Oracle Linux 6202 Published by

A scap-security-guide bug fix and enhancement update has been released for Oracle Linux 7.

El-errata: ELBA-2023-1099 Oracle Linux 7 scap-security-guide bug fix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2023-1099

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:



Description of changes:

- Rebase to a new Red Hat errata 0.1.66-1 [Orabug: 35165879]
- Sync OL7 stig profile with DISA STIG v2r10 [Orabug: 35049052]
- Update rhel7 project profiles to use oracle gpgkey [Orabug: 33612582]
- Update rhel7 profiles to generate Oracle Linux 7 content [Orabug: 33612582]
- Update source to generate Oracle Linux 7 content [Orabug: 33612582]
- Use separate rule for each audit syscall in pci-dss profile [Orabug: 33612582]
- Add ntpd and chronyd OL approved servers support [Orabug: 33612582]
- Add UEFI boot loader rules to Oracle Linux 7 profiles [Orabug: 33612582]
- Fix OL7 mapping in stable_profile_ids test [Orabug: 33612582]
- Update OL7 Essential Eight profile [Orabug: 33612582]
- Disable cis profile [Orabug: 33612582]
- Disable new CIS and stig_gui profiles for RHEL7 product [Orabug: 34195638]
- Update regex for audit_rules_suid_privilege_function rule [Orabug: 34664858]

- Rebase to a new upstream release 0.1.66 (RHBZ#2158410)
- Update RHEL7 STIG profile to V3R10 (RHBZ#2152657)
- Align file_permissions_sshd_private_key with DISA Benchmark (RHBZ#2123284)
- Fix remediation of audit watch rules (RHBZ#2123367)
- Fix check firewalld_sshd_port_enabled (RHBZ#2158410)
- Fix accepted control flags for pam_pwhistory (RHBZ#2158410)
- Unselect rule logind_session_timeout (RHBZ#2158410)
- Add support rainer scripts in rsyslog rules (RHBZ#2170038)