tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-28 16:24:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Updated log

Browse Source
This commit is contained in:
Michael Boelen 2019-07-12 14:39:05 +02:00
parent 76e84f4b56
commit f8e9c7bd91
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CHANGELOG.md
View File

@ -7,8 +7,9 @@ Some of these changes may break your current usage of the tool, so test before
deployment! deployment!
Breaking changes: Breaking changes:
- Some commands or switches are removed - Some commands or switches are deprecated or removed
- Format of profile options changed (from key:value to key=value) - Format of all profile options converted (from key:value to key=value)
- Non-interactive by default (use --wait option to pause between groups of tests)
An important focus area for this release is on security. We added several An important focus area for this release is on security. We added several
measures to further tighten any possible misuse. measures to further tighten any possible misuse.
@ -22,13 +23,14 @@ measures to further tighten any possible misuse.
- New function: DisplayWarning - show a warning on the screen - New function: DisplayWarning - show a warning on the screen
- New function: Equals - compare two strings - New function: Equals - compare two strings
- New function: Readonly - mark variable read-only (security) - New function: Readonly - mark variable read-only (security)
- New function: SafeFile - test file type and call permission check
- New function: SafeInput - check for safe input (security) - New function: SafeInput - check for safe input (security)
- New profile option: disable-plugin - disables a single plugin - New profile option: disable-plugin - disables a single plugin
- New profile option: ssl-certificate-paths-to-ignore - ignore a path - New profile option: ssl-certificate-paths-to-ignore - ignore a path
- New test: CRYP-7930 - disk or file system encryption testing - New test: CRYP-7930 - disk or file system encryption testing
- New test: PROC-3802 - Check presence of prelink tooling - New test: PROC-3802 - Check presence of prelink tooling
- New report key: openssh_daemon_running - New report key: openssh_daemon_running
- Measure timing of tests and report slow tests (10+ seconds)
### Changed ### Changed
- Function: CheckItem - returns only exit code (ITEM_FOUND value is dropped) - Function: CheckItem - returns only exit code (ITEM_FOUND value is dropped)
@ -37,10 +39,12 @@ measures to further tighten any possible misuse.
- Security: the 'nounset' (set -u) parameter is now activated by default - Security: the 'nounset' (set -u) parameter is now activated by default
- Use only locations from PATH environment variable, unless it is not defined - Use only locations from PATH environment variable, unless it is not defined
- Show 'lynis generate hostids' when they are missing - Show 'lynis generate hostids' when they are missing
- NAME-4408 - corrected Report function call
- PROC-3602 - allow different root directory - PROC-3602 - allow different root directory
- PROC-3612 - show 'Not found' instead of 'OK' - PROC-3612 - show 'Not found' instead of 'OK'
- PROC-3614 - show 'Not found' instead of 'OK' - PROC-3614 - show 'Not found' instead of 'OK'
- SSH-7402 - detect other SSH daemons like dropbear - SSH-7402 - detect other SSH daemons like dropbear
- systemd service file adjusted
--------------------------------------------------------------------------------- ---------------------------------------------------------------------------------