Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

lynis-3.1.1-1.2 RPM for noarch

From OpenSuSE Tumbleweed for noarch

Name: lynis Distribution: openSUSE Tumbleweed
Version: 3.1.1 Vendor: openSUSE
Release: 1.2 Build date: Sun Mar 17 12:15:28 2024
Group: System/Monitoring Build host: reproducible
Size: 1794852 Source RPM: lynis-3.1.1-1.2.src.rpm
Packager: https://bugs.opensuse.org
Url: https://cisofy.com/lynis/
Summary: Security and System auditing tool
 
Lynis is a security and system auditing tool. It scans a system on the
most interesting parts useful for audits, like:
     - Security enhancements
     - Logging and auditing options
     - Banner identification
     - Software availability

Provides

Requires

License

GPL-3.0-only

Changelog

* Sun Mar 17 2024 Robert Frohl <rfrohl@suse.com>
  - Update to 3.1.1:
    * Added
    - Detection of ArcoLinux
    * Changed
    - DBS-1882 - Redis configuration file path added for FreeBSD (/usr/local/etc/redis.conf)
    - DBS-1882 - Check /snap directory location for Redis configuration file
* Mon Mar 11 2024 Robert Frohl <rfrohl@suse.com>
  - Update to 3.1.0:
    * Added
    - Translation: Indonesian
    * Changed
    - MALW-3280 - Correction to detect com.avast.daemon
    - OS detection added for Guix System, macOS Ventura (13.x)/Sonoma (14.x), NXP
      LSDK, OpenEmbedded "nodistro", and The Yocto Projects distro "Poky"
    - Updated Amazon Linux EOL dates and addition of Amazon Linux 2023
    - STATUS_NOT_ACTIVE variable added to translation files
    - End-of-life dates updated
    - Fixing missing or erroneous test number comments
    - Detection of SentinelOne corrected
    - Wazuh for file integrity and tooling
    - Updated parsing output of arch-audit
    - Added support for SentinelOne detection
    - Replacing deprecated option -i for xargs
    - Path detection for PostgreSQL improved
  - Updated additional_module_blacklist_locations.patch
* Fri Mar 01 2024 pgajdos@suse.com
  - Use %patch -P N instead of deprecated %patchN.
* Sun Nov 12 2023 Dirk Müller <dmueller@suse.com>
  - add missing gawk dependency
* Thu Aug 03 2023 Robert Frohl <rfrohl@suse.com>
  - Update to 3.0.9:
    * Changed
    - DBS-1820 - Added newer style format for Mongo authorization setting
    - FILE-6410 - Locations added for plocate
    - SSH-7408 - Only test Compression if sshd version < 7.4
    - Improved fetching timestamp
    - Minor changes such as typos
* Tue May 17 2022 Robert Frohl <rfrohl@suse.com>
  - Update to 3.0.8:
    * Added
    - MALW-3274 - Detect McAfee VirusScan Command Line Scanner
    - PKGS-7346 Check Alpine Package Keeper (apk)
    - PKGS-7395 Check Alpine upgradeable packages
    - EOL for Alpine Linux 3.14 and 3.15
    * Changed
    - AUTH-9408 - Check for pam_faillock as well (replacement for pam_tally2)
    - FILE-7524 - Test enhanced to support symlinks
    - HTTP-6643 - Support ModSecurity version 2 and 3
    - KRNL-5788 - Only run relevant tests and improved logging
    - KRNL-5820 - Additional path for security/limits.conf
    - KRNL-5830 - Check for /var/run/needs_restarting (Slackware)
    - KRNL-5830 - Add a presence check for /boot/vmlinuz
    - PRNT-2308 - Bugfix that prevented test from storing values correctly
    - Extended location of PAM files for AARCH64
    - Some messages in log improved
  - accepted upstream, removed additional_paths_security-limits.patch
* Fri Feb 04 2022 Robert Frohl <rfrohl@suse.com>
  - cover /usr/etc/security/limits.conf too (boo#1194446)
    added additional_paths_security-limits.patch
* Tue Jan 18 2022 Robert Frohl <rfrohl@suse.com>
  - Update to 3.0.7:
    * Added
    - MALW-3290 - Show status of malware components
    - OS detection for RHEL 6 and Funtoo Linux
    - Added service manager openrc
    * Changed
    - DBS-1804 - Added alias for MariaDB
    - FINT-4316 - Support for newer Ubuntu versions
    - MALW-3280 - Added Trend Micro malware agent
    - NETW-3200 - Allow unknown number of spaces in modprobe blacklists
    - PKGS-7320 - Support for Garuda Linux and arch-audit
    - Several improvements for busybox shell
    - Russian translation of Lynis extended
  - replace 0x429A566FD5B79251 with 0x9DE922F1C2FDE6C4 in lynis.keyring
    according to https://packages.cisofy.com/
  - update additional_module_blacklist_locations.patch
