Update Ubuntu 22.04 profiles to comply with CIS Benchmark 2.0.0

[uesandiIk]

Share the context

CIS released the benchmark version 2.0.0 for Ubuntu 22.04 on March 2024, leaving the existing profiles in this project outdated.

Description of problem:

Currently the profiles for Ubuntu 22.04 follow the CIS Benchmark v1.0.0, however, the v2.0.0 has been out since March 2024. Thus, the current profiles for Ubuntu 22.04 do not ensure compliance with the latest CIS Benchmarks.

Proposed change:

Updating the profiles for Ubuntu 22.04 in the project to make them usable with the latest benchmark version.

References:

1. https://www.cisecurity.org/benchmark/ubuntu_linux
2. https://static.open-scap.org/ssg-guides/ssg-ubuntu2204-guide-index.html

[dodys]

any contributions for it are welcome right now we have no ETA on updating any of Ubuntu CIS benchmarks

[mpurg]

Currently we are prioritizing the Ubuntu 24.04 v1.0.0 benchmark, but will update the 22.04 benchmark right after. Since the 22.04 v2.0.0 is fairly similar to 24.04 v1.0.0, it shouldn't take too long once the 24.04 is released.

[uesandiIk]

Awesome, thank you for letting me know! Will be looking forward to it!

[vit-corp]

@dodys @Mab879 Hello,

Do you have any updates on this one?

Thank you!

[dodys]

@vit-corp hi! this was a bit pushed away because of DISA STIG for 24.04, that was finished a couple of weeks ago. So the team will be getting back to this one soon. Our hope is to have this done still before end of October 2025.