github ComplianceAsCode/content v0.1.62
Content 0.1.62
on GitHub

latest releases: v0.1.74, v0.1.73, v0.1.72...
2 years ago

Important Highlights

  • Update rhel8 stig to v1r6 (#8670)
  • OL7 STIG v2r7 update (#8689)
  • Initial definition of ANSSI BP28 minmal profile for SLE (#8540)

New Rules and Profiles

  • New rules for network sysctls (#8371)
  • Grub2 bootloader CPU mitigations (#8325)
  • Add new template to check kernel build configurations (#8435)
  • Kernel memory configs (#8477)
  • Add rules for kernel memory allocators settings (#8488)
  • Add rules for kernel data structure configs (#8483)
  • Add rules for various kernel behaviors (#8502)
  • Add rules to check kernel IP stack configs (#8501)
  • Add rules for kernel compiler features (#8499)
  • Add rules for kernel security options (#8498)
  • Add rules for kernel module security (#8492)
  • Add rules for ARM64 kernel (#8506)
  • Add rules for 64b kernel (#8504)
  • Add rules to configure Kernel panic behavior (#8503)

Updated Rules and Profiles

  • gid_passwd_group_same oval does not allow ! in passwd field (#8296)
  • Update SRG-OS-000028-GPOS-00009 for RHEL9 STIG (#8321)
  • Update SRG-OS-000032-GPOS-00013 for RHEL9 STIG (#8363)
  • Fix missing "to" in account restriction warnings (#8399)
  • SLE15 add sysctl_kernel_exec_shield to HIPAA profile5 (#7891)
  • Update SRG-OS-000480-GPOS-00229 for RHEL9 STIG (#8405)
  • Update SRG-OS-000480-GPOS-00232 for RHEL9 STIG (#8403)
  • Add sudoers_default_includedir rule support to SLE12 and SLE15 platforms (#8406)
  • SUSE Group init_module and finit_module audit rules. (#8407)
  • Update SRG-OS-000031-GPOS-00012 for RHEL9 STIG (#8414)
  • Update SRG-OS-000445-GPOS-00199 for RHEL9 STIG (#8415)
  • Update SRG-OS-000370-GPOS-00155 for RHEL9 STIG (#8422)
  • Update SRG-OS-000437-GPOS-00194 for RHEL9 STIG (#8416)
  • Update SRG-OS-000445-GPOS-00199 (#8439)
  • Add a rule to STIG profile in OL8 and RHEL8 (#8447)
  • SRG-OS-000349-GPOS-00137 for RHEL 9 STIG (#8471)
  • Add auid criteria to rules related to syscall audit rules (#8327)
  • remove redundant rule from HIPAA profiles (#8509)
  • Update SRG-OS-000120-GPOS-00061 for RHEL 9 STIG (#8514)
  • align RHEL8 OSPP with certification requirements (#8508)
  • Fix broken Oracle Linux doc links. (#8538)
  • For sle systems the etc shadow is group shadow (#8554)
  • Enable for ansible and bash remediation for SLE15 and SLE12. (#8545)
  • consistent perm_x product filtering (#8607)
  • Update SRG-OS-000114-GPOS-00059 for RHEL 9 STIG (#8505)
  • strip trailing blank lines for some templated audit rules (#8805)
  • Update SRG-OS-000032-GPOS-00013 for RHEL9 STIG (#8363)
  • Add auid criteria to rules related to syscall audit rules (#8327)

Changes in Remediations

  • Use UID field for bash remediation of homedirs (#8398)
  • SUSE disable_users_coredumps enable bash remediation for sle. (#8558)
  • consistent perm_x product filtering (#8607)
  • Remediation and improvement for file_permissions_home_dirs rule (#7963)
  • fix ansible remediation of enable_dracut_fips_module (#8823)

Changes in the Infrastructure

  • Add 
     tag HTML element to STIG mapping tables (#8367)
  • Remove reference to a nonexistent file (#8370)
  • Unify a custom_command (#8357)
  • Like the docs requirments GitPod should also use https vs the lagecy git protocol (#8440)
  • Update utils/create_srg_export.py (#8437)
  • Build data stream without OpenSCAP (#8364)
  • Improve the list of HTML guides (#8460)
  • Remove update_sds_version.py (#8369)
  • Add new GH job to generate XLSX table and HTML page with SRG mapping (#8326)
  • Fix index page generation for guides artifacts. (#8533)
  • Organize fix text macros (#8529)
  • Load any *.jinja file and organize macros (#8576)
  • Add cce to srg export (#8571)
  • Full Support Variables in SRG Export (#8635)
  • utils/compare_results.py to work with --stig-viewer results and print rule identifiers (#8634)
  • Fix variable substitution in SRG export (#8683)
  • Add custom requirement (#8705)
  • GH actions nightly builds (#8137)

Changes in the Test Suite

  • Test template filtering (#8052)
  • Fix same shadow field bug in tests (#8458)
  • Add Centos Stream 8/9 support in install_vm script (#8481)
  • Add templated tests for dconf_ini_file (#8740)
  • Cleanup tests package installed or removed (#8752)
  • Cleanup duplicate scenarios for sshd_lineinfile template (#8742)
  • Include snapshot cleanup functions for SSGTS (#8729)
  • test scenario adjustments for file_permissions template (#8750)
  • Cleanup custom kernel_module_disabled scenarios (#8753)
  • Add templated test scenarios for shell_lineinfile template (#8754)
  • Remove similar test scenarios on rules templated by file_groupownership (#8755)
  • SSGTS: Update to handle CentOS CPEs and fix prefix name of snapshots wrt podman limitation (#8767)
  • Add template mode to SSGTS (#8730)
  • Remove redundant custom test scenarios for service enabled/disabled rules (#8760)

Documentation

  • Fix docs build (#8402)
  • Document GHA release process (#8096)
  • Add docuemntion for Pandas dependancy (#8544)
  • Point the docs to new jinja macro files (#8577)
  • Remove Link Checker from README (#8745)
Check out latest releases or
releases around ComplianceAsCode/content v0.1.62

Don't miss a new content release

NewReleases is sending notifications on new releases.

Get notifications