pool/scap-security-guide
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
81 Commits 1 Branch 0 Tags 216 KiB
3ac2c23c44
Commit Graph

81 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Marcus Meissner
3ac2c23c44 - add openeuler to -redhat package 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=107
 2024-02-14 09:47:53 +00:00
Marcus Meissner
6e0ee3582a - add openeuler to -redhat package 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=106
 2024-02-14 08:05:30 +00:00
Marcus Meissner
731e806bbf Accepting request 1146455 from home:msmeissn:branches:security 
- updated to 0.1.72 (jsc#ECO-3319)
  - ANSSI BP 028 profile for debian12 (#11368)
  - Building on Windows (#11406)
  - Control for BSI APP.4.4 (#11342)
  - update to CIS RHEL 7 and RHEL 8 profiles aligning them with the latest benchmarks
  - various fixes to SLE profiles
- removed ssg-fix-journald.patch: fixed upstream

OBS-URL: https://build.opensuse.org/request/show/1146455
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=105
 2024-02-13 16:29:31 +00:00
Marcus Meissner
d5a14ad98e OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=103 2024-01-10 14:20:40 +00:00
Marcus Meissner
b89892b2dc - removed left over file 
0001-Revert-fix-aide-remediations-add-crontabs.patch upstreamed in 0.1.69

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=102
 2024-01-10 14:20:21 +00:00
Marcus Meissner
5afc6518e1 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=101 2024-01-10 14:19:45 +00:00
Marcus Meissner
841be0f343 - dropped 0001-Revert-fix-aide-remediations-add-crontabs.patch (upstreamed) 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=100
 2024-01-10 14:18:37 +00:00
Marcus Meissner
b48927e9fb OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=98 2023-12-21 10:11:21 +00:00
Marcus Meissner
6bb5d929b4 - ssg-fix-journald.patch: switch buggy journald plugindir remediation 
to write into journald.conf. (bsc#1217832)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=97
 2023-12-21 10:10:58 +00:00
Marcus Meissner
3a8b8dfaa1 Accepting request 1134022 from home:msmeissn:branches:security 
- updated to 0.1.71 (jsc#ECO-3319)
  - Add RHEL 9 STIG
  - Add support for Debian 12
  - Update PCI-DSS profile for RHEL
  - lots of bugfixes and improvements for SLE

OBS-URL: https://build.opensuse.org/request/show/1134022
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=95
 2023-12-19 16:20:16 +00:00
Marcus Meissner
f4711ab17b Accepting request 1118523 from home:msmeissn:branches:security 
- updated to 0.1.70 (jsc#ECO-3319)
  - Add openembedded distro support (#10793)
  - Remove DRAFT wording for OpenShift STIG (#11100)
  - Remove test-function-check_playbook_file_removed_and_added test (#10982)
  - scap-security-guide: Add Poky support (#11046)

OBS-URL: https://build.opensuse.org/request/show/1118523
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=93
 2023-10-19 08:30:13 +00:00
Marcus Meissner
444ae4eb5a OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=92 2023-08-05 07:14:19 +00:00
Marcus Meissner
6dab979f4d Accepting request 1102114 from home:msmeissn:branches:security 
- updated to 0.1.69 (jsc#ECO-3319)
  - Introduce a JSON build manifest (#10761)
  - Introduce a script to compare ComplianceAsCode versions (#10768)
  - Introduce CCN profiles for RHEL9 (#10860)
  - Map rules to components (#10609)
  - products/anolis23: supports Anolis OS 23 (#10548)
  - Render components to HTML (#10709)
  - Store rendered control files (#10656)
  - Test and use rules to components mapping (#10693)
  - Use distributed product properties (#10554)
- 0001-Revert-fix-aide-remediations-add-crontabs.patch: removed, upstream

