From 24a006da14e183fe2092cfc50daad0f8bde83d19 Mon Sep 17 00:00:00 2001 From: mboelen Date: Wed, 14 Oct 2015 10:30:04 +0200 Subject: [PATCH] Updated log with latest changes --- CHANGELOG | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 0a6213e4..46874141 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -17,7 +17,7 @@ ================================================================================ - = Lynis 2.2.0 (release in development) = + = Lynis 2.1.x (2.2.0 release in development) = This is an major release, which includes both new features and enhancements to existing tests. @@ -30,8 +30,21 @@ Depending on the operating system, Lynis now tries to determine if failed logins are properly logged. This includes checking for /etc/login.defs [AUTH-9408]. Merged password check on Solaris into AUTH-9228. + PAM settings are now analyzed, including: + - Two-factor authentication methods + - Minimum password length, password strength and protection status against brute force cracking + report option: auth_failed_logins_logged + * Compliance + ------------ + Added new compliance_standards option to default.prf, to define if compliance testing should be performed, and for which standards. + + Right now these (partial) standards are included: + - HIPAA + - ISO27001/ISO27002 + - PCI-DSS + * DNS and Name services ----------------------- Support added for Unbound DNS caching tool [NAME-4034] @@ -45,7 +58,7 @@ * Malware --------- - LMD (Linux Malware Detect) is now recognized as a malware scanner + ESET and LMD (Linux Malware Detect) is now recognized as a malware scanner. Discovered malware scanners are now also logged to the report. * Mount points -------------- @@ -76,15 +89,19 @@ [BOOT-5180] Only gets executed if runlevel 2 is found [CONT-8108] New test to test for Docker file permissions [FILE-6410] Added /var/lib/locatedb as search path + [HOME-9310] Use POSIX compatible flags to avoid errors on BusyBox [MALW-3278] New test to detect LMD (Linux Malware Detect) [SHLL-6230] Test for umask values in shell configuration files (e.g. rc files) [TIME-3104] Show only suggestion on FreeBSD systems if ntpdate is configured, yet ntpd isn't running * Functions ----------- - [ExitCustom] New function to allow program to exit with a different exit code, depending on outcome. - [ReportSuggestion] Allows two additional parameters to store details (text and external reference to a solution) - [ReportWarning] Like ReportSuggestion() has additional parameters + [DigitsOnly] New function to extract only numbers from a text string + [DisplayManual] New function to show text on screen without any markup + [ExitCustom] New function to allow program to exit with a different exit code, depending on outcome + [ReportSuggestion] Allows two additional parameters to store details (text and external reference to a solution) + [ReportWarning] Like ReportSuggestion() has additional parameters + [ShowComplianceFinding] Display compliance findings * General improvements ----------------------