mirror of https://github.com/CISOfy/lynis.git
Rewrote some changelog entries
This commit is contained in:
mboelen
parent
057b41265a
commit
a4a0f8ff5b
26
CHANGELOG
26
CHANGELOG
|
|
@ -29,24 +29,24 @@ release.
|
|||
------------
|
||||
The biggest change in this release is the optimization of several functions. It
|
||||
allows for better detection, and dealing with the quirks, of every single
|
||||
operating system. Some functions were fortified to better handle unexcepted
|
||||
results, like missing a particular binary, or not receiving a hostname.
|
||||
operating system. Some functions were fortified to handle unexcepted results
|
||||
better, like missing a particular binary, or not returning the hostname.
|
||||
|
||||
This release enables also tests to be shorter, by adding new functions. Some
|
||||
This release also enables tests to be shorter, by adding new functions. Some
|
||||
functions were renamed or slightly changed, to provide more value to the tooling.
|
||||
Another big change in this release is a wide set of optimizations and quality
|
||||
testing. Outdated pieces were removed, or rewritten, to support features seen in
|
||||
newer distributions.
|
||||
|
||||
On the level of compliance adjustments have been made to start supporting more
|
||||
In the area of compliance, adjustments have been made to start supporting more
|
||||
in-depth testing for this. Ideal for companies who have a particular compliance
|
||||
need, or want to better enforce the system hardening levels of their systems.
|
||||
need, or want to test and enforce the system hardening levels of their systems.
|
||||
|
||||
Last but not least, many small changes make this software easier to use. On
|
||||
our website we added new guides to provide help and support.
|
||||
|
||||
We like to specifically thank Kamil Boratyński, Steve Bosek, and Eric Light.
|
||||
Their contributions helped us greatly shaping this release.
|
||||
We like to thank our contributors, in particular Kamil Boratyński, Steve Bosek,
|
||||
and Eric Light. Their contributions helped us greatly shaping this release.
|
||||
|
||||
|
||||
Below are the changes per category:
|
||||
|
|
@ -108,7 +108,7 @@ Test for IPFW firewall on FreeBSD has been improved: status of pflogd will no
|
|||
longer be displayed, when pf is not available.
|
||||
|
||||
New test FIRE-4532 introduced for detection of the Mac OS X application firewall.
|
||||
Also the status of application firewalls is audited now.
|
||||
Also, the status of application firewalls is audited now.
|
||||
|
||||
FIRE-4508 is another new test, which tests chains of iptables and their default
|
||||
policy (ACCEPT or DROP). This release also supports the upcoming nftables
|
||||
|
|
@ -149,7 +149,7 @@ interface names from most operating systems.
|
|||
|
||||
* Operating systems
|
||||
-------------------
|
||||
Improved support for Debian 8 systems. Detection for VMware release has been
|
||||
Improved support for Debian 8 systems. Detection of VMware release has been
|
||||
added. Boot loader exception is not longer displayed when only a subset of tests
|
||||
is performed. FreeBSD systems can now use service command to gather information
|
||||
about enabled services.
|
||||
|
|
@ -172,7 +172,7 @@ SystemV init is now detected.
|
|||
|
||||
* Software and Packages
|
||||
-----------------------
|
||||
Now informationed will be logged when vulnerable software packages were found.
|
||||
Now information will be logged when vulnerable software packages were found.
|
||||
Support for DNF (Dandified YUM) for Fedora systems has been added. This is done
|
||||
in several tests: PKGS-7350 (installed packages), PKGS-7352 (security notices),
|
||||
PKGS-7354 (integrity tests).
|
||||
|
|
@ -250,14 +250,14 @@ permissions for Docker files, like the socket file [CONT-8108].
|
|||
- Plugins execution is improved, with improved logged and counting of active
|
||||
plugins.
|
||||
- Data uploads: provide help when self-signed certificates are used.
|
||||
- Improved output for tests which before showed results as a warning, while
|
||||
actually are just suggestions.
|
||||
- Improved output for tests which before showed results as a warning, instead of
|
||||
just as a suggestion.
|
||||
- Lynis now uses different exit codes, depending on errors or finding warnings.
|
||||
This helps with automation and any custom scripting you want to apply.
|
||||
- Preparations to allow compressing the Lynis report file and enhance uploads.
|
||||
- Added --config option to show what settings file or profile is used.
|
||||
- Tool tips are displayed, to make Lynis even easier to use.
|
||||
- Show a warning if the release is older than 4 months.
|
||||
- Show a warning if the release is older than four months.
|
||||
- PID file has additional checks, including cleanups.
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue