UNCLASSIFIED - NO CUI

Skip to content

Draft: Update dependency ComplianceAsCode/content to v0.1.58

renovate requested to merge renovate/complianceascode-content-0.x into development

This MR contains the following updates:

Package Update Change
ComplianceAsCode/content patch v0.1.57 -> v0.1.58

Release Notes

ComplianceAsCode/content

v0.1.58

Compare Source

Important Highlights
  • Add SCE Support to build system (#​7075)
  • Split RHEL 8 CIS profile using new controls file format (#​6976)
  • Introduce automated CCE adder (#​7249)
  • CIS Profiles for SLE12 (#​7434)
  • Add initial Ubuntu 20.04 STIG Profile (#​7220)
New Rules and Profiles
  • Add initial Ubuntu 20.04 STIG Profile (#​7220)
  • Add rules for RHEL-08-030610 (#​7256)
  • Add Ubuntu to cron.allow, at.allow rules for CIS (#​7223)
  • New rules for RHEL-08-010290 (#​7151)
  • New rules for RHEL-08-010291 (#​7169)
  • Add /var/log/audit individual ownership rules (#​7129)
  • New rule for RHEL-08-020270 (#​7276)
  • Add rule new for RHEL-08-030700 (#​7264)
  • Added new rule for RHEL-08-030710 (#​7268)
  • Add rule for RHEL-08-020300 (#​7289)
  • Add rule for RHEL-08-020090 (#​7313)
  • Introduce support for the distributed SSHd configuration (#​6926)
  • UBTU-20-010057: Add missing rules (#​7363)
  • Add new rule for RHEL-08-030720 (#​7288)
  • Add a new rules RHEL-08-010001 and RHEL-07-020019 (#​7344)
  • Add new rule for RHEL-07-030330 and RHEL-08-030730 (#​7323)
  • Added rule for RHEL-08-010400 (#​7411)
  • Sysctl disable ipv6 (#​7460)
  • CIS Profiles for SLE12 (#​7434)
Updated Rules and Profiles
  • fix problems with variables in rhel7 cis (#​7237)
  • Sort references, identifiers in rule.yml (#​6882)
  • Correct some issues with the CIS ICMP redirects rule on RHEL 7/8 (#​7259)
  • remove broken links to support.ntp.org (#​7262)
  • Mark as machine rules that collect password_object (#​7263)
  • OCP4: fips_mode_enabled rule relates to IA-7 (#​7267)
  • Enable dconf rules for RHEL9 (#​7011)
  • Enable generic rules for RHEL9 (#​7147)
  • Introduce support for the distributed SSHd configuration (#​6926)
  • Add service_pcscd_enabled to SLE15 PCI-DSS profile (#​7322)
  • update version of rhel7 stig_gui profile (#​7340)
  • Update References for RHEL8 STIG V1R3 (#​7299)
  • Suse sle15 fix reference sles 15 030350 assignment (#​7346)
  • Add to sle15 PCI-DSS profile rules for account uniqueness and grub config ownership (#​7345)
  • Select sysctl_net_core_bpf_jit_harden for RHEL-08-040286 (#​7354)
  • Add SRGs for accounts_password_pam_dictcheck and sssd_enable_certmap (#​7362)
  • Update RHEL 8 CIS references to match benchmark 1.0.1 (#​7356)
  • Update CCEs and identifiers on rules that make up RHEL 8 CIS 4.1.15 (#​7353)
  • generic updates to rhel7 CIS (#​7384)
  • Update existing rule for RHEL-08-020320 (#​7303)
  • OCP4: Remove kubelet_disable_hostname_override rule (#​7391)
  • SLES-12-010599 - remove rule from the STIG (#​7397)
  • add kickstarts for rhel8 CIS profiles (#​7383)
  • add rhel7 kickstarts for CIS profiles (#​7382)
  • UBTU-20-010056: Use rule accounts_password_pam_dictcheck (#​7366)
  • Add ensure_logrotate_activated rule to SLES15 PCI-DSS (#​7381)
  • products/sle15/profiles/stig.profile: Update according to U_SLES_15_STIG_V1R3 Manual (#​7388)
