pool/scap-security-guide
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
92 Commits 1 Branch 0 Tags 216 KiB
40ddaa0315
Commit Graph

92 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Dominique Leuenberger
40ddaa0315 Accepting request 1093441 from security 
- updated to 0.1.68 (jsc#ECO-3319)
  - Bump OL8 STIG version to V1R6
  - Introduce a Product class, make the project work with it
  - Introduce Fedora and Firefox CaC profiles for common workstation users
  - OL7 DISA STIG v2r11 update
  - Publish rendered policy artifacts
  - Update ANSSI BP-028 to version 2.0
- updated to 0.1.67 (jsc#ECO-3319)
  - Add utils/controlrefcheck.py
  - RHEL 9 STIG Update Q1 2023
  - Include warning for NetworkManager keyfiles in RHEL9
  - OL7 stig v2r10 update
  - Bump version of OL8 STIG to V1R5
- various enhancements to SLE profiles
- scap-security-guide-UnicodeEncodeError-character-fix.patch: fixed upstream (forwarded request 1093440 from msmeissn)

OBS-URL: https://build.opensuse.org/request/show/1093441
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=27
 2023-06-16 14:55:37 +00:00
Marcus Meissner
4b93898ab2 Accepting request 1093440 from home:msmeissn:branches:security 
- updated to 0.1.68 (jsc#ECO-3319)
  - Bump OL8 STIG version to V1R6
  - Introduce a Product class, make the project work with it
  - Introduce Fedora and Firefox CaC profiles for common workstation users
  - OL7 DISA STIG v2r11 update
  - Publish rendered policy artifacts
  - Update ANSSI BP-028 to version 2.0
- updated to 0.1.67 (jsc#ECO-3319)
  - Add utils/controlrefcheck.py
  - RHEL 9 STIG Update Q1 2023
  - Include warning for NetworkManager keyfiles in RHEL9
  - OL7 stig v2r10 update
  - Bump version of OL8 STIG to V1R5
- various enhancements to SLE profiles
- scap-security-guide-UnicodeEncodeError-character-fix.patch: fixed upstream

OBS-URL: https://build.opensuse.org/request/show/1093440
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=85
 2023-06-16 07:16:01 +00:00
Dominique Leuenberger
820a5074ee Accepting request 1063457 from security 
- updated to 0.1.66 (jsc#ECO-3319)
  - Ubuntu 22.04 CIS
  - OL7 stig v2r9 update
  - Bump OL8 STIG version to V1R4
  - Update RHEL7 STIG to V3R10
  - Update RHEL8 STIG to V1R9
  - Introduce CIS RHEL9 profiles
- also various SUSE profile fixes were done

OBS-URL: https://build.opensuse.org/request/show/1063457
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=26
 2023-02-07 17:48:50 +00:00
Marcus Meissner
1da4c878e8 - updated to 0.1.66 (jsc#ECO-3319) 
- Ubuntu 22.04 CIS
  - OL7 stig v2r9 update
  - Bump OL8 STIG version to V1R4
  - Update RHEL7 STIG to V3R10
  - Update RHEL8 STIG to V1R9
  - Introduce CIS RHEL9 profiles
- also various SUSE profile fixes were done

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=83
 2023-02-06 15:04:42 +00:00
Dominique Leuenberger
81ce935701 Accepting request 1042353 from security 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/1042353
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=25
 2022-12-12 16:40:08 +00:00
Marcus Meissner
dce8ee0fe9 Accepting request 1040265 from home:msmeissn:branches:security 
- updated to 0.1.65 (jsc#ECO-3319)
   - Introduce cui profile for OL9
   - Remove Support for OVAL 5.10
   - Rename account_passwords_pam_faillock_audit
   - CI ansible hardening and rename of existing Bash hardening
   - Update contributors list for v0.1.65 release
   - various SUSE profile specific fixes

OBS-URL: https://build.opensuse.org/request/show/1040265
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=81
 2022-12-05 12:44:01 +00:00
Dominique Leuenberger
90e86c6f2f Accepting request 1039608 from security 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/1039608
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=24
 2022-12-03 09:03:34 +00:00
Marcus Meissner
aa97eceaa7 - require sudo, as remediations touch sudo config or use sudo. 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=79
 2022-11-25 13:16:57 +00:00
Richard Brown
80234036dd Accepting request 1008181 from security 
- enable ubuntu 2204 build

OBS-URL: https://build.opensuse.org/request/show/1008181
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=23
 2022-10-06 05:42:23 +00:00
Marcus Meissner
8f4f076e71 - enable ubuntu 2204 build 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=77
 2022-10-05 09:22:16 +00:00
Richard Brown
93a6073d11 Accepting request 1007411 from security 
- updated to 0.1.64 (jsc#ECO-3319)
   - Introduce ol9 stig profile
   - Introduce Ol9 anssi profiles
   - Update RHEL8 STIG to V1R7
   - Introduce e8 profile for OL9
   - Update RHEL7 STIG to V3R8
   - some SUSE profile fixes

