[El-errata] ELBA-2022-6576 Oracle Linux 7 scap-security-guide bug fix and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Oct 7 03:59:52 UTC 2022


Oracle Linux Bug Fix Advisory ELBA-2022-6576

http://linux.oracle.com/errata/ELBA-2022-6576.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
scap-security-guide-0.1.63-1.0.1.el7_9.noarch.rpm
scap-security-guide-doc-0.1.63-1.0.1.el7_9.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/scap-security-guide-0.1.63-1.0.1.el7_9.src.rpm



Description of changes:

[0.1.63-1.0.1]
- Update rhel7 project profiles to use oracle gpgkey [Orabug: 33612582]
- Update rhel7 profiles to generate Oracle Linux 7 content [Orabug: 33612582]
- Update source to generate Oracle Linux 7 content [Orabug: 33612582]
- Use separate rule for each audit syscall in pci-dss profile [Orabug: 33612582]
- Add ntpd and chronyd OL approved servers support [Orabug: 33612582]
- Add UEFI boot loader rules to Oracle Linux 7 profiles [Orabug: 33612582]
- Fix OL7 mapping in stable_profile_ids test [Orabug: 33612582]
- Update OL7 Essential Eight profile [Orabug: 33612582]
- Disable cis profile [Orabug: 33612582]
- Disable new CIS and stig_gui profiles for RHEL7 product [Orabug: 34195638]
- Bump OL7 STIG profile version to v2r8 [Orabug: 34492873]
- Allow configurations in sudo rules to appear in multiple files [Orabug: 34492873]
- Update OVAL content for auditd_name_format rule [Orabug: 34664858]
- Update regex for audit_rules_suid_privilege_function rule [Orabug: 34664858]
- Introduce mount_option_home template [Orabug: 34664858]
- Introduce support for "at"-includes in sudoers files [Orabug: 34664858]

[0.1.63-1]
- Update to the latest upstream release (RHBZ#2116359)
- Fix SSH Key permissions (RHBZ#2021258)
- Remove PCI-DSS Benchmark(RHBZ2038165)
- Updated source of CVE data feed(RHBZ#2028432)
- Improved alignment with DISA's RHEL7 STIG(RHBZ#1967950)
- Update RHEL7 STIG profile to v3r8 (RHBZ#2112939)
- Add warning how to override audit buffer (RHBZ#1993822)
- Fix smartcard_auth rule for systems installed without authconfig (RHBZ#2116359)
- Fix check of enable_fips_mode on s390x (RHBZ#2116359)
- Fix applicability of pam_pkcs11 and grub2 rules on s390x (RHBZ#2116359)




More information about the El-errata mailing list