scap-security-guide - Security guidance and baselines in SCAP formats
Website: | https://github.com/ComplianceAsCode/content |
---|---|
License: | BSD-3-Clause |
Vendor: | CentOS |
- Description:
The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. The Red Hat Enterprise Linux 7 system administrator can use the oscap command-line tool from the openscap-utils package to verify that the system conforms to provided guideline. Refer to scap-security-guide(8) manual page for further information.
Packages
scap-security-guide-0.1.73-1.el7.centos.noarch [15.5 MiB] |
Changelog
by Jan Černý (2024-05-21):
- Rebase scap-security-guide package to version 0.1.73 (RHEL-36739) |
scap-security-guide-0.1.73-1.el7.centos.src [13.2 MiB] |
Changelog
by Jan Černý (2024-05-21):
- Rebase scap-security-guide package to version 0.1.73 (RHEL-36739) |
scap-security-guide-0.1.72-2.el7.centos.noarch [16.0 MiB] |
Changelog
by Marcus Burghardt (2024-02-16):
- Unlist profiles no longer maintained in RHEL8. |
scap-security-guide-0.1.69-1.el7.centos.noarch [14.3 MiB] |
Changelog
by Jan Černý (2023-08-04):
- Rebase to the latest upstream release (RHBZ#2221694) - Make IPv6 related rules applicable only in case IPv6 is actually enabled. (RHBZ#2210276) - update ANSSI BP-028 profiles to be aligned with version 2.0 (RHBZ#2155793) - Correct URL used to download CVE checks. (RHBZ#2223817) |
scap-security-guide-0.1.66-1.el7.centos.noarch [13.8 MiB] |
Changelog
by Watson Sato (2023-02-14):
- Rebase to a new upstream release 0.1.66 (RHBZ#2158410) - Update RHEL7 STIG profile to V3R10 (RHBZ#2152657) - Align file_permissions_sshd_private_key with DISA Benchmark (RHBZ#2123284) - Fix remediation of audit watch rules (RHBZ#2123367) - Fix check firewalld_sshd_port_enabled (RHBZ#2158410) - Fix accepted control flags for pam_pwhistory (RHBZ#2158410) - Unselect rule logind_session_timeout (RHBZ#2158410) - Add support rainer scripts in rsyslog rules (RHBZ#2170038) |
scap-security-guide-0.1.63-1.el7.centos.noarch [12.9 MiB] |
Changelog
by Watson Sato (2022-08-09):
- Update to the latest upstream release (RHBZ#2116359) - Fix SSH Key permissions (RHBZ#2021258) - Remove PCI-DSS Benchmark(RHBZ2038165) - Updated source of CVE data feed(RHBZ#2028432) - Improved alignment with DISA's RHEL7 STIG(RHBZ#1967950) - Update RHEL7 STIG profile to v3r8 (RHBZ#2112939) - Add warning how to override audit buffer (RHBZ#1993822) - Fix smartcard_auth rule for systems installed without authconfig (RHBZ#2116359) - Fix check of enable_fips_mode on s390x (RHBZ#2116359) - Fix applicability of pam_pkcs11 and grub2 rules on s390x (RHBZ#2116359) |
scap-security-guide-0.1.57-8.el7.centos.noarch [13.7 MiB] |
Changelog
by Watson Sato (2022-05-03):
- Remove warning how to override audit buffer (RHBZ#1993822) |
scap-security-guide-0.1.57-6.el7.centos.noarch [13.7 MiB] |
Changelog
by Gabriel Becker (2022-02-25):
- Fix bash remediation of sudo_require_reauthentication (RHBZ#2049532) |
scap-security-guide-0.1.54-3.el7.centos.noarch [8.3 MiB] |
Changelog
by Watson Sato (2021-02-24):
- Realign PCI-DSS rules selection to v0.1.54 (RHBZ#1497415) |
scap-security-guide-0.1.52-2.el7.centos.noarch [8.1 MiB] |
Changelog
by Gabriel Becker (2020-11-27):
- Update RHEL7 DISA STIG to V3R1 (RHBZ#1665233) |
scap-security-guide-0.1.49-13.el7.centos.noarch [7.9 MiB] |
Changelog
by Watson Sato (2020-05-26):
- Add example kickstart for RHEL7 HIPAA (RHBZ#1513087) - Fix Test Suite to run on Python3 |
scap-security-guide-0.1.46-11.el7.centos.noarch [13.0 MiB] |
Changelog
by Jan Černý (2019-11-28):
- Ship RHEL 8 content (RHBZ#1777862) |
scap-security-guide-0.1.43-13.el7.centos.noarch [5.5 MiB] |
Changelog
by Matěj Týč (2019-06-12):
- Fixed the shared dconf bash remediation (RHBZ#1631378) |
scap-security-guide-0.1.40-13.el7.centos.noarch [5.0 MiB] |
Changelog
by Johnny Hughes (2019-04-23):
- Manual CentOS Debranding |
scap-security-guide-0.1.40-12.el7.centos.0.1.noarch [5.0 MiB] |
Changelog
by Johnny Hughes (2018-11-04):
- Manual CentOS Debranding |
scap-security-guide-0.1.40-12.el7.centos.noarch [5.0 MiB] |
Changelog
by Johnny Hughes (2018-11-04):
- Manual CentOS Debranding |
scap-security-guide-0.1.36-10.el7.centos.noarch [4.4 MiB] |
Changelog
by Johnny Hughes (2018-09-26):
- Manual CentOS Debranding |
scap-security-guide-0.1.36-9.el7.centos.noarch [4.4 MiB] |
Changelog
by Johnny Hughes (2018-05-14):
- Manual CentOS Debranding |
scap-security-guide-0.1.36-7.el7.centos.noarch [4.4 MiB] |
Changelog
by Johnny Hughes (2018-04-12):
- Manual CentOS Debranding |
scap-security-guide-0.1.33-6.el7.centos.noarch [5.3 MiB] |
Changelog
by Johnny Hughes (2017-10-19):
- Manual CentOS debranding |
scap-security-guide-0.1.33-5.el7.centos.noarch [5.3 MiB] |
Changelog
by Johnny Hughes (2017-08-22):
- Manual CentOS debranding |
scap-security-guide-0.1.30-5.el7.centos.noarch [1.2 MiB] |
Changelog
by Johnny Hughes (2017-03-03):
- Manual CentOS Debranding |
scap-security-guide-0.1.30-3.el7.centos.0.3.noarch [1.2 MiB] |
Changelog
by brian@bstinson.com 0.1.-3.0.3 (2016-12-02):
- Remove the Red Hat Certified Cloud Provider profile - add 2nd branding patch |
scap-security-guide-0.1.25-3.el7.centos.0.1.noarch [671 KiB] |
Changelog
by brian@bstinson.com 0.1.25-3.centos.0.1 (2015-11-25):
- Use the CentOS SCAP content - scap-security-guide-0.1.25-centos-menu-branding.patch |
scap-security-guide-0.1.25-3.el7.centos.noarch [671 KiB] |
Changelog
by brian@bstinson.com 0.1.25-3.centos (2015-11-25):
- Use the CentOS SCAP content |
scap-security-guide-0.1.25-3.el7.noarch [766 KiB] |
Changelog
by Jan iankko Lieskovsky (2015-10-02):
- Drop "Verify and Correct File Permissions with RPM" rule from the PCI-DSS profile for Red Hat Enterprise Linux 7 (RH BZ#1267861) |