diff options
author | mboelen <michael@cisofy.com> | 2015-09-07 22:07:47 +0300 |
---|---|---|
committer | mboelen <michael@cisofy.com> | 2015-09-07 22:07:47 +0300 |
commit | d4f024faa6e2cb3c46f0e62ed44193c649bb7dc2 (patch) | |
tree | a47da86b80f2efaf4397c98f765c26275ffc8862 | |
parent | e50eef0c1998524583c47a6cf28a89cb683cff78 (diff) |
Updated log of changes
-rw-r--r-- | CHANGELOG | 62 |
1 files changed, 61 insertions, 1 deletions
@@ -17,6 +17,67 @@ ================================================================================ + = Lynis 2.1.2 = + + This is an major release, which includes both new features and enhancements to existing tests. + + * Operating systems + Improved support for Debian 8 + Don't show boot loader exception when a subset of tests is performed + + * Screen output + Improved output for tests which before showed results as a warning, while actually are just suggestions + + * Virtual machines + Detection of virtual machines extended with vmtoolsd detection + + * Mount points + FILE-6374 is expanded to test for multiple common mount points and define best practice mount flags. + + * Docker + Properly detect Docker on CoreOS systems, where it before gave error as it found directory /usr/libexec/docker + + * UEFI and Secure Boot + Initial support to test UEFI settings, including Secure Boot option + Options boot_uefi_booted and boot_uefi_booted_secure added to report file + + * Authentication + Depending on the operating system, Lynis now tries to determine if failed logins are properly logged. This includes + checking for /etc/login.defs [AUTH-9408] + + report option: auth_failed_logins_logged + **** ^ NEEDS more tests ################################### + + * DNS and Name services + Support added for Unbound DNS caching tool [NAME-4034] + Configuration check for Unbound [NAME-4036] + Record if a name caching utility is being used like nscd or Unbound. Also logging to report as field name_cache_used + + * Firewalls + IPFW firewall on FreeBSD test improved + + * Individual tests + BOOT-5180 now only gets executed if runlevel 2 is found + AUTH-9328 show correct message when no umask is found in /etc/profile, including correct logging entries + AUTH-9204 now excludes NIS entries to avoid false positives + TIME-3104 Only shows suggestion now on FreeBSD if ntpdate is configured, yet ntpd isn't running + FILE-6410 Added /var/lib/locatedb as search path + + Don't wait when using pentest mode in quick mode + Data uploads: provide help when self-signed certificates are used + + + + 8888888888888888888888888 + implement base64 + 8888888888888888888888888 + + + * Plugins + --------- + [PLGN-2804] Limit report output of EXT file systems to 1 item per line + + -------------------------------------------------------------- = Lynis 2.1.1 (2015-07-22) = @@ -91,7 +152,6 @@ * Plugins --------- - [PLGN-2602] Disabled by default, as it may be too slow for some machines [PLGN-3002] Extended with /sbin/nologin |