diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2019-08-21 15:08:25 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2019-08-21 15:08:25 +0300 |
commit | 7eba5df9b2017a57d17d9088cdffaad0ebb64593 (patch) | |
tree | e47e850ebe13b8ffc4bed61e3a81c9913e89c513 /CHANGELOG.md | |
parent | d3464d88b117b7fbb164c708b6a889a4391e132b (diff) |
Updated log
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index b7d984ff..f9bc4fa4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,15 +6,29 @@ This is a major release of Lynis and includes several big changes. Some of these changes may break your current usage of the tool, so test before deployment! -### Breaking changes -- Some commands or switches are deprecated or removed -- Format of all profile options converted (from key:value to key=value) -- Non-interactive by default (use --wait option to pause between groups of tests) +### Breaking change: Non-interactive by default +Lynis now runs non-interactive by default, to be more in line with the Unix +philosophy. So the previously used '--quick' option is now default, and the tool +will only wait when using the '--wait' option. + +### Breaking change: Deprecated options +- Option: -c +- Option: --check-update/--info +- Option: --dump-options +- Option: --license-key + +### Breaking change: Profile options +The format of all profile options are converted (from key:value to key=value). +You may have to update the changes you made in your custom.prf. ### Security An important focus area for this release is on security. We added several measures to further tighten any possible misuse. +## New: DevOps, Forensics, and pentesting mode +This release adds initial support to allow defining a specialized type of audit. +Using the relevant options, the scan will change base on the intended goal. + ### Added - Security: test PATH and warn or exit on discovery of dangerous location - Security: additional safeguard by testing if common system tools are available @@ -31,7 +45,7 @@ measures to further tighten any possible misuse. - New option: --usecwd - run from the current working directory - New profile option: disable-plugin - disables a single plugin - New profile option: ssl-certificate-paths-to-ignore - ignore a path -- New test: CRYP-7930 - disk or file system encryption testing +- New test: CRYP-7930 - test for LUKS encryption - New test: INSE-8314 - test for NIS client - New test: INSE-8316 - test for NIS server - New test: PROC-3802 - check presence of prelink tooling |