[El-errata] ELBA-2024-0987 Oracle Linux 8 scap-security-guide bug fix and enhancement update

[Errata Announcements for Oracle Linux]

Oracle Linux Bug Fix Advisory ELBA-2024-0987

http://linux.oracle.com/errata/ELBA-2024-0987.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
scap-security-guide-0.1.72-2.0.1.el8_9.noarch.rpm
scap-security-guide-doc-0.1.72-2.0.1.el8_9.noarch.rpm

aarch64:
scap-security-guide-0.1.72-2.0.1.el8_9.noarch.rpm
scap-security-guide-doc-0.1.72-2.0.1.el8_9.noarch.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//scap-security-guide-0.1.72-2.0.1.el8_9.src.rpm



Description of changes:

[0.1.72-2.0.1]
- Rebase oracle patches to 0.1.72-2 [Orabug: 36343817]
- Add automation content for account_password_pam_faillock_system_auth
  & account_password_pam_faillock_password_auth rules [Orabug: 36237375]
- Make sssd rules look into /etc/sssd/conf.d/*.conf files for the desired
  configuration [Orabug: 36237375]

[0.1.72-2]
- Unlist profiles no longer maintained in RHEL8.

[0.1.72-1]
- Rebase to a new upstream release 0.1.72 (RHEL-25250)
- Increase CIS standards coverage regarding SSH and cron (RHEL-1314)
- Increase compatibility of accounts_tmout rule for ksh (RHEL-16896 and RHEL-1811)
- Align Ansible and Bash remediation in sssd_certificate_verification rule (RHEL-1313)
- Add a warning to rule service_rngd_enabled about rule applicability (RHEL-1819)
- Add rule to terminate idle user sessions after defined time (RHEL-1801)
- Allow spaces around equal sign in /etc/sudoers (RHEL-1904)
- Add remediation for rule fapolicy_default_deny (RHEL-1817)
- Fix invalid syntax in file /usr/share/scap-security-guide/ansible/rhel8-playbook-ospp.yml (RHEL-19127)
- Refactor ensure_pam_wheel_group_empty (RHEL-1905)
- Prevent remediation of display_login_attempts rule from creating redundant configuration entries (RHEL-1809)
- Update PCI-DSS to v4 (RHEL-1808)
- Fix regex in Ansible remediation of configure_ssh_crypto_policy (RHEL-1820)