Bug 2152658
| Summary: | Update RHEL8 DISA STIG profile to V1R9 | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Watson Yuuma Sato <wsato> | |
| Component: | scap-security-guide | Assignee: | Watson Yuuma Sato <wsato> | |
| Status: | CLOSED ERRATA | QA Contact: | Jiri Jaburek <jjaburek> | |
| Severity: | unspecified | Docs Contact: | Jan Fiala <jafiala> | |
| Priority: | unspecified | |||
| Version: | 8.7 | CC: | ggasparb, jafiala, jjaburek, matyc, mhaicman, mlysonek, wsato | |
| Target Milestone: | rc | Keywords: | Triaged, ZStream | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | scap-security-guide-0.1.66-1.el8 | Doc Type: | Enhancement | |
| Doc Text: |
.STIG security profile updated to version V1R9
The `DISA STIG for Red Hat Enterprise Linux 8` profile in the SCAP Security Guide has been updated to align with the latest version `V1R9`.
This release also includes changes published in `V1R8`.
Use only the current version of this profile because previous versions are no longer valid.
The following STIG IDs have been updated:
* V1R9
** RHEL-08-010359 - Selected rule `aide_build_database`
** RHEL-08-010510 - Removed rule `sshd_disable_compresssion`
** RHEL-08-020040 - New rule to configure tmux keybinding
** RHEL-08-020041 - New rule to configure starting `tmux` instead of `exec tmux`
* V1R8
** Multiple STIG IDs - The `sshd` and `sysctl` rules can identify and remove duplicate or conflicting configurations.
** RHEL-08-010200 - SSHD ClientAliveCountMax is configured with value `1`.
** RHEL-08-020352 - Check and remediations now ignore `.bash_history`.
** RHEL-08-040137 - Check updated to examine both `/etc/fapolicyd/fapolicyd.rules` and `/etc/fapolicyd/complied.rules`.
WARNING: Automatic remediation might make the system non-functional. Run the remediation in a test environment first.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 2168075 2168076 2168077 (view as bug list) | Environment: | ||
| Last Closed: | 2023-05-16 08:39:27 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2168075, 2168076, 2168077 | |||
|
Description
Watson Yuuma Sato
2022-12-12 15:59:27 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (scap-security-guide bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:2869 |