From d4f024faa6e2cb3c46f0e62ed44193c649bb7dc2 Mon Sep 17 00:00:00 2001 From: mboelen Date: Mon, 7 Sep 2015 21:07:47 +0200 Subject: [PATCH] Updated log of changes --- CHANGELOG | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 61 insertions(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index db90546e..38073ef6 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -17,6 +17,67 @@ ================================================================================ + = Lynis 2.1.2 = + + This is an major release, which includes both new features and enhancements to existing tests. + + * Operating systems + Improved support for Debian 8 + Don't show boot loader exception when a subset of tests is performed + + * Screen output + Improved output for tests which before showed results as a warning, while actually are just suggestions + + * Virtual machines + Detection of virtual machines extended with vmtoolsd detection + + * Mount points + FILE-6374 is expanded to test for multiple common mount points and define best practice mount flags. + + * Docker + Properly detect Docker on CoreOS systems, where it before gave error as it found directory /usr/libexec/docker + + * UEFI and Secure Boot + Initial support to test UEFI settings, including Secure Boot option + Options boot_uefi_booted and boot_uefi_booted_secure added to report file + + * Authentication + Depending on the operating system, Lynis now tries to determine if failed logins are properly logged. This includes + checking for /etc/login.defs [AUTH-9408] + + report option: auth_failed_logins_logged + **** ^ NEEDS more tests ################################### + + * DNS and Name services + Support added for Unbound DNS caching tool [NAME-4034] + Configuration check for Unbound [NAME-4036] + Record if a name caching utility is being used like nscd or Unbound. Also logging to report as field name_cache_used + + * Firewalls + IPFW firewall on FreeBSD test improved + + * Individual tests + BOOT-5180 now only gets executed if runlevel 2 is found + AUTH-9328 show correct message when no umask is found in /etc/profile, including correct logging entries + AUTH-9204 now excludes NIS entries to avoid false positives + TIME-3104 Only shows suggestion now on FreeBSD if ntpdate is configured, yet ntpd isn't running + FILE-6410 Added /var/lib/locatedb as search path + + Don't wait when using pentest mode in quick mode + Data uploads: provide help when self-signed certificates are used + + + + 8888888888888888888888888 + implement base64 + 8888888888888888888888888 + + + * Plugins + --------- + [PLGN-2804] Limit report output of EXT file systems to 1 item per line + + -------------------------------------------------------------- = Lynis 2.1.1 (2015-07-22) = @@ -91,7 +152,6 @@ * Plugins --------- - [PLGN-2602] Disabled by default, as it may be too slow for some machines [PLGN-3002] Extended with /sbin/nologin