tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-25 14:54:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rewrote some changelog entries

Browse Source
This commit is contained in:
mboelen 2016-03-17 13:43:42 +01:00
parent 057b41265a
commit a4a0f8ff5b
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
CHANGELOG
View File

@ -29,24 +29,24 @@ release.
------------ ------------
The biggest change in this release is the optimization of several functions. It The biggest change in this release is the optimization of several functions. It
allows for better detection, and dealing with the quirks, of every single allows for better detection, and dealing with the quirks, of every single
operating system. Some functions were fortified to better handle unexcepted operating system. Some functions were fortified to handle unexcepted results
results, like missing a particular binary, or not receiving a hostname. better, like missing a particular binary, or not returning the hostname.
This release enables also tests to be shorter, by adding new functions. Some This release also enables tests to be shorter, by adding new functions. Some
functions were renamed or slightly changed, to provide more value to the tooling. functions were renamed or slightly changed, to provide more value to the tooling.
Another big change in this release is a wide set of optimizations and quality Another big change in this release is a wide set of optimizations and quality
testing. Outdated pieces were removed, or rewritten, to support features seen in testing. Outdated pieces were removed, or rewritten, to support features seen in
newer distributions. newer distributions.
On the level of compliance adjustments have been made to start supporting more In the area of compliance, adjustments have been made to start supporting more
in-depth testing for this. Ideal for companies who have a particular compliance in-depth testing for this. Ideal for companies who have a particular compliance
need, or want to better enforce the system hardening levels of their systems. need, or want to test and enforce the system hardening levels of their systems.
Last but not least, many small changes make this software easier to use. On Last but not least, many small changes make this software easier to use. On
our website we added new guides to provide help and support. our website we added new guides to provide help and support.
We like to specifically thank Kamil Boratyński, Steve Bosek, and Eric Light. We like to thank our contributors, in particular Kamil Boratyński, Steve Bosek,
Their contributions helped us greatly shaping this release. and Eric Light. Their contributions helped us greatly shaping this release.
Below are the changes per category: Below are the changes per category:
@ -108,7 +108,7 @@ Test for IPFW firewall on FreeBSD has been improved: status of pflogd will no
longer be displayed, when pf is not available. longer be displayed, when pf is not available.
New test FIRE-4532 introduced for detection of the Mac OS X application firewall. New test FIRE-4532 introduced for detection of the Mac OS X application firewall.
Also the status of application firewalls is audited now. Also, the status of application firewalls is audited now.
FIRE-4508 is another new test, which tests chains of iptables and their default FIRE-4508 is another new test, which tests chains of iptables and their default
policy (ACCEPT or DROP). This release also supports the upcoming nftables policy (ACCEPT or DROP). This release also supports the upcoming nftables
@ -149,7 +149,7 @@ interface names from most operating systems.
* Operating systems * Operating systems
------------------- -------------------
Improved support for Debian 8 systems. Detection for VMware release has been Improved support for Debian 8 systems. Detection of VMware release has been
added. Boot loader exception is not longer displayed when only a subset of tests added. Boot loader exception is not longer displayed when only a subset of tests
is performed. FreeBSD systems can now use service command to gather information is performed. FreeBSD systems can now use service command to gather information
about enabled services. about enabled services.
@ -172,7 +172,7 @@ SystemV init is now detected.
* Software and Packages * Software and Packages
----------------------- -----------------------
Now informationed will be logged when vulnerable software packages were found. Now information will be logged when vulnerable software packages were found.
Support for DNF (Dandified YUM) for Fedora systems has been added. This is done Support for DNF (Dandified YUM) for Fedora systems has been added. This is done
in several tests: PKGS-7350 (installed packages), PKGS-7352 (security notices), in several tests: PKGS-7350 (installed packages), PKGS-7352 (security notices),
PKGS-7354 (integrity tests). PKGS-7354 (integrity tests).
@ -250,14 +250,14 @@ permissions for Docker files, like the socket file [CONT-8108].
- Plugins execution is improved, with improved logged and counting of active - Plugins execution is improved, with improved logged and counting of active
plugins. plugins.
- Data uploads: provide help when self-signed certificates are used. - Data uploads: provide help when self-signed certificates are used.
- Improved output for tests which before showed results as a warning, while - Improved output for tests which before showed results as a warning, instead of
actually are just suggestions. just as a suggestion.
- Lynis now uses different exit codes, depending on errors or finding warnings. - Lynis now uses different exit codes, depending on errors or finding warnings.
This helps with automation and any custom scripting you want to apply. This helps with automation and any custom scripting you want to apply.
- Preparations to allow compressing the Lynis report file and enhance uploads. - Preparations to allow compressing the Lynis report file and enhance uploads.
- Added --config option to show what settings file or profile is used. - Added --config option to show what settings file or profile is used.
- Tool tips are displayed, to make Lynis even easier to use. - Tool tips are displayed, to make Lynis even easier to use.
- Show a warning if the release is older than 4 months. - Show a warning if the release is older than four months.
- PID file has additional checks, including cleanups. - PID file has additional checks, including cleanups.