Releases: ansible-lockdown/RHEL9-CIS
CIS Version: 1.0.0 - Nov24 Updates
CIS Version: 1.0.0 - Nov24 Updates
Remediate
Audit updates
Pipeline Updates
pre-commit updates
Various improvements and enhancements
Issues Addressed
#245
#247
#249
#250
#251
#252
#253
#255
#256
AUDIT
What's Changed
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #238
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #241
- Sept 24 updates by @uk-bolly in #240
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #242
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #243
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #244
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #246
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #248
- Added selectattr filter to fix #249 by @yinggs in #250
- issue_247 and pipeline update for first interaction by @uk-bolly in #251
- Mount opts and gpg by @uk-bolly in #252
- Added a means to allow system users to have a shell by @Thulium-Drake in #253
- Added _lock to filename by @uk-bolly in #256
- updated Readme by @uk-bolly in #257
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #258
- removed skip_ansible_lint tag by @uk-bolly in #260
- CIS v1.0.0 updates Nov 2024 by @uk-bolly in #259
New Contributors
- @yinggs made their first contribution in #250
- @Thulium-Drake made their first contribution in #253
Full Changelog: 1.3.2...1.3.3
RHEL9-CIS update Sept2024- v1.0.0
RHEL9-CIS v1.0.0
Remediate:
pre-commit updates
workflow updates
jmespath dependancy removal
tidy up of some var naming for ssh config path
Latest workflow updates
6.1.10 and 6.1.11 improvements
Issue Fixes:
#216
#217
#221
#222
#224
#226
#227
#228
#230
#231
#232
#233
#234
Audit:
audit updates and alignment
What's Changed
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #214
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #215
- Issue audit updates by @uk-bolly in #221
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #222
- August issues by @uk-bolly in #228
- added calls to sshd restart handler to fix #230 by @numericillustration in #231
- added fix for #232 thanks to @Arkhenys by @uk-bolly in #233
- Fix link to Changelog.md in README.md by @markgoddard in #234
- Sshd config create by @uk-bolly in #236
- rhel9-cis main release v1.0.0 by @uk-bolly in #235
New Contributors
- @markgoddard made their first contribution in #234
Full Changelog: 1.3.1...1.3.2
RHEL9-CIS update June2024
Remediate:
- Issues closed and PRs merged - What's changed
- Pre-commit updates
- Many improvements to different controls
- meta update for galaxy compatability
- Standardize versioning across all repos - removing v
What's Changed
- removing the async; the results of init are needed in the subsequent step by @mark-tomich in #199
- Typo by @svennd in #206
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #207
- 2.4 : socket vs sockets (typo) by @svennd in #208
- June24 updates by @uk-bolly in #209
- Release to main by @uk-bolly in #210
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #211
- updated due to galaxy limitation by @uk-bolly in #212
- Update to galaxy meta by @uk-bolly in #213
New Contributors
- @mark-tomich made their first contribution in #199
- @svennd made their first contribution in #206
Full Changelog: 1.2.0...1.3.1
RHEL9-CIS 1.0.0 - Update May2024
Remediate:
- Issues closed and PRs merged - What's changed
- Pre-commit updates
- Many improvements to different controls
Audit:
- Audit_only ability now added to run standalone audit
- audit_only: true
- Related Audit repo updated to improve tests audit binary(goss updated to latest version)
Many thanks to all the contributors and discord community members for feedback
What's Changed
- Sept23 to devel by @uk-bolly in #93
- updated discord link in readme by @uk-bolly in #95
- fix rule_1.8.1.1 by @uk-bolly in #96
- Goss version by @uk-bolly in #97
- Sept lint by @uk-bolly in #98
- updated 5.6.5 by @uk-bolly in #99
- updated collections by @uk-bolly in #100
- updated workflow for galaxy and versions by @uk-bolly in #108
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #110
- Audit only enhancement and goss update by @uk-bolly in #120
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #119
- Update cis_5.6.1.x.yml by @senihucar in #122
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #127
- Fixed chrony configuration options by @dulin in #121
- Removing redundant conditional statements by @ipruteanu-sie in #129
- Timeout value defined in defaults/main.yml file not used by @ipruteanu-sie in #133
- Masking service when server package is needed by @ipruteanu-sie in #136
- Using correct conditional for ftpd by @ipruteanu-sie in #138
- 3.4.2.5 conditional fix by @ipruteanu-sie in #140
- find hidden files in /var/log for 4.3.2 by @Corey0219 in #103
- Using rhel9cis_authselect['options'], otherwise not used at all by @ipruteanu-sie in #145
- Siemens/feat/4.2.1.3conditional and section header by @ipruteanu-sie in #143
- Remove trailing comma to align with other roles by @jLemmings in #152
- Adding missing lines to usr: sysctl.d/50-default.conf by @brisky in #105
- Adding new entry in /etc/pam.d/system-auth by @brisky in #112
- Siemens/feat/audit vars refactoring by @ipruteanu-sie in #148
- Corrections to tags and a variable by @sickbock in #151
