Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

scap-security-guide-0.1.73-1.el9 RPM for noarch

From CentOS Stream 9 AppStream for aarch64

Name: scap-security-guide Distribution: CentOS
Version: 0.1.73 Vendor: CentOS
Release: 1.el9 Build date: Tue May 21 16:25:25 2024
Group: Unspecified Build host: s390-08.stream.rdu2.redhat.com
Size: 81002903 Source RPM: scap-security-guide-0.1.73-1.el9.src.rpm
Packager: builder@centos.org
Url: https://github.com/ComplianceAsCode/content/
Summary: Security guidance and baselines in SCAP formats
The scap-security-guide project provides a guide for configuration of the
system from the final system's security point of view. The guidance is specified
in the Security Content Automation Protocol (SCAP) format and constitutes
a catalog of practical hardening advice, linked to government requirements
where applicable. The project bridges the gap between generalized policy
requirements and specific implementation guidelines. The system
administrator can use the oscap CLI tool from openscap-scanner package, or the
scap-workbench GUI tool from scap-workbench package to verify that the system
conforms to provided guideline. Refer to scap-security-guide(8) manual page for
further information.

Provides

Requires

License

BSD-3-Clause

Changelog

* Mon May 20 2024 Vojtech Polasek <vpolasek@redhat.com> - 0.1.73-1
  - Rebase to a new upstream release 0.1.73 (RHEL-36663)
  - Correctly parse sudo options even if they are not quoted (RHEL-31976)
  - Ensure that web links within kickstart files are valid (RHEL-30735)
  - Align set of allowed SSH ciphers with STIG requirement (RHEL-29684)
  - Add audit rules on /etc/sysconfig/network-scripts (RHEL-29308)
  - Remove rule restricting user namespaces from stig_gui profile (RHEL-10416)
  - Add rule which enables auditing of files within /etc/sysconfig/network-scripts (RHEL-1093)
* Tue Feb 13 2024 Marcus Burghardt <maburgha@redhat.com> - 0.1.72-1
  - Rebase to a new upstream release 0.1.72 (RHEL-21425)
  - Check dropin files in /etc/systemd/journald.conf.d/ (RHEL-14484)
  - Fix remediation to not update comments (RHEL-1484)
  - Fix package check on SCAP tests for dnf settings (RHEL-17417)
  - Update description for audit_rules_kernel_module_loading (RHEL-1489)
  - Disable remediation for /dev/shm options in offline mode (RHEL-16801)
  - Include explanatory comment in the remediation of CCE-83871-4 (RHEL-17418)
* Tue Dec 05 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-3
  - Align STIG profile with official DISA STIG for RHEL 9 (RHEL-1807)
* Thu Aug 17 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-2
  - Remove OpenSSH crypto policy hardening rules from STIG profile (RHBZ#2221697)
  - Fix ANSSI High profile with secure boot (RHBZ#2221697)
* Wed Aug 09 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-1
  - Rebase to a new upstream release 0.1.69 (RHBZ#2221697)
  - Improve CIS benchmark rules related to auditing of kernel module related events (RHBZ#2209657)
  - SSSD configuration files are now created with correct permissions whenever remediating SSSD related rules (RHBZ#2211511)
  - add warning about migration of network configuration files when upgrading from RHEL 8 to RHEL 9 (RHBZ#2172555)
  - Correct URL used to download CVE checks. (RHBZ#2223178)
  - update ANSSI BP-028 profiles to be aligned with version 2.0 (RHBZ#2155790)
  - Fixed excess quotes in journald configuration files (RHBZ#2193169)
  - Change rules checking home directories to apply only to local users (RHBZ#2203791)
  - Change rules checking password age to apply only to local users (RHBZ#2213958)
  - Updated man page (RHBZ#2060028)
* Mon Feb 13 2023 Watson Sato <wsato@redhat.com> - 0.1.66-1
  - Rebase to a new upstream release 0.1.66 (RHBZ#2169443)
  - Fix remediation of audit watch rules (RHBZ#2169441)
  - Fix check firewalld_sshd_port_enabled (RHBZ#2169443)
  - Fix accepted control flags for pam_pwhistory (RHBZ#2169443)
  - Unselect rule logind_session_timeout (RHBZ#2169443)
  - Add support rainer scripts in rsyslog rules (RHBZ#2169445)
* Thu Aug 25 2022 Gabriel Becker <ggasparb@redhat.com> - 0.1.63-5
  - OSPP: fix rule related to coredump (RHBZ#2081688)
* Tue Aug 23 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.63-4
  - use sysctl_kernel_core_pattern rule again in RHEL9 OSPP (RHBZ#2081688)
* Thu Aug 11 2022 Matej Tyc <matyc@redhat.com> - 0.1.63-3
  - Readd rules to the benchmark to be compatible across all minor versions of RHEL9 (RHBZ#2117669)
* Wed Aug 10 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.63-2
  - OSPP: utilize different audit rule set for different hardware platforms (RHBZ#1998583)
  - OSPP: update rules related to coredumps (RHBZ#2081688)
  - OSPP: update rules related to BPF (RHBZ#2081728)
  - fix description of require_singleuser_mode (RHBZ#2092799)
  - fix remediation of OpenSSL cryptopolicy (RHBZ#2108569)
  - OSPP: use minimal Authselect profile(RHBZ#2114979)
* Mon Aug 01 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.63-1
  - Rebase to a new upstream release 0.1.63 (RHBZ#2070563)
* Mon Jul 18 2022 Vojtech Polasek <vpolasek@redhat.com> - 0.1.62-2
  - Remove sysctl_fs_protected_* rules from RHEL9 OSPP (RHBZ#2081719)
  - Make rule audit_access_success_ unenforcing in RHEL9 OSPP (RHBZ#2058154)
  - Drop zipl_vsyscall_argument rule from RHEL9 OSPP profile (RHBZ#2060049)
  - make sysctl_user_max_user_namespaces in RHEL9 OSPP (RHBZ#2083716)
  - Remove some sysctl rules  related to network from RHEL9 OSPP (RHBZ#2081708)
  - Add rule to check if Grub2 recovery is disabled to RHEL9 OSPP (RHBZ#2092809)
  - Add rule grub2_systemd_debug-shell_argument_absent (RHBZ#2092840)
  - Remove rule accounts_password_minlen_login_defs from all profiles (RHBZ#2073040)
  - Remove rules related to remove logging from RHEL9 OSPP (RHBZ#2105016)
  - Remove sshd_enable_strictmodes from OSPP (RHBZ#2105278)
  - Remove rules related to NIS services (RHBZ#2096602)
  - Make rule stricter when checking for FIPS crypto-policies (RHBZ#2057082)
* Wed Jun 01 2022 Matej Tyc <matyc@redhat.com> - 0.1.62-1
  - Rebase to a new upstream release (RHBZ#2070563)