OBS-URL: https://build.opensuse.org/request/show/1102114
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=90
 2023-08-03 07:00:46 +00:00
Marcus Meissner
7e51c57c29 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=88 2023-07-27 07:00:40 +00:00
Marcus Meissner
4e2af1cbe5 - 0001-Revert-fix-aide-remediations-add-crontabs.patch: 
revert patch that breaks the SLE hardening (bsc#1213691)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=87
 2023-07-27 07:00:24 +00:00
Marcus Meissner
4b93898ab2 Accepting request 1093440 from home:msmeissn:branches:security 
- updated to 0.1.68 (jsc#ECO-3319)
  - Bump OL8 STIG version to V1R6
  - Introduce a Product class, make the project work with it
  - Introduce Fedora and Firefox CaC profiles for common workstation users
  - OL7 DISA STIG v2r11 update
  - Publish rendered policy artifacts
  - Update ANSSI BP-028 to version 2.0
- updated to 0.1.67 (jsc#ECO-3319)
  - Add utils/controlrefcheck.py
  - RHEL 9 STIG Update Q1 2023
  - Include warning for NetworkManager keyfiles in RHEL9
  - OL7 stig v2r10 update
  - Bump version of OL8 STIG to V1R5
- various enhancements to SLE profiles
- scap-security-guide-UnicodeEncodeError-character-fix.patch: fixed upstream

OBS-URL: https://build.opensuse.org/request/show/1093440
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=85
 2023-06-16 07:16:01 +00:00
Marcus Meissner
1da4c878e8 - updated to 0.1.66 (jsc#ECO-3319) 
- Ubuntu 22.04 CIS
  - OL7 stig v2r9 update
  - Bump OL8 STIG version to V1R4
  - Update RHEL7 STIG to V3R10
  - Update RHEL8 STIG to V1R9
  - Introduce CIS RHEL9 profiles
- also various SUSE profile fixes were done

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=83
 2023-02-06 15:04:42 +00:00
Marcus Meissner
dce8ee0fe9 Accepting request 1040265 from home:msmeissn:branches:security 
- updated to 0.1.65 (jsc#ECO-3319)
   - Introduce cui profile for OL9
   - Remove Support for OVAL 5.10
   - Rename account_passwords_pam_faillock_audit
   - CI ansible hardening and rename of existing Bash hardening
   - Update contributors list for v0.1.65 release
   - various SUSE profile specific fixes

OBS-URL: https://build.opensuse.org/request/show/1040265
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=81
 2022-12-05 12:44:01 +00:00
Marcus Meissner
aa97eceaa7 - require sudo, as remediations touch sudo config or use sudo. 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=79
 2022-11-25 13:16:57 +00:00
Marcus Meissner
8f4f076e71 - enable ubuntu 2204 build 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=77
 2022-10-05 09:22:16 +00:00
Marcus Meissner
b7a0ce2ed7 - updated to 0.1.64 (jsc#ECO-3319) 
- Introduce ol9 stig profile
   - Introduce Ol9 anssi profiles
   - Update RHEL8 STIG to V1R7
   - Introduce e8 profile for OL9
   - Update RHEL7 STIG to V3R8
   - some SUSE profile fixes

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=75
 2022-10-01 09:00:13 +00:00
Marcus Meissner
779881f7d7 - Added several RPM requires that are needed by the SUSE remediation 
scripts. (e.g. awk is not necessary installed)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=73
 2022-09-21 08:25:12 +00:00
Marcus Meissner
7493083014 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=71 2022-08-02 12:46:34 +00:00
Marcus Meissner
9d790ae2f3 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=70 2022-08-02 11:56:04 +00:00
Marcus Meissner
14e6352898 disable alibaba linux for now 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=69
 2022-08-02 10:50:33 +00:00
Marcus Meissner
316cd1586b - Fixed: stig: /etc/shadow group owner should not be root but shadow (bsc#1200149) 
- Fixed: sles15_script-stig.sh: remediation_functions: No such file or directory (bsc#1200163)
- Fixed: SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity (bsc#1200122)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=68
 2022-07-30 14:07:22 +00:00
Marcus Meissner
c851cbd50a OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=67 2022-07-30 14:02:13 +00:00
Marcus Meissner
2f7037c731 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=66 2022-07-30 14:01:53 +00:00
Marcus Meissner
2eb737837b - updated to 0.1.63 (jsc#ECO-3319) 
- multiple bugfixes in SUSE profiles
   - Expand project guidelines 
   - Add Draft OCP4 STIG profile 
   - Add anssi_bp28_intermediary profile 
   - add products/uos20 to support UnionTech OS Server 20
   - products/alinux3: Add CIS Alibaba Cloud Linux 3 profiles
   - Remove WRLinux Products
   - Update CIS RHEL8 Benchmark for v2.0.0

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=65
 2022-07-30 14:01:30 +00:00
Marcus Meissner
e9069206a8 Accepting request 989423 from home:juliogonzalezgil:branches:security 
- Fix the build for RHEL 7 and clones (python-setuptools is used)

OBS-URL: https://build.opensuse.org/request/show/989423
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=63
 2022-07-15 12:04:55 +00:00
Marcus Meissner
72a0614358 Accepting request 987134 from home:juliogonzalezgil:branches:security 
- Fix the build for RHEL 9 and clones

OBS-URL: https://build.opensuse.org/request/show/987134
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=61
 2022-07-06 10:27:19 +00:00
Marcus Meissner
bed5d29c1e OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=59 2022-06-28 08:21:15 +00:00
Marcus Meissner
d2594301b5 - fix-bash-template.patch: convert one bash emitter to new jinja method. 
(bsc#1200163)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=58
 2022-06-27 13:00:45 +00:00
Marcus Meissner
7bea99af49 - add python3-setuptools for all builds (so it is also used on debian 
and centos flavors)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=56
 2022-06-09 15:38:39 +00:00
Marcus Meissner
41770cd841 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=55 2022-06-09 15:32:55 +00:00
Marcus Meissner
cc2a240412 - add python3-setuptools for debian builds 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=54
 2022-06-09 15:32:00 +00:00
Marcus Meissner
7d80347bc9 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=52 2022-05-30 13:46:43 +00:00
Marcus Meissner
aac6818829 - updated to 0.1.62 (jsc#ECO-3319) 
- Update rhel8 stig to v1r6
  - OL7 STIG v2r7 update
  - Initial definition of ANSSI BP28 minmal profile for SLE

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=51
 2022-05-30 12:50:00 +00:00
Marcus Meissner
b8d0261f0a OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=50 2022-05-04 07:17:02 +00:00
Marcus Meissner
ae3c689fbf OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=49 2022-04-27 06:57:13 +00:00
Marcus Meissner
afaf6269b8 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=48 2022-04-12 13:18:33 +00:00
Marcus Meissner
8412ab4411 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=46 2022-04-04 09:03:43 +00:00
Marcus Meissner
d29da4888b - updated to 0.1.61 (jsc#ECO-3319) 
- Stop building PCI-DSS-centric XCCDF benchmark for RHEL 7
  - Introduce OL9 product
  - Implement handling of logical expressions in platform definitions

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=45
 2022-04-04 08:41:19 +00:00
Marcus Meissner
1e35edc382 - bump disk size constraints to 7gb to avoid occasional disk fulls failures. 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=44
 2022-02-22 15:20:05 +00:00
Marcus Meissner
c8e5a26671 Accepting request 949738 from home:msmeissn:branches:security 
- updated to 0.1.60 (jsc#ECO-3319)
  - New draft stig profile v1r1 for OL8
  - New product Amazon EKS platform and initial CIS profiles
  - New product CentOS Stream 9, as a derivative from RHEL9 product

OBS-URL: https://build.opensuse.org/request/show/949738
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=43
 2022-01-28 16:28:07 +00:00
Marcus Meissner
a79dc49061 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=42 2021-11-29 12:16:34 +00:00
Marcus Meissner
e166bbe082 - updated to 0.1.59 release (jsc#ECO-3319) 
- Support for Debian 11
  - NERC CIP profiles for OCP4 and RHCOS
  - HIPAA profile for SLE15
  - Delta Tailoring Files for STIG profiles

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=41
 2021-11-27 15:41:29 +00:00
Marcus Meissner
f0bb083c48 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=40 2021-10-07 15:04:19 +00:00
Marcus Meissner
3910b93b4a OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=39 2021-10-07 14:59:44 +00:00
Marcus Meissner
56cdaf93b5 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=38 2021-10-07 14:44:53 +00:00