Linux Baseline Versions Save

DevSec Linux Baseline - InSpec Profile

2.8.3

1 year ago

Changelog

2.8.3 (2022-09-29)

Full Changelog

Fixed bugs:

fix handling of sysctl fs.protected_fifos and fs.protected_regular #172 (schurzi)

Closed issues:

Remove control 'os-08' because entropy is always at 256 #176
How to deal with squashfs in Ubuntu 22 #174
why keep_logs? #171
sysctl-34 - fs.protected_regular is Ubuntu specific #170

Merged pull requests:

remove entropy-test #177 (rndmh3ro)
only disable SquashFS if it's not needed #175 (schurzi)
Change linting to Cookstyle #169 (schurzi)
Improve SUID find #168 (magmax)

2.8.2

2 years ago

Changelog

2.8.2 (2022-01-12)

Full Changelog

Merged pull requests:

missing inputs changed #167 (micheelengronne)

* This Changelog was automatically generated by github_changelog_generator

2.8.1

2 years ago

Changelog

2.8.1 (2022-01-12)

Full Changelog

Closed issues:

Add checks for mount options (noexec, nosuid, nodev) #163
Ensure links are protected #159

Merged pull requests:

use input instead of attribute #166 (micheelengronne)
feat(os-14) add rule to check noexec, nosuid and nodev mount options #164 (cmhe)
added sysctl-34 for checking link protection settings #160 (cmhe)

* This Changelog was automatically generated by github_changelog_generator

2.8.0

2 years ago

Changelog

2.8.0 (2021-05-06)

Full Changelog

Implemented enhancements:

remove sysctl-18 - ipv6 no longer needs to be disabled #155 (schurzi)
Disable source routing for IPv6. #152 (joubbi)

Closed issues:

Remove package-07 test #149

Merged pull requests:

remove control package-07 #154 (rndmh3ro)
fix rubocop error for Rakefile #153 (schurzi)
add dependency to chef-config for CI #151 (schurzi)

* This Changelog was automatically generated by github_changelog_generator

2.7.0

3 years ago

Changelog

2.7.0 (2021-02-22)

Full Changelog

Implemented enhancements:

add cron permissions hardening #150 (rndmh3ro)

* This Changelog was automatically generated by github_changelog_generator

2.6.4

3 years ago

Changelog

2.6.4 (2021-02-02)

Full Changelog

Closed issues:

os-06: Check for SUID/ SGID blacklist control previously passing is now falling #146

Merged pull requests:

use version tag for changelog action #148 (schurzi)

* This Changelog was automatically generated by github_changelog_generator

2.6.3

3 years ago

Changelog

2.6.3 (2021-01-29)

Full Changelog

Merged pull requests:

fix super call #147 (schurzi)

* This Changelog was automatically generated by github_changelog_generator

2.6.2

3 years ago

Changelog

2.6.2 (2021-01-29)

Full Changelog

Merged pull requests:

update code to conform to new linting rules #145 (schurzi)
add github action for testing #144 (rndmh3ro)
Fix tiny typo #143 (danwit)

* This Changelog was automatically generated by github_changelog_generator

2.6.1

3 years ago

Changelog

2.6.1 (2020-12-28)

Full Changelog

Merged pull requests:

Allow arp_ignore = 2 #142 (mcgege)

* This Changelog was automatically generated by github_changelog_generator

2.6.0

3 years ago

Changelog

2.6.0 (2020-12-16)

Full Changelog

Implemented enhancements:

feat(osbaseline): support validation for cpu vulnerabilities #138 (imjoseangel)

Closed issues:

cpu-vulnerability-directory (1 failed) - Ubuntu #139
Support for validation of cpu vulnerabilities #114

Merged pull requests:

only check cpu vulnerabilities if not in container #141 (schurzi)

* This Changelog was automatically generated by github_changelog_generator