922647]
- Add ansible remediation to the rules
  accounts_user_dot_no_world_writable_programs
  no_tmux_in_shells 
  account_password_selinux_faillock_dir
  configure_usbguard_auditbackend [Orabug: 36922647]
- Fix bash bug in account_disable_inactivity rules [Orabug: 36922647]

Wed Jun 05 2024 Edgar Aguilar <edgar.aguilar@oracle.com> - 0.1.73-1.0.1

- Rebase patches to v0.1.73-1 [Orabug: 36702060]
- Update jinja conditionals in source, so built contents include all expected
 strings/code [Orabug: 35450273]
- Update vendor references to mention Oracle and Oracle Linux [Orabug: 35450273]
- Update rhel7 project profiles to use oracle gpgkey [Orabug: 33612582]
- Update rhel7 profiles to generate Oracle Linux 7 content [Orabug: 33612582]
- Update source to generate Oracle Linux 7 content [Orabug: 33612582]
- Add ntpd and chronyd OL approved servers support [Orabug: 33612582]
- Add UEFI boot loader rules to Oracle Linux 7 profiles [Orabug: 33612582]
- Fix OL7 mapping in stable_profile_ids test [Orabug: 33612582]
- Update OL7 Essential Eight profile [Orabug: 33612582]
- Disable cis profile [Orabug: 33612582]
- Disable new CIS and stig_gui profiles for RHEL7 product [Orabug: 34195638]

Tue May 21 2024 Jan Černý <jcerny@redhat.com> - 0.1.73-1

- Rebase scap-security-guide package to version 0.1.73 (RHEL-36739)

Fri Feb 16 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-2
```
- Unlist profiles no longer maintained in RHEL8.
```

Wed Feb 14 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-1

- Rebase to a new upstream release 0.1.72 (RHEL-25251)
- Include filter to dracut files in audit_rules_privileged_commands rule (RHEL-11938)

Fri Aug 04 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-1

- Rebase to the latest upstream release (RHBZ#2221694)
- Make IPv6 related rules applicable only in case IPv6 is actually enabled. (RHBZ#2210276)
- update ANSSI BP-028 profiles to be aligned with version 2.0 (RHBZ#2155793)
- Correct URL used to download CVE checks. (RHBZ#2223817)

Tue Feb 14 2023 Watson Sato <wsato@redhat.com> - 0.1.66-1

- Rebase to a new upstream release 0.1.66 (RHBZ#2158410)
- Update RHEL7 STIG profile to V3R10 (RHBZ#2152657)
- Align file_permissions_sshd_private_key with DISA Benchmark (RHBZ#2123284)
- Fix remediation of audit watch rules (RHBZ#2123367)
- Fix check firewalld_sshd_port_enabled (RHBZ#2158410)
- Fix accepted control flags for pam_pwhistory (RHBZ#2158410)
- Unselect rule logind_session_timeout (RHBZ#2158410)
- Add support rainer scripts in rsyslog rules (RHBZ#2170038)

Tue Aug 09 2022 Watson Sato <wsato@redhat.com> - 0.1.63-1

- Update to the latest upstream release (RHBZ#2116359)
- Fix SSH Key permissions (RHBZ#2021258)
- Remove PCI-DSS Benchmark(RHBZ2038165)
- Updated source of CVE data feed(RHBZ#2028432)
- Improved alignment with DISA's RHEL7 STIG(RHBZ#1967950)
- Update RHEL7 STIG profile to v3r8 (RHBZ#2112939)
- Add warning how to override audit buffer (RHBZ#1993822)
- Fix smartcard_auth rule for systems installed without authconfig (RHBZ#2116359)
- Fix check of enable_fips_mode on s390x (RHBZ#2116359)
- Fix applicability of pam_pkcs11 and grub2 rules on s390x (RHBZ#2116359)

Tue May 03 2022 Watson Sato <wsato@redhat.com> - 0.1.57-8

- Remove warning how to override audit buffer (RHBZ#1993822)

Wed Apr 27 2022 Watson Sato <wsato@redhat.com> - 0.1.57-7

- Add warning how to override audit buffer (RHBZ#1993822)
- Fix name of antivirus package in STIG profile (RHBZ#2066321)
- Update RHEL7 DISA STIG profile to v3r7 (RHBZ#2079217)