Releases: ansible-lockdown/RHEL8-STIG
Releases · ansible-lockdown/RHEL8-STIG
Final - STIG V1R13 release
STIG Version1 Release 13 release - Jan 24
Remediate
Pre-commit updates
new workflow configurations
removed jmespath dependency
Audit
Improvements and updates
What's Changed
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #276
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #285
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #286
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #288
- issues, workflow and jmespath by @uk-bolly in #291
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #290
- Updated ordering and notify location by @uk-bolly in #293
- workflow and audit updated devel to main by @uk-bolly in #292
Full Changelog: 3.3.0...3.3.1
Contributors
pre-commit-ci and uk-bolly
Assets 2
STIG V1R13 release
STIG Version1 Release 13 release - Jan 24
Main Release for v1r13 RHEL8 STIG
Remediate
- Issues closed and PRs merged - What's changed
- Pre-commit updates
- Many improvements to different controls
- Rebase required from v1r12
Audit
- Related Audit repo updated to improve tests audit binary(goss updated to latest version)
What's Changed
- Stig v1r12 release to devel by @uk-bolly in #259
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #260
- Updated RHEL-08-020050 to loop over stdout_lines. Fixes issue #261. by @Phenix66 in #262
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #264
- Meet fix text of V-244546 by @fallenpixel in #266
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #268
- April 24 issues into devel by @uk-bolly in #269
- fixed error in conditional rhel-08-020022 #271 by @uk-bolly in #272
- Merge in changes from v1r13 - Jan 24 by @uk-bolly in #274
- updated conditional 040260 by @uk-bolly in #279
- Updated of devel - DCO confirmation and signoff update by @uk-bolly in #280
- V13 merge fixes by @uk-bolly in #282
- May24 updates by @uk-bolly in #283
- Initial main release of v1r13 by @uk-bolly in #281
Full Changelog: 3.2.0...3.3.0
Contributors
fallenpixel, Phenix66, and 2 other contributors
Assets 2
STIG v1r12 - April 2024 update
STIG Version1 Release 12 release - October 23
Main Release for v1r12 RHEL8 STIG
Remediate
- Issues closed and PRs merged - What's changed
- Pre-commit updates
- Many improvements to different controls
Audit
- Audit_only ability now added to run standalone audit
- audit_only: true
- Related Audit repo updated to improve tests audit binary(goss updated to latest version)
What's Changed
- Change master to main in actions by @georgenalen in #4
- RHEL8 STIG Version 1 Release 1 by @georgenalen in #7
- Minor Fixes by @georgenalen in #11
- Devel to main by @uk-bolly in #34
- Benchmark Version 1 Rev. 2 and other fixes by @georgenalen in #44
- Added Issue and PR templates and an issue fix by @georgenalen in #49
- Benchmark 1.3 updates and issue fixes by @georgenalen in #61
- Release 2.3.1 by @georgenalen in #71
- V1.5 update by @uk-bolly in #102
- 2.5.0 Release by @georgenalen in #106
- Benchmark 1.7 and issue fixes by @georgenalen in #137
- Main updates to Benchmark v1r8 release by @uk-bolly in #155
- Devel to main release stig v1r9 by @uk-bolly in #188
- Release to main for bug fixes and improvements by @uk-bolly in #200
- Stig V1R10 Release to main by @uk-bolly in #203
- June devel to main by @uk-bolly in #206
- v1r11 updates release to main by @uk-bolly in #221
- devel - main - workflow and discord by @uk-bolly in #225
- New release devel -> main by @uk-bolly in #255
- Release of v1r12 by @uk-bolly in #275
Full Changelog: 3.1.0...3.2.0
Contributors
georgenalen and uk-bolly
Assets 2
Final STIG V1R11
STIG Version1 Release 11 release - July 23
Remediate
Issues closed and PRs merged - What's changed
Pre-commit updates
Many improvements to different controls
Update to allow Galaxy Releases for new galaxy_ng
What's Changed
- Precommit workflow by @uk-bolly in #223
- Issue #222 and tidy up by @uk-bolly in #224