OBS-URL: https://build.opensuse.org/request/show/1007411
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=22
 2022-10-01 15:44:00 +00:00
Marcus Meissner
b7a0ce2ed7 - updated to 0.1.64 (jsc#ECO-3319) 
- Introduce ol9 stig profile
   - Introduce Ol9 anssi profiles
   - Update RHEL8 STIG to V1R7
   - Introduce e8 profile for OL9
   - Update RHEL7 STIG to V3R8
   - some SUSE profile fixes

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=75
 2022-10-01 09:00:13 +00:00
Dominique Leuenberger
ebd25dc3b1 Accepting request 1005139 from security 
- Added several RPM requires that are needed by the SUSE remediation
  scripts. (e.g. awk is not necessary installed)

OBS-URL: https://build.opensuse.org/request/show/1005139
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=21
 2022-09-21 12:43:08 +00:00
Marcus Meissner
779881f7d7 - Added several RPM requires that are needed by the SUSE remediation 
scripts. (e.g. awk is not necessary installed)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=73
 2022-09-21 08:25:12 +00:00
Dominique Leuenberger
a6f694089d Accepting request 992448 from security 
- updated to 0.1.63 (jsc#ECO-3319)
   - multiple bugfixes in SUSE profiles
   - Expand project guidelines 
   - Add Draft OCP4 STIG profile 
   - Add anssi_bp28_intermediary profile 
   - add products/uos20 to support UnionTech OS Server 20
   - products/alinux3: Add CIS Alibaba Cloud Linux 3 profiles
   - Remove WRLinux Products
   - Update CIS RHEL8 Benchmark for v2.0.0
- removed fix-bash-template.patch: fixed upstream
- Fixed: stig: /etc/shadow group owner should not be root but shadow (bsc#1200149)
- Fixed: sles15_script-stig.sh: remediation_functions: No such file or directory (bsc#1200163)
- Fixed: SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity (bsc#1200122)

OBS-URL: https://build.opensuse.org/request/show/992448
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=20
 2022-08-03 19:16:33 +00:00
Marcus Meissner
7493083014 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=71 2022-08-02 12:46:34 +00:00
Marcus Meissner
9d790ae2f3 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=70 2022-08-02 11:56:04 +00:00
Marcus Meissner
14e6352898 disable alibaba linux for now 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=69
 2022-08-02 10:50:33 +00:00
Marcus Meissner
316cd1586b - Fixed: stig: /etc/shadow group owner should not be root but shadow (bsc#1200149) 
- Fixed: sles15_script-stig.sh: remediation_functions: No such file or directory (bsc#1200163)
- Fixed: SLES-15-010130 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity (bsc#1200122)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=68
 2022-07-30 14:07:22 +00:00
Marcus Meissner
c851cbd50a OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=67 2022-07-30 14:02:13 +00:00
Marcus Meissner
2f7037c731 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=66 2022-07-30 14:01:53 +00:00
Marcus Meissner
2eb737837b - updated to 0.1.63 (jsc#ECO-3319) 
- multiple bugfixes in SUSE profiles
   - Expand project guidelines 
   - Add Draft OCP4 STIG profile 
   - Add anssi_bp28_intermediary profile 
   - add products/uos20 to support UnionTech OS Server 20
   - products/alinux3: Add CIS Alibaba Cloud Linux 3 profiles
   - Remove WRLinux Products
   - Update CIS RHEL8 Benchmark for v2.0.0

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=65
 2022-07-30 14:01:30 +00:00
Richard Brown
13dd971c22 Accepting request 989425 from security 
- Fix the build for RHEL 7 and clones (python-setuptools is used) (forwarded request 989423 from juliogonzalezgil)

OBS-URL: https://build.opensuse.org/request/show/989425
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=19
 2022-07-18 16:33:10 +00:00
Marcus Meissner
e9069206a8 Accepting request 989423 from home:juliogonzalezgil:branches:security 
- Fix the build for RHEL 7 and clones (python-setuptools is used)

OBS-URL: https://build.opensuse.org/request/show/989423
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=63
 2022-07-15 12:04:55 +00:00
Dominique Leuenberger
2075cfc440 Accepting request 987136 from security 
- Fix the build for RHEL 9 and clones

OBS-URL: https://build.opensuse.org/request/show/987136
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=18
 2022-07-06 13:42:24 +00:00
Marcus Meissner
72a0614358 Accepting request 987134 from home:juliogonzalezgil:branches:security 
- Fix the build for RHEL 9 and clones

OBS-URL: https://build.opensuse.org/request/show/987134
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=61
 2022-07-06 10:27:19 +00:00
Dominique Leuenberger
97b280dca8 Accepting request 985543 from security 
- fix-bash-template.patch: convert one bash emitter to new jinja method.
  (bsc#1200163)

OBS-URL: https://build.opensuse.org/request/show/985543
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=17
 2022-06-28 13:22:59 +00:00
Marcus Meissner
bed5d29c1e OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=59 2022-06-28 08:21:15 +00:00
Marcus Meissner
d2594301b5 - fix-bash-template.patch: convert one bash emitter to new jinja method. 
(bsc#1200163)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=58
 2022-06-27 13:00:45 +00:00
Dominique Leuenberger
5113e0b4ad Accepting request 981542 from security 
- add python3-setuptools for all builds (so it is also used on debian 
  and centos flavors)