  • Add PCI-DSS rules (#​7373)
  • Add PCI-DSS file Rules (#​7417)
  • Add PCI-DSS file rules (#​7430)
  • SUSE SLE15 service chronyd or ntpd enabled pci dss (#​7425)
  • Add rsyslog log file configuration rules to SUSE SLE15 PCI-DSS profile (#​7420)
  • Update existing rules for RHEL-07-010492 and RHEL-07-010482 (#​7438)
  • Add rule for SLES-12-030365 (#​7177)
  • SLE15 add package_aide_installed to PCI-DSS profile (#​7476)
  • SLE15 add package security rules to PCI-DSS profile (#​7473)
  • SLE15 Add password hashing rules to PCI DSS profile (#​7474)
  • SLE15 add audit data retnetion rules to PCI-DSS profile (#​7475)
  • SLE15 add sssd_enable_smartcards to PCI-DSS rule (#​7472)
  • PCI-DSS Add more auditd rules (#​7477)
  • OL7 DISA STIG v2r4 update (#​7496)
  • Pcidss Configure Crypto Rules (#​7398)
Changes in Remediations
  • Enable remediations for crypto policy settings (#​7242)
  • fix ansible of accounts_root_path_dirs_no_write (#​7255)
  • add / fix remediations for audit rules wrt modules (#​7252)
  • Fix possible issue in harden_openssl_crypto_policy remediation (#​7178)
  • Mount option template updates (#​7081)
  • Fix coverity problems (#​7258)
  • Fix ansible remediation of display_login_attempts (#​7271)
  • Fixed the remediations when there are no previous kernelopts (#​7257)
  • Remove specific metadata in shared Bash remediations (#​7254)
  • Update existing rule for RHEL-08-030650 (#​7283)
  • Remove kubelet_disable_hostname_override rule (#​7400)
  • Fix remaining audit rule files permissions. (#​7440)
Changes in Checks
  • Add oval check for bios_enable_execution_restrictions (#​7227)
  • Mount option template updates (#​7081)
  • Update existing rule for RHEL-08-030650 (#​7283)
Changes in the Infrastructure
  • Prioritize install_smartcard_packages like package_*_installed (#​7224)
  • Sort references, identifiers in rule.yml (#​6882)
  • Add SCE Support to build system (#​7075)
  • SSGTS: tests for shared/templates (#​7211)
  • Add new rule for RHEL-08-030720 (#​7288)
  • Introduce automated CCE adder (#​7249)
  • Add sort prodtypes to fix_rules (#​7454)
Changes in the Test Suite
  • Add rhel9 Dockerfile and distro choice into install_vm.py (#​7235)
  • fix ansible of accounts_root_path_dirs_no_write (#​7255)
  • install_vm.py: add --console option (#​7186)
  • Add some more tests (#​7083)
  • Add RHEL7 specific test kickstart (#​7355)
  • SSGTS: tests for shared/templates (#​7211)
  • Fix combined mode execution in SSGTS (#​7395)
  • Option --no-reports for SSGTS rule and combined modes (#​7523)
Documentation
  • Document rule.yml modification utilities (#​6916)
  • Update Mailing list location in docs (#​7293)
  • Fix links to repo: SSG->CaC (#​7311)
  • More documentation (#​7406)
  • Fix RHEL7 documentation links (#​7409)
  • Add readthedocs integration badge (#​7407)
  • Fix RHEL7 documentation link (#​7443)
  • Add bats to gating and docs (#​7543)

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 Ignore: Close this MR and you won't be reminded about this update again.


  • If you want to rebase/retry this MR, check this box. Warning: custom changes will be lost.

This MR has been generated by Renovate Bot.

Edited by David Freeman

Merge request reports