mirror of https://github.com/CISOfy/lynis.git
Updated log of changes
This commit is contained in:
mboelen
parent
e50eef0c19
commit
d4f024faa6
62
CHANGELOG
62
CHANGELOG
|
|
@ -17,6 +17,67 @@
|
||||||
|
|
||||||
================================================================================
|
================================================================================
|
||||||
|
|
||||||
|
= Lynis 2.1.2 =
|
||||||
|
|
||||||
|
This is an major release, which includes both new features and enhancements to existing tests.
|
||||||
|
|
||||||
|
* Operating systems
|
||||||
|
Improved support for Debian 8
|
||||||
|
Don't show boot loader exception when a subset of tests is performed
|
||||||
|
|
||||||
|
* Screen output
|
||||||
|
Improved output for tests which before showed results as a warning, while actually are just suggestions
|
||||||
|
|
||||||
|
* Virtual machines
|
||||||
|
Detection of virtual machines extended with vmtoolsd detection
|
||||||
|
|
||||||
|
* Mount points
|
||||||
|
FILE-6374 is expanded to test for multiple common mount points and define best practice mount flags.
|
||||||
|
|
||||||
|
* Docker
|
||||||
|
Properly detect Docker on CoreOS systems, where it before gave error as it found directory /usr/libexec/docker
|
||||||
|
|
||||||
|
* UEFI and Secure Boot
|
||||||
|
Initial support to test UEFI settings, including Secure Boot option
|
||||||
|
Options boot_uefi_booted and boot_uefi_booted_secure added to report file
|
||||||
|
|
||||||
|
* Authentication
|
||||||
|
Depending on the operating system, Lynis now tries to determine if failed logins are properly logged. This includes
|
||||||
|
checking for /etc/login.defs [AUTH-9408]
|
||||||
|
|
||||||
|
report option: auth_failed_logins_logged
|
||||||
|
**** ^ NEEDS more tests ###################################
|
||||||
|
|
||||||
|
* DNS and Name services
|
||||||
|
Support added for Unbound DNS caching tool [NAME-4034]
|
||||||
|
Configuration check for Unbound [NAME-4036]
|
||||||
|
Record if a name caching utility is being used like nscd or Unbound. Also logging to report as field name_cache_used
|
||||||
|
|
||||||
|
* Firewalls
|
||||||
|
IPFW firewall on FreeBSD test improved
|
||||||
|
|
||||||
|
* Individual tests
|
||||||
|
BOOT-5180 now only gets executed if runlevel 2 is found
|
||||||
|
AUTH-9328 show correct message when no umask is found in /etc/profile, including correct logging entries
|
||||||
|
AUTH-9204 now excludes NIS entries to avoid false positives
|
||||||
|
TIME-3104 Only shows suggestion now on FreeBSD if ntpdate is configured, yet ntpd isn't running
|
||||||
|
FILE-6410 Added /var/lib/locatedb as search path
|
||||||
|
|
||||||
|
Don't wait when using pentest mode in quick mode
|
||||||
|
Data uploads: provide help when self-signed certificates are used
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
8888888888888888888888888
|
||||||
|
implement base64
|
||||||
|
8888888888888888888888888
|
||||||
|
|
||||||
|
|
||||||
|
* Plugins
|
||||||
|
---------
|
||||||
|
[PLGN-2804] Limit report output of EXT file systems to 1 item per line
|
||||||
|
|
||||||
|
--------------------------------------------------------------
|
||||||
|
|
||||||
= Lynis 2.1.1 (2015-07-22) =
|
= Lynis 2.1.1 (2015-07-22) =
|
||||||
|
|
||||||
|
|
@ -91,7 +152,6 @@
|
||||||
|
|
||||||
* Plugins
|
* Plugins
|
||||||
---------
|
---------
|
||||||
|
|
||||||
[PLGN-2602] Disabled by default, as it may be too slow for some machines
|
[PLGN-2602] Disabled by default, as it may be too slow for some machines
|
||||||
[PLGN-3002] Extended with /sbin/nologin
|
[PLGN-3002] Extended with /sbin/nologin
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue