Oracle Linux 6134 Published by

A scap-security-guide bug fix and enhancement update has been released for Oracle Linux 8.



El-errata: ELBA-2023-0829 Oracle Linux 8 scap-security-guide bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2023-0829

  http://linux.oracle.com/errata/ELBA-2023-0829.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
scap-security-guide-0.1.66-2.0.1.el8_7.noarch.rpm
scap-security-guide-doc-0.1.66-2.0.1.el8_7.noarch.rpm

aarch64:
scap-security-guide-0.1.66-2.0.1.el8_7.noarch.rpm
scap-security-guide-doc-0.1.66-2.0.1.el8_7.noarch.rpm

SRPMS:
  http://oss.oracle.com/ol8/SRPMS-updates//scap-security-guide-0.1.66-2.0.1.el8_7.src.rpm


Description of changes:

[0.1.66-2.0.1]
- Update rules dealing with sshd_config to look into files added to the include
keyword [Orabug: 34893225]
- Update remediation in sebool_secure_mode_insmod which wasn't letting the system boot when
running anssi-high profile [Orabug: 34893225]
- Update OL stig profile rule selection remove sshd_disable_compression [Orabug: 35017186]
- Introduce new rules, sshd_use_approved_kex_ordered_stig, configure_bashrc_tmux,
configure_tmux_lock_keybinding [Orabug: 35017186]
- Update rules modifying pam files to handle /etc/pam.d/system-auth precedence over
other configuration files [Orabug: 35017186]
- Update version of stig profiles to V1R5 [Orabug: 35017186]

[0.1.66-2]
- Unselect rule logind_session_timeout (RHBZ#2168079)

[0.1.66-1]
- Rebase to a new upstream release 0.1.66 (RHBZ#2168079)
- Update RHEL8 STIG profile to V1R9 (RHBZ#2168075)
- Fix levels of CIS rules (RHBZ#2168072)
- Remove unused RHEL8 STIG control file (RHBZ#2168069)
- Fix handling of space in sudo_require_reauthentication (RHBZ#2168066)
- Add rule for audit immutable login uids (RHBZ#2168063)
- Fix remediation of audit watch rules (RHBZ#2168060)
- Align file_permissions_sshd_private_key with DISA Benchmark (RHBZ#2168057)
- Fix applicability of kerberos rules (RHBZ#2168054)
- Add support rainer scripts in rsyslog rules (RHBZ#2168050)

_______________________________________________