* Wed Oct 13 2021 Johannes Segitz <jsegitz@suse.com>
  - Add additional_module_blacklist_locations.patch to check fo blacklisted
    modules under /usr/lib/modules.d
* Mon Oct 11 2021 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.0.6:
    * Added
    - OS detection: Artix Linux, macOS Monterey, NethServer, openSUSE MicroOS
    - Check for outdated translation files
    * Changed
    - DBS-1826 - Check if PostgreSQL is being used
    - DBS-1828 - Test multiple PostgreSQL configuration file(s)
    - KRNL-5830 - Sort kernels by version instead of modification date
    - PKGS-7410 - Don't show exception for systems using LXC
    - GetHostID function: fallback options added for Linux systems
    - Fix: show correct text when egrep is missing
    - Fix: variable name for PostgreSQL
* Thu Sep 16 2021 Johannes Segitz <jsegitz@suse.com>
  - Changed tests_binary_rpath to subtract points for files found with RPATH set,
    not add points for files that are configured correctly. This resulted in a
    huge number of points that skewed the overal result
* Sat Jul 03 2021 Andreas Stieger <andreas.stieger@gmx.de>
  - fix SLE 12 build
* Fri Jul 02 2021 Robert Frohl <rfrohl@suse.com>
  - Update to 3.0.5
    * Added
    - OS detection of Arch Linux 32, BunsenLabs Linux, and Rocky Linux
    - CRYP-8006 - Check MemoryOverwriteRequest bit to protect against cold-boot
    attacks (Linux)
    * Changed
    - ACCT-9622 - Corrected typo
    - HRDN-7231 - When calling wc, use the short -l flag instead of --lines
      (Busybox compatibility)
    - PKGS-7320 - extended to Arch Linux 32
    - Generation of host identifiers (hostid/hostid2) extended
    - Linux host identifiers are now using ip as preferred input source
    - Improved logging in several areas
* Tue May 11 2021 Johannes Segitz <jsegitz@suse.com>
  - Update to 3.0.4
    * Added
    - ACCT-9670 - Detection of cmd tooling
    - ACCT-9672 - Test cmd configuration file
    - BOOT-5140 - Check for ELILO boot loader presence
    - OS detection of AlmaLinux, Garuda Linux, Manjaro (ARM), and others
    * Changed
    - BOOT-5104 - Add service manager detection support for runit
    - FILE-6430 - Report suggestion only when at least one kernel module is not in the blacklist
    - FIRE-4540 - Corrected nftables empy ruleset test
    - LOGG-2138 - Do not check for klogd when metalog is being used
    - TIME-3185 - Improved support for Debian stretch
    - Corrected issue when Lynis is not executed directly from lynis directory
* Thu Jan 07 2021 Alexandros Toptsoglou <atoptsoglou@suse.com>
  - Update to 3.0.3
    * Added
    - Check for registered non-native binary formats
    - OS detection of Parrot GNU/Linux
    * Changed
    - Force test to check only password authentication
    - Support for NetBSD
    * Fixed: command 'configure settings' did not work as intended
* Mon Jan 04 2021 Robert Frohl <rfrohl@suse.com>
  - Update to 3.0.2
    * Added
    - Scan for locked user accounts in /etc/passwd
    - Loghost configuration
    - Check for active Suricata daemon
    - OS detection of Flatcar, IPFire, Mageia, NixOS, ROSA Linux, SLES (extended), Void Linux, Zorin OS
    - OS detection of OpenIndiana (Hipster and Legacy), Shillix, SmartOS, Tribblix, and others
    - EOL dates for Alpine, macOS, Mageia, OmniosCE, and Solaris 11
    - Support for Solaris svcs (service manager)
    - Enumeration of Solaris services
    * Changed
    - Detect sysstat systemd unit
    - Only fail if both SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are undefined
    - Support for Solaris
    - Improved reboot test by ignoring known bad values
    - Ignore rescue kernel such as on CentOS systems
    - Detection of Alpine Linux kernel
    - Compatibility change for hostname check
    - Support for Solaris
    - Don't show exception if no kernels were found on the disk
    - Supports now checking files at multiple locations (systemd)
    - ParseNginx function: Support include on absolute paths
    - ParseNginx function: Ignore empty included wildcards
    - Set 'RHEL' as OS_NAME for Red Hat Enterprise Linux
    - HostID: Use first e1000 interface and break after match
    - Translations extended and updated
    - Test if pgrep exists before using it
    - Better support for busybox shell
    - Small code enhancements