- Remove trailing comma to align with other roles by @jLemmings in #154
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #159
- fixing some mismatched tags and tasks in 5.6.1.x by @numericillustration in #150
- Using a patch to refactor doc-extension by @ipruteanu-sie in #164
- Siemens/feat/bgrubby usage for params by @ipruteanu-sie in #166
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #167
- Update cis_6.1.x.yml by @Illibur in #169
- oscap scan found 2 issues in sshd configuration override files by @bbaassssiiee in #174
- Replacing vars according to Audit needs by @ipruteanu-sie in #131
- Bugfix 5 3 4 against issue #176 by @RoboPickle in #177
- fix: idempotency molecule issue fixed for logfiles #173 by @rjacobs1990 in #175
- Feb24 updates by @uk-bolly in #179
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #178
- Gpg import for rhel servers by @uk-bolly in #185
- March 24 to devel by @uk-bolly in #186
- Address issues in 4.1.1.2 and 4.1.1.3 including idempotent status by @RoboPickle in #188
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #192
- April_24 updates by @uk-bolly in #201
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #200
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #202
- updated audit binary assert statement by @uk-bolly in #204
- Release to main by @uk-bolly in #205
New Contributors
- @pre-commit-ci made their first contribution in #110
- @senihucar made their first contribution in #122
- @dulin made their first contribution in #121
- @ipruteanu-sie made their first contribution in #129
- @Corey0219 made their first contribution in #103
- @jLemmings made their first contribution in #152
- @brisky made their first contribution in #105
- @sickbock made their first contribution in #151
- @numericillustration made their first contribution in #150
- @Illibur made their first contribution in #169
- @bbaassssiiee made their first contribution in #174
- @RoboPickle made their first contribution in #177
- @rjacobs1990 made their first contribution in #175
Full Changelog: v1.1.0...1.2.0
RHEL9-CIS v1.0.0
What's Changed
- Rule 1.10 crypto by @uk-bolly in #65
- Update cis_1.3.x.yml by @jakejellinek in #67
- June23 updates by @uk-bolly in #68
- Fix 2.2.14 evaluate dnsmasq instead of postfix by @lucab85 in #69
- Bugfix: typo in handler name and loop item handling in when statement by @MarcoV-git in #71
- July23 fixes by @uk-bolly in #74
- Readme.md:fix cis level tag names by @carlosrodfern in #76
- Update README.md by @lucab85 in #78
- Workflow and pre-commit added by @uk-bolly in #81
- Template and secrets by @uk-bolly in #83
- devel to main release by @uk-bolly in #84
- updated layout by @uk-bolly in #85
- Readme layout update by @uk-bolly in #86
- Tidy up by @uk-bolly in #87
- Workflow run by @uk-bolly in #88
- workflow check run by @uk-bolly in #89
New Contributors
- @jakejellinek made their first contribution in #67
- @lucab85 made their first contribution in #69
- @MarcoV-git made their first contribution in #71
- @carlosrodfern made their first contribution in #76
Full Changelog: v1.0.2...v1.0.3
Updates may23
What's Changed
- Readme Update, Yamllint Update, YamlLint Check, Ansible-lint Check by @MrSteve81 in #50
- Warning improvements by @uk-bolly in #51
- use var values for pam_faillock by @jayolinares in #52
- Molecule test on container is failing due to modprobe by @jayolinares in #55
- Use correct backtick for regex escape by @drscream in #56
- fix #58 by @jayolinares in #60
- May23 updates by @uk-bolly in #62
- Fix Policy Number for Grub Boot Password by @cigamit in #63
- Devel to main - bug fixes by @uk-bolly in #64
New Contributors
- @MrSteve81 made their first contribution in #50
- @jayolinares made their first contribution in #52
- @drscream made their first contribution in #56
- @cigamit made their first contribution in #63
Full Changelog: v1.0.1...v1.0.2
Ansible Galaxy update
v1.0.0 RHEL9-cis V1.0.0
Initial CIS release V1.0.0
What's Changed
- Fix in logic for Alma by @uk-bolly in #4
- Improvements by @uk-bolly in #5
- 5.4.1 fixed thanks to cf-sewe by @uk-bolly in #6
- Collections by @uk-bolly in #7
- Rh8 2.0 by @uk-bolly in #8
- linting by @uk-bolly in #9
- Add the ability to pass/change environment variable by @uk-bolly in #11
- Add missing variable defaults for 'rhel9cis_pam_faillock' by @alewando in #12
- Fix UMASK hardening by @alewando in #14
- Improvements by @uk-bolly in #16
- Improvements by @uk-bolly in #17
- updated workflows by @uk-bolly in #19
- logic, idempotency, auditd, sysctl improvements by @uk-bolly in #18
- tss user and spacing by @kris9854 in #28
- Oct update by @uk-bolly in #29
- Release for official Cis v1.0.0 by @uk-bolly in #31
- new option to 6_2_16 not follow symlinks by @uk-bolly in #33
- Issues 30 and 34 by @uk-bolly in #35
- Auditd improvements, workflow updates Oracle Support by @uk-bolly in #37
- Issues 40 41 by @uk-bolly in #42
- Fix system accounts rule 5.6.2 by @dulin-gnet in #43
- March updates by @uk-bolly in #44
- Initial 1.0 release CIS 1.0 by @uk-bolly in #45
New Contributors
- @alewando made their first contribution in #12
- @kris9854 made their first contribution in #28
- @dulin-gnet made their first contribution in #43
Full Changelog: https://github.com/ansible-lockdown/RHEL9-CIS/commits/v1.0.0