tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-25 14:54:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updated log

Browse Source
This commit is contained in:
Michael Boelen 2019-08-21 14:08:25 +02:00
parent d3464d88b1
commit 7eba5df9b2
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
CHANGELOG.md
View File

@ -6,15 +6,29 @@ This is a major release of Lynis and includes several big changes.
Some of these changes may break your current usage of the tool, so test before Some of these changes may break your current usage of the tool, so test before
deployment! deployment!
### Breaking changes ### Breaking change: Non-interactive by default
- Some commands or switches are deprecated or removed Lynis now runs non-interactive by default, to be more in line with the Unix
- Format of all profile options converted (from key:value to key=value) philosophy. So the previously used '--quick' option is now default, and the tool
- Non-interactive by default (use --wait option to pause between groups of tests) will only wait when using the '--wait' option.
### Breaking change: Deprecated options
- Option: -c
- Option: --check-update/--info
- Option: --dump-options
- Option: --license-key
### Breaking change: Profile options
The format of all profile options are converted (from key:value to key=value).
You may have to update the changes you made in your custom.prf.
### Security ### Security
An important focus area for this release is on security. We added several An important focus area for this release is on security. We added several
measures to further tighten any possible misuse. measures to further tighten any possible misuse.
## New: DevOps, Forensics, and pentesting mode
This release adds initial support to allow defining a specialized type of audit.
Using the relevant options, the scan will change base on the intended goal.
### Added ### Added
- Security: test PATH and warn or exit on discovery of dangerous location - Security: test PATH and warn or exit on discovery of dangerous location
- Security: additional safeguard by testing if common system tools are available - Security: additional safeguard by testing if common system tools are available
@ -31,7 +45,7 @@ measures to further tighten any possible misuse.
- New option: --usecwd - run from the current working directory - New option: --usecwd - run from the current working directory
- New profile option: disable-plugin - disables a single plugin - New profile option: disable-plugin - disables a single plugin
- New profile option: ssl-certificate-paths-to-ignore - ignore a path - New profile option: ssl-certificate-paths-to-ignore - ignore a path
- New test: CRYP-7930 - disk or file system encryption testing - New test: CRYP-7930 - test for LUKS encryption
- New test: INSE-8314 - test for NIS client - New test: INSE-8314 - test for NIS client
- New test: INSE-8316 - test for NIS server - New test: INSE-8316 - test for NIS server
- New test: PROC-3802 - check presence of prelink tooling - New test: PROC-3802 - check presence of prelink tooling