github ComplianceAsCode/content v0.1.58
Content 0.1.58
on GitHub

latest releases: v0.1.74, v0.1.73, v0.1.72...
2 years ago

Important Highlights

  • Add SCE Support to build system (#7075)
  • Split RHEL 8 CIS profile using new controls file format (#6976)
  • Introduce automated CCE adder (#7249)
  • CIS Profiles for SLE12 (#7434)
  • Add initial Ubuntu 20.04 STIG Profile (#7220)

New Rules and Profiles

  • Add initial Ubuntu 20.04 STIG Profile (#7220)
  • Add rules for RHEL-08-030610 (#7256)
  • Add Ubuntu to cron.allow, at.allow rules for CIS (#7223)
  • New rules for RHEL-08-010290 (#7151)
  • New rules for RHEL-08-010291 (#7169)
  • Add /var/log/audit individual ownership rules (#7129)
  • New rule for RHEL-08-020270 (#7276)
  • Add rule new for RHEL-08-030700 (#7264)
  • Added new rule for RHEL-08-030710 (#7268)
  • Add rule for RHEL-08-020300 (#7289)
  • Add rule for RHEL-08-020090 (#7313)
  • Introduce support for the distributed SSHd configuration (#6926)
  • UBTU-20-010057: Add missing rules (#7363)
  • Add new rule for RHEL-08-030720 (#7288)
  • Add a new rules RHEL-08-010001 and RHEL-07-020019 (#7344)
  • Add new rule for RHEL-07-030330 and RHEL-08-030730 (#7323)
  • Added rule for RHEL-08-010400 (#7411)
  • Sysctl disable ipv6 (#7460)
  • CIS Profiles for SLE12 (#7434)

Updated Rules and Profiles

  • fix problems with variables in rhel7 cis (#7237)
  • Sort references, identifiers in rule.yml (#6882)
  • Correct some issues with the CIS ICMP redirects rule on RHEL 7/8 (#7259)
  • remove broken links to support.ntp.org (#7262)
  • Mark as machine rules that collect password_object (#7263)
  • OCP4: fips_mode_enabled rule relates to IA-7 (#7267)
  • Enable dconf rules for RHEL9 (#7011)
  • Enable generic rules for RHEL9 (#7147)
  • Introduce support for the distributed SSHd configuration (#6926)
  • Add service_pcscd_enabled to SLE15 PCI-DSS profile (#7322)
  • update version of rhel7 stig_gui profile (#7340)
  • Update References for RHEL8 STIG V1R3 (#7299)
  • Suse sle15 fix reference sles 15 030350 assignment (#7346)
  • Add to sle15 PCI-DSS profile rules for account uniqueness and grub config ownership (#7345)
  • Select sysctl_net_core_bpf_jit_harden for RHEL-08-040286 (#7354)
  • Add SRGs for accounts_password_pam_dictcheck and sssd_enable_certmap (#7362)
  • Update RHEL 8 CIS references to match benchmark 1.0.1 (#7356)
  • Update CCEs and identifiers on rules that make up RHEL 8 CIS 4.1.15 (#7353)
  • generic updates to rhel7 CIS (#7384)
  • Update existing rule for RHEL-08-020320 (#7303)
  • OCP4: Remove kubelet_disable_hostname_override rule (#7391)
  • SLES-12-010599 - remove rule from the STIG (#7397)
  • add kickstarts for rhel8 CIS profiles (#7383)
  • add rhel7 kickstarts for CIS profiles (#7382)
  • UBTU-20-010056: Use rule accounts_password_pam_dictcheck (#7366)
  • Add ensure_logrotate_activated rule to SLES15 PCI-DSS (#7381)
  • products/sle15/profiles/stig.profile: Update according to U_SLES_15_STIG_V1R3 Manual (#7388)
  • Add PCI-DSS rules (#7373)
  • Add PCI-DSS file Rules (#7417)
  • Add PCI-DSS file rules (#7430)
  • SUSE SLE15 service chronyd or ntpd enabled pci dss (#7425)
  • Add rsyslog log file configuration rules to SUSE SLE15 PCI-DSS profile (#7420)
  • Update existing rules for RHEL-07-010492 and RHEL-07-010482 (#7438)
  • Add rule for SLES-12-030365 (#7177)
  • SLE15 add package_aide_installed to PCI-DSS profile (#7476)
  • SLE15 add package security rules to PCI-DSS profile (#7473)
  • SLE15 Add password hashing rules to PCI DSS profile (#7474)
  • SLE15 add audit data retnetion rules to PCI-DSS profile (#7475)
  • SLE15 add sssd_enable_smartcards to PCI-DSS rule (#7472)
  • PCI-DSS Add more auditd rules (#7477)
  • OL7 DISA STIG v2r4 update (#7496)
  • Pcidss Configure Crypto Rules (#7398)

Changes in Remediations

  • Enable remediations for crypto policy settings (#7242)
  • fix ansible of accounts_root_path_dirs_no_write (#7255)
  • add / fix remediations for audit rules wrt modules (#7252)
  • Fix possible issue in harden_openssl_crypto_policy remediation (#7178)
  • Mount option template updates (#7081)
  • Fix coverity problems (#7258)
  • Fix ansible remediation of display_login_attempts (#7271)
  • Fixed the remediations when there are no previous kernelopts (#7257)
  • Remove specific metadata in shared Bash remediations (#7254)
  • Update existing rule for RHEL-08-030650 (#7283)
  • Remove kubelet_disable_hostname_override rule (#7400)
  • Fix remaining audit rule files permissions. (#7440)

Changes in Checks

  • Add oval check for bios_enable_execution_restrictions (#7227)
  • Mount option template updates (#7081)
  • Update existing rule for RHEL-08-030650 (#7283)

Changes in the Infrastructure

  • Prioritize install_smartcard_packages like package_*_installed (#7224)
  • Sort references, identifiers in rule.yml (#6882)
  • Add SCE Support to build system (#7075)
  • SSGTS: tests for shared/templates (#7211)
  • Add new rule for RHEL-08-030720 (#7288)
  • Introduce automated CCE adder (#7249)
  • Add sort prodtypes to fix_rules (#7454)

Changes in the Test Suite

  • Add rhel9 Dockerfile and distro choice into install_vm.py (#7235)
  • fix ansible of accounts_root_path_dirs_no_write (#7255)
  • install_vm.py: add --console option (#7186)
  • Add some more tests (#7083)
  • Add RHEL7 specific test kickstart (#7355)
  • SSGTS: tests for shared/templates (#7211)
  • Fix combined mode execution in SSGTS (#7395)
  • Option --no-reports for SSGTS rule and combined modes (#7523)

Documentation

  • Document rule.yml modification utilities (#6916)
  • Update Mailing list location in docs (#7293)
  • Fix links to repo: SSG->CaC (#7311)
  • More documentation (#7406)
  • Fix RHEL7 documentation links (#7409)
  • Add readthedocs integration badge (#7407)
  • Fix RHEL7 documentation link (#7443)
  • Add bats to gating and docs (#7543)
Check out latest releases or
releases around ComplianceAsCode/content v0.1.58

Don't miss a new content release

NewReleases is sending notifications on new releases.

Get notifications