diff --git a/CHANGELOG b/CHANGELOG index bdc5ce6f..9458299c 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -8,6 +8,7 @@ Author: Michael Boelen (michael.boelen@cisofy.com) Description: Security and system auditing tool Website: https://cisofy.com/lynis/ + GitHub: https://github.com/CISOfy/Lynis Support policy: See section 'Support' (README file); Commercial support and plugins available via CISOfy @@ -17,55 +18,70 @@ ================================================================================ - * 1.6.5 (2015-01-xx) - New: - - Added --report-file parameter for alternative report file location - - Added --dump-options to quickly see all available options - - Added --upload-url for Lynis Enterprise users - - Added support for dpkg, initctl, launchctl and smtpctl binaries - - Added support for pkg_admin binaries - - Added initial support for nftables - - Added systemd journal test [LOGG-2136] - - Check for systemd rescue.service [BOOT-5260] - - Detecting service manager like BSD's rc, upstart, systemd [BOOT-5104] + = Lynis 2.0.0 (2015-02-25) = - Changes: - - Skip missing NTP daemon or client warning for virtual machines [TIME-3104] - - Check pkgs-vulnerabilities file before performing audit [PKGS-7381] - - Don't warn for missing klogd when using systemd-journal [LOGG-2138] - - Test if OpenSMTPD runs on other platforms than OpenBSD [MAIL-8920] - - Use suggestion instead of warning for expired warnings [CRYP-9702] - - Use ntpdate check for systems based on FreeBSD as well [TIME-3104] - - Show users starting at ID 1000 when using a Linux system [AUTH-9234] - - Reboot test enhanced to work on Arch Linux and others [KRNL-5830] - - Do not show suggestion for compiler hardening in this test [HRDN-7220] - - Check if vulnerability database is present on the system [PKGS-7380] - - Uptime support for DragonFly BSD, FreeBSD and NetBSD [TIME-5202] - - GRUB2 password protection test added to test [BOOT-5122] - - Check presence of /dev/pf before querying pf rules [FIRE-4518] - - Show only unique files for deleted files [LOGG-2190] - - Removed warning if no swap is found [FILE-6332] - - Added php.ini location for NetBSD systems - - Added --progress to Register function to show progress on screen - - Added /srv/www to default certificate search path (default.prf) - - Show if compliance tests have been performed in report output - - Improved virtualization detection for different platforms - - Enabled several new plugins for Lynis Enterprise users - - Changed copyrights in files to author and company entity - - Added /usr/pkg/bin and /usr/pkg/sbin to binary paths - - Added Docker support in virtualization detection routine - - Added sysctl key kernel.kptr_restrict to profile - - Several minor adjustments to functions - - Improved version detection on Gentoo systems - - Enhanced screen output for DragonFly BSD - - Updated default.prf template - - Perform hostname check for some tests - - Changed links to HTTPS version of website - - Log system manager - - Updated man page - -- + The first release within the 2.x branch! It includes several new features, to + simplify or improve auditing on Unix based systems, including BSD, Linux, + Mac OS and more traditional systems like AIX, HPUX and Solaris. + + New features and many improvements are the reason for the bump to a major + release, also a beginning of a new era. Many tools to audit or harden systems + have being released, yet none have been maintained over a long period of time. + + * Support and Feedback + + This software is supported and under development by CISOfy. By providing a + dual license, this software is kept up-to-date and enhanced. Both customers + and the community, benefit from this licensing. This release is available + thanks to your input and feedback. + + * Helpers + + New in this release is the support for helpers. Small utilities which enhance + Lynis by providing a single goal. The first helper available is to audit + Docker build files. + + * Improved OS support + + Many changes have been implemented to better support Linux, FreeBSD, NetBSD + DragonBSD and OpenBSD in particular. Upcoming releases will include smaller + "improvement rounds" for other systems as well. + + * New technologies + + More utilities and technologies are supported now. Technologies and tools + like systemd, Docker, nftables. + + * Lynis Enterprise + + As this code is shared, customers have an additional option to define to + what server they want to upload the audit results. Also, commercial plugins + have been bundled. + + * New parameters + + Several new options have been added: + --dump-options (see all options) + --report-file (define a different location for the report file) + + * General + + Documentation on the website has been extended: https://cisofy.com/support/ + The man page, Lynis binary and several tests have improved texts. + + This release is exceptional in that it includes many changes. We have done + a lot of testing on different platforms. You could expect this software to be + stable. Still, an assumption is no guarantee and especially no substitution + for testing in your own environment. If you encounter issues, please report + them via one of the links above in this changelog. + + + Enjoy this new release! + + +================================================================================ * 1.6.4 (2014-11-04)