OBS-URL: https://build.opensuse.org/request/show/981542
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=16
 2022-06-10 13:57:40 +00:00
Marcus Meissner
7bea99af49 - add python3-setuptools for all builds (so it is also used on debian 
and centos flavors)

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=56
 2022-06-09 15:38:39 +00:00
Marcus Meissner
41770cd841 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=55 2022-06-09 15:32:55 +00:00
Marcus Meissner
cc2a240412 - add python3-setuptools for debian builds 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=54
 2022-06-09 15:32:00 +00:00
Dominique Leuenberger
1facc62659 Accepting request 979906 from security 
- updated to 0.1.62 (jsc#ECO-3319)
  - Update rhel8 stig to v1r6
  - OL7 STIG v2r7 update
  - Initial definition of ANSSI BP28 minmal profile for SLE

OBS-URL: https://build.opensuse.org/request/show/979906
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=15
 2022-05-31 13:47:23 +00:00
Marcus Meissner
7d80347bc9 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=52 2022-05-30 13:46:43 +00:00
Marcus Meissner
aac6818829 - updated to 0.1.62 (jsc#ECO-3319) 
- Update rhel8 stig to v1r6
  - OL7 STIG v2r7 update
  - Initial definition of ANSSI BP28 minmal profile for SLE

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=51
 2022-05-30 12:50:00 +00:00
Marcus Meissner
b8d0261f0a OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=50 2022-05-04 07:17:02 +00:00
Marcus Meissner
ae3c689fbf OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=49 2022-04-27 06:57:13 +00:00
Marcus Meissner
afaf6269b8 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=48 2022-04-12 13:18:33 +00:00
Dominique Leuenberger
afb9e22918 Accepting request 969149 from security 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/969149
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=14
 2022-04-11 21:49:07 +00:00
Marcus Meissner
8412ab4411 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=46 2022-04-04 09:03:43 +00:00
Marcus Meissner
d29da4888b - updated to 0.1.61 (jsc#ECO-3319) 
- Stop building PCI-DSS-centric XCCDF benchmark for RHEL 7
  - Introduce OL9 product
  - Implement handling of logical expressions in platform definitions

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=45
 2022-04-04 08:41:19 +00:00
Dominique Leuenberger
24b0ec77fc Accepting request 956819 from security 
- bump disk size constraints to 7gb to avoid occasional disk fulls failures.

OBS-URL: https://build.opensuse.org/request/show/956819
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=13
 2022-02-22 20:18:30 +00:00
Marcus Meissner
1e35edc382 - bump disk size constraints to 7gb to avoid occasional disk fulls failures. 
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=44
 2022-02-22 15:20:05 +00:00
Dominique Leuenberger
b160225a22 Accepting request 949739 from security 
- updated to 0.1.60 (jsc#ECO-3319)
  - New draft stig profile v1r1 for OL8
  - New product Amazon EKS platform and initial CIS profiles
  - New product CentOS Stream 9, as a derivative from RHEL9 product (forwarded request 949738 from msmeissn)

OBS-URL: https://build.opensuse.org/request/show/949739
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=12
 2022-01-29 19:59:27 +00:00
Marcus Meissner
c8e5a26671 Accepting request 949738 from home:msmeissn:branches:security 
- updated to 0.1.60 (jsc#ECO-3319)
  - New draft stig profile v1r1 for OL8
  - New product Amazon EKS platform and initial CIS profiles
  - New product CentOS Stream 9, as a derivative from RHEL9 product

OBS-URL: https://build.opensuse.org/request/show/949738
OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=43
 2022-01-28 16:28:07 +00:00
Dominique Leuenberger
a25ec98517 Accepting request 934677 from security 
- updated to 0.1.59 release (jsc#ECO-3319)
  - Support for Debian 11
  - NERC CIP profiles for OCP4 and RHCOS
  - HIPAA profile for SLE15
  - Delta Tailoring Files for STIG profiles

OBS-URL: https://build.opensuse.org/request/show/934677
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=11
 2021-11-30 22:15:52 +00:00
Marcus Meissner
a79dc49061 OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=42 2021-11-29 12:16:34 +00:00
Marcus Meissner
e166bbe082 - updated to 0.1.59 release (jsc#ECO-3319) 
- Support for Debian 11
  - NERC CIP profiles for OCP4 and RHCOS
  - HIPAA profile for SLE15
  - Delta Tailoring Files for STIG profiles

OBS-URL: https://build.opensuse.org/package/show/security/scap-security-guide?expand=0&rev=41
 2021-11-27 15:41:29 +00:00
Dominique Leuenberger
45804e99e2 Accepting request 924190 from security 
- Fix SLE-12 build issue caused by '\xb0' character (bsc#1191431).
  - Add scap-security-guide-UnicodeEncodeError-character-fix.patch

OBS-URL: https://build.opensuse.org/request/show/924190
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/scap-security-guide?expand=0&rev=10
 2021-10-11 13:31:10 +00:00