- Issue 226 and alignment by @uk-bolly in #228
- Sysctl and collections by @uk-bolly in #235
- updated the workflow version and galaxy setup by @uk-bolly in #236
- Revert "fixed gnutls as per issue 196 thansk to @jmalpede" by @qwestduck in #234
- Update main.yml by @BillSkiCO in #237
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #238
- Oracle Linux rhel8stig_bootloader_path and RHEL-08-020030 fix by @BillSkiCO in #253
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #247
- Adds when criteria for rhel_08_040321 in tasks/fix-cat2.yml, to skip … by @whitehat237 in #250
- Update meta and readme due to galaxy_ng by @uk-bolly in #258
New Contributors
- @qwestduck made their first contribution in #234
- @BillSkiCO made their first contribution in #237
- @pre-commit-ci made their first contribution in #238
Full Changelog: 3.0.0...3.1.0
Contributors
qwestduck, whitehat237, and 4 other contributors
Assets 2
Stig V1R11 - release
What's Changed
- Fix typo in defaults/main by @fallenpixel in #215
- improve password check by @uk-bolly in #217
- Stig v1r11 release by @uk-bolly in #218
- July23 by @uk-bolly in #219
- Updated when on line 197 of prelim to use an or instead of and by @georgenalen in #220
New Contributors
- @fallenpixel made their first contribution in #215
#Issues:
Controls updated
- CAT2:
- 010030 - ruleid
- 010200 - ruleid
- 010201 - ruleid
- 010290 - ruleid and SSH MACS updated
- 010291 - ruleid and SSH Ciphers updated
- 010770 - ruleid
- 020035 - new control idlesession timeout new var rhel_08_020035_idlesessiontimeout
- 020041 - ruleid and tmux script update
- 030690 - ruleid and protocol options added
- 040159 - ruleid
- 040160 - ruleid
- 040342 - ruleid and SSH KEX algorithms updated
Full Changelog: 2.9.1...3.0.0
Contributors
fallenpixel, georgenalen, and uk-bolly
Assets 2
Stig V1R10 - release
Stig V1R10 Release
Contributors
Phenix66 and uk-bolly
Assets 2
Stig V1r9 release
Benchmark 1.8 Updates
STIG Benchmark Release: Version 1 Release 8
STIG Benchmark Release Date: Oct 27, 2022
Issues Fixed:
- #139 - RHEL-08-010330 & RHEL-08-010350 | SETroubleshootD Breaks
- #140 - RHEL-08-020027/020028 | SELinux Permission Discrepancies / Faillock SELinux Denials
- #142 - RHEL-08-010141 /etc/grub.d/01_users need 755 permission
- #147 - Install git
- #148 - RHEL-08-020025 and RHEL-08-020026 - The "preauth" line is NOT listed before pam_unix.so
- #151 - fstype in fix-cat2.yml set to static value "xfs" on mount tasks (Thanks to @whitehat237 for the PR with the fix idea)
Enhancements:
- Updates for new benchmark 1.8
- Updates for banner usage
- Linting updates
Contributors
whitehat237
Assets 2
Benchmark 1.7 and Issue Fixes
STIG Benchmark Release: Version 1 Release 7
STIG Benchmark Release Date: Jul 27, 2022
Issues Fixed:
- #93 - Error with RHEL-08-040137 - Failed
- #104 - README update - cloudint bug when /var noexec
- #107 - RHEL-08-020040/41 needs additional configuration.
- #109 - Broken link for the wiki for Main Variables
- #115 - List dependencies in requirements.txt
- #116 - Inconsistent YAML
- #118 - ansible-lint: 648 failure(s), 0 warning(s) on 18 files
- #124 - RHEL-08-040090 : Firewall must employ deny-all | Missing Configuration
- #125 - RHEL-08-040259: Shall not enable IPv4 Forwarding | Update configuration to latest baseline
- #126 - RHEL-08-010141: Unique Superuser Name for Maintenance | Non-Standard Configuration Method
- #127 - RHEL-08-010690 / RHEL-08-010770 | Failure in Multiple Steps
- #128 - RHEL-08-010050 Banner on Login Screen | Missing Configuration
- #130 - Question regarding RHEL-08-010290 / RHEL-08-010291: Enabling FIPS mode even if not required by STIG?
- #131 - RHEL-08-020040: TMUX Lock-Command Config | Incomplete Regex
- #133 - RHEL-08-010295: GnuTLS Encryption | Line Bug
- #134 - RHEL-08-010740: Group Ownership by Home Dir Owner | Incorrect Ownership by "Nobody" in RHEL 8.6
Enhancements:
- Benchmarks 1.7 updates
- Updates for new linting checks