content

content copied to clipboard

[New Rule] Package kea removed

4

#### Description: * New Rule Package kea removed * Add `package_kea_removed` to RHEL 10 profiles * Exclusion in other profiles. #### Rationale: Kea is the DHCP server in RHEL 10...

Mab879

Add new version of conntrols file for SYS.1.6.A12 and SYS.1.6.A13- no…

4

…w based on master branch #### Description: - Purge Request for SYS.1.6.A12 and SYS.1.6.A13 #### Rationale: - Requested BSI Profile from our customers

lichtblaugue

#### Description of problem: Several places in the content reference `/usr/share/audit/sample-rules`: ``` linux_os/guide/auditing/policy_rules/audit_immutable_login_uids/rule.yml linux_os/guide/auditing/policy_rules/audit_ospp_general/rule.yml linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/kubernetes/shared.yml linux_os/guide/auditing/policy_rules/audit_ospp_general_aarch64/rule.yml linux_os/guide/auditing/policy_rules/audit_ospp_general_ppc64le/rule.yml ``` This path changed on RHEL-10 (`audit-4.0-*`) to `/usr/share/audit-rules`, provided by the (installed-by-default)...

comps

RHEL10 ISM O - Rules missing `ism` reference

2

#### Description of problem: A lot of ISM O rules doesn't have `ism` reference. The list of affected rules: - audit_rules_login_events_tallylog - sshd_disable_x11_forwarding - service_fapolicyd_enabled - service_telnet_disabled - sshd_set_loglevel_info -...

mildas

Add new version of conntrols file for SYS.1.6.A14

4

#### Description: - Purge Request for SYS.1.6.A14 #### Rationale: - Requested BSI Profile from our customers

lichtblaugue

RHEL8 OSPP - Rules missing `ospp` reference

1

#### Description of problem: During testing of missing references of rules, a huge list of ospp rules without `ospp` reference has been reported. List of ospp rules without reference: -...

mildas

#### Description of problem: A lot of ISM O rules doesn't have `ism` reference. The list of affected rules: - rpm_verify_hashes - dir_perms_world_writable_sticky_bits - sysctl_kernel_kptr_restrict - service_telnet_disabled - network_sniffer_disabled -...

mildas

#### Description of problem: During testing of missing references of rules, a big list of ospp rules without `ospp` reference has been reported. List of ospp rules without reference: -...

mildas

#### Description of problem: When testing for missing references, a huge list of ISM O rules without `ism` reference has been reported: - audit_rules_execution_seunshare - package_firewalld_installed - auditd_name_format - sudo_remove_nopasswd...

mildas

Ensure consistency among SSH related rules

2

#### Description of problem: The template `sshd_lineinfile` is intended to be used by SSH related rules that care about configuration parameters. The template is robust and had some recent improvements:...

marcusburghardt