Files

/usr/share/doc/scap-security-guide/LICENSE
/usr/share/man/man8/scap-security-guide.8.gz
/usr/share/scap-security-guide/ansible/cs9-playbook-anssi_bp28_enhanced.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-anssi_bp28_high.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-anssi_bp28_intermediary.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-anssi_bp28_minimal.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-ccn_advanced.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-ccn_basic.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-ccn_intermediate.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-cis.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-cis_server_l1.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-cis_workstation_l1.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-cis_workstation_l2.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-cui.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-e8.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-hipaa.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-ism_o.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-ospp.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-pci-dss.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-stig.yml
/usr/share/scap-security-guide/ansible/cs9-playbook-stig_gui.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-anssi_bp28_enhanced.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-anssi_bp28_high.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-anssi_bp28_intermediary.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-anssi_bp28_minimal.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-ccn_advanced.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-ccn_basic.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-ccn_intermediate.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-cis.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-cis_server_l1.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-cis_workstation_l1.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-cis_workstation_l2.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-cui.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-e8.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-hipaa.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-ism_o.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-ospp.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-pci-dss.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-stig.yml
/usr/share/scap-security-guide/ansible/rhel9-playbook-stig_gui.yml
/usr/share/scap-security-guide/kickstart
/usr/share/scap-security-guide/kickstart/ssg-rhel9-anssi_bp28_enhanced-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-anssi_bp28_high-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-anssi_bp28_intermediary-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-anssi_bp28_minimal-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-ccn_advanced-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-ccn_basic-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-ccn_intermediate-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-cis-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-cis_server_l1-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-cis_workstation_l1-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-cis_workstation_l2-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-cui-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-e8-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-hipaa-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-ism_o-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-ospp-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-pci-dss-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-stig-ks.cfg
/usr/share/scap-security-guide/kickstart/ssg-rhel9-stig_gui-ks.cfg
/usr/share/xml/scap/ssg/content
/usr/share/xml/scap/ssg/content/ssg-cs9-ds.xml
/usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Oct 21 05:11:33 2025