Files

/etc/lynis
/etc/lynis/default.prf
/usr/bin/lynis
/usr/share/doc/packages/lynis
/usr/share/doc/packages/lynis/CHANGELOG.md
/usr/share/doc/packages/lynis/CONTRIBUTORS.md
/usr/share/doc/packages/lynis/FAQ
/usr/share/doc/packages/lynis/README
/usr/share/licenses/lynis
/usr/share/licenses/lynis/LICENSE
/usr/share/lynis
/usr/share/lynis/db
/usr/share/lynis/db/dbus-whitelist.db
/usr/share/lynis/db/fileperms.db
/usr/share/lynis/db/hints.db
/usr/share/lynis/db/integrity.db
/usr/share/lynis/db/languages
/usr/share/lynis/db/languages/az
/usr/share/lynis/db/languages/br
/usr/share/lynis/db/languages/cn
/usr/share/lynis/db/languages/da
/usr/share/lynis/db/languages/de
/usr/share/lynis/db/languages/de-AT
/usr/share/lynis/db/languages/en
/usr/share/lynis/db/languages/en-GB
/usr/share/lynis/db/languages/en-US
/usr/share/lynis/db/languages/es
/usr/share/lynis/db/languages/fi
/usr/share/lynis/db/languages/fr
/usr/share/lynis/db/languages/gr
/usr/share/lynis/db/languages/he
/usr/share/lynis/db/languages/hu
/usr/share/lynis/db/languages/id
/usr/share/lynis/db/languages/it
/usr/share/lynis/db/languages/ja
/usr/share/lynis/db/languages/ko
/usr/share/lynis/db/languages/nb-NO
/usr/share/lynis/db/languages/nl
/usr/share/lynis/db/languages/nl-BE
/usr/share/lynis/db/languages/nl-NL
/usr/share/lynis/db/languages/pl
/usr/share/lynis/db/languages/pt
/usr/share/lynis/db/languages/ru
/usr/share/lynis/db/languages/se
/usr/share/lynis/db/languages/sk
/usr/share/lynis/db/languages/tr
/usr/share/lynis/db/malware-susp.db
/usr/share/lynis/db/malware.db
/usr/share/lynis/db/sbl.db
/usr/share/lynis/db/software-eol.db
/usr/share/lynis/db/tests.db
/usr/share/lynis/include
/usr/share/lynis/include/binaries
/usr/share/lynis/include/consts
/usr/share/lynis/include/data_upload
/usr/share/lynis/include/functions
/usr/share/lynis/include/helper_audit_dockerfile
/usr/share/lynis/include/helper_configure
/usr/share/lynis/include/helper_generate
/usr/share/lynis/include/helper_show
/usr/share/lynis/include/helper_system_remote_scan
/usr/share/lynis/include/helper_update
/usr/share/lynis/include/osdetection
/usr/share/lynis/include/parameters
/usr/share/lynis/include/profiles
/usr/share/lynis/include/report
/usr/share/lynis/include/tests_accounting
/usr/share/lynis/include/tests_authentication
/usr/share/lynis/include/tests_banners
/usr/share/lynis/include/tests_binary_rpath
/usr/share/lynis/include/tests_boot_services
/usr/share/lynis/include/tests_containers
/usr/share/lynis/include/tests_crypto
/usr/share/lynis/include/tests_custom.template
/usr/share/lynis/include/tests_databases
/usr/share/lynis/include/tests_dns
/usr/share/lynis/include/tests_file_integrity
/usr/share/lynis/include/tests_file_permissions
/usr/share/lynis/include/tests_file_permissionsDB
/usr/share/lynis/include/tests_file_permissions_ww
/usr/share/lynis/include/tests_filesystems
/usr/share/lynis/include/tests_firewalls
/usr/share/lynis/include/tests_hardening
/usr/share/lynis/include/tests_homedirs
/usr/share/lynis/include/tests_insecure_services
/usr/share/lynis/include/tests_kernel
/usr/share/lynis/include/tests_kernel_hardening
/usr/share/lynis/include/tests_ldap
/usr/share/lynis/include/tests_logging
/usr/share/lynis/include/tests_mac_frameworks
/usr/share/lynis/include/tests_mail_messaging
/usr/share/lynis/include/tests_malware
/usr/share/lynis/include/tests_memory_processes
/usr/share/lynis/include/tests_nameservices
/usr/share/lynis/include/tests_network_allowed_ports
/usr/share/lynis/include/tests_networking
/usr/share/lynis/include/tests_php
/usr/share/lynis/include/tests_ports_packages
/usr/share/lynis/include/tests_printers_spoolers
/usr/share/lynis/include/tests_scheduling
/usr/share/lynis/include/tests_shells
/usr/share/lynis/include/tests_snmp
/usr/share/lynis/include/tests_squid
/usr/share/lynis/include/tests_ssh
/usr/share/lynis/include/tests_storage
/usr/share/lynis/include/tests_storage_nfs
/usr/share/lynis/include/tests_system_dbus
/usr/share/lynis/include/tests_system_integrity
/usr/share/lynis/include/tests_system_proc
/usr/share/lynis/include/tests_time
/usr/share/lynis/include/tests_tmp_symlinks
/usr/share/lynis/include/tests_tooling
/usr/share/lynis/include/tests_usb
/usr/share/lynis/include/tests_users_wo_password
/usr/share/lynis/include/tests_virtualization
/usr/share/lynis/include/tests_webservers
/usr/share/lynis/include/tool_tips
/usr/share/lynis/plugins
/usr/share/lynis/plugins/README
/usr/share/lynis/plugins/custom_plugin.template
/usr/share/lynis/prepare_for_suse.sh
/usr/share/man/man8/lynis.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed May 1 23:23:10 2024