Oracle Linux 6134 Published by

A scap-security-guide bug fix and enhancement update has been released for Oracle Linux 8.

El-errata: ELBA-2023-0829 Oracle Linux 8 scap-security-guide bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2023-0829

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:




Description of changes:

- Update rules dealing with sshd_config to look into files added to the include
keyword [Orabug: 34893225]
- Update remediation in sebool_secure_mode_insmod which wasn't letting the system boot when
running anssi-high profile [Orabug: 34893225]
- Update OL stig profile rule selection remove sshd_disable_compression [Orabug: 35017186]
- Introduce new rules, sshd_use_approved_kex_ordered_stig, configure_bashrc_tmux,
configure_tmux_lock_keybinding [Orabug: 35017186]
- Update rules modifying pam files to handle /etc/pam.d/system-auth precedence over
other configuration files [Orabug: 35017186]
- Update version of stig profiles to V1R5 [Orabug: 35017186]

- Unselect rule logind_session_timeout (RHBZ#2168079)

- Rebase to a new upstream release 0.1.66 (RHBZ#2168079)
- Update RHEL8 STIG profile to V1R9 (RHBZ#2168075)
- Fix levels of CIS rules (RHBZ#2168072)
- Remove unused RHEL8 STIG control file (RHBZ#2168069)
- Fix handling of space in sudo_require_reauthentication (RHBZ#2168066)
- Add rule for audit immutable login uids (RHBZ#2168063)
- Fix remediation of audit watch rules (RHBZ#2168060)
- Align file_permissions_sshd_private_key with DISA Benchmark (RHBZ#2168057)
- Fix applicability of kerberos rules (RHBZ#2168054)
- Add support rainer scripts in rsyslog rules (RHBZ#2168050)