Releases: dev-sec/chef-os-hardening
Releases · dev-sec/chef-os-hardening
v4.2.0
Changelog
v4.2.0 (2023-12-22)
Closed issues:
- Dependency Dashboard #305
- Support for RHEL 8 / Rocky Linux 8 #279
- Linux Baseline tests are failing for os-13 #272
- chef exec rake lint fails, foodcritic deprecated #265
Merged pull requests:
- Update actions/upload-artifact action to v4 #312 (renovate[bot])
- Update actions/download-artifact action to v4 #311 (renovate[bot])
- Allow more changes to AuditD #310 (tdekoning93)
- CI: run for all PRs #309 (artem-sidorenko)
- Deprecation of Ubuntu 18.04 #308 (artem-sidorenko)
- CI: Update actions/checkout action to v4 #304 (renovate[bot])
- Removal of Gemfile and Rakefile #303 (artem-sidorenko)
- Testing on Oraclelinux 8 and 9 #302 (artem-sidorenko)
- Testing on Almalinux and Rockylinux 8/9 #301 (artem-sidorenko)
- Testing on the CentOS Stream 8 and 9 #300 (artem-sidorenko)
- Run tests on the current fedora 37 and 38 #299 (artem-sidorenko)
- Testing on debian 10 and 11 #298 (artem-sidorenko)
- Testing on ubuntu 18.04 and 20.04 #297 (artem-sidorenko)
* This Changelog was automatically generated by github_changelog_generator
v4.1.2
Changelog
v4.1.2 (2023-06-06)
Merged pull requests:
- CI: run the test workflow also on the release branches #295 (artem-sidorenko)
* This Changelog was automatically generated by github_changelog_generator
v4.1.1
Changelog
v4.1.1 (2023-06-06)
Merged pull requests:
- Removing coveralls #293 (artem-sidorenko)
- CI: fix - we need three guard jobs #292 (artem-sidorenko)
* This Changelog was automatically generated by github_changelog_generator
v4.1.0
Changelog
v4.1.0 (2023-06-06)
Closed issues:
- Amazon Linux 2 Auditd fails to restart #270
- pwquality.conf defaults or suggested config #267
- Configuration conflict when using both chef-ssh-hardening and chef-os-hardening #264
- Chef warning when /bin/su is a symlink #262
- os-hardening::profile recipe creating pinerolo_profile.sh file with .old extension on each chef-client run #255
Merged pull requests:
- CI : release workflow with upload to supermarket #290 (artem-sidorenko)
- CI: supermarket upload workflow #289 (artem-sidorenko)
- CI: disable debian-9 dokken tests for now #288 (artem-sidorenko)
- CI: add spellchecking with codespell #287 (schurzi)
- CI: another catch-all job for runs on the main code #286 (artem-sidorenko)
- CI: tests on the real DO VMs #285 (artem-sidorenko)
- CI : Kitchen - vagrant and dokken tests #284 (artem-sidorenko)
- CI: Configure Renovate #283 (renovate[bot])
- CI: run dokken jobs #282 (artem-sidorenko)
- CI: run cookstyle #281 (artem-sidorenko)
- CI: setup cinc WS in the GH actions #280 (artem-sidorenko)
- Hardening of crontabs and directories #273 (mfortin)
- Amazon Linux 2 AuditD issue #271 (mfortin)
- expose pam_unix.so options to an attribute #268 (bcg62)
- Fix warning on managing /bin/su symlink #263 (sean-nixon)
- Initial (sans Arch) auditd management support. #260 (b-dean)
- CI: testing of Centos 8 #259 (artem-sidorenko)
- CI: testing of Debian 10 #258 (artem-sidorenko)
- Fix CI: run testing on Chef 14 and 15 #256 (artem-sidorenko)
* This Changelog was automatically generated by github_changelog_generator
v4.0.0: Release 4.0.0
v4.0.0 (2019-04-10)
Closed issues:
- Deprecated feature sysctl_param used #230
Merged pull requests:
- Update of metadata with supported distros #252 (artem-sidorenko)
- Removal of config disclaimer attribute #249 (artem-sidorenko)
- Docs: update of supported distros #247 (artem-sidorenko)
- Removal of fedora 27 as its EOL #246 (artem-sidorenko)
- Removal of Ubuntu 14.04 support #245 (artem-sidorenko)
- Removal of Debian 8 as its EOL #244 (artem-sidorenko)
- CI: improvements with handling of different chef versions #243 (artem-sidorenko)
- Updates of metadata and readme #242 (artem-sidorenko)
- Eliminating spacing for alligment #241 (artem-sidorenko)
- Update of rubocop to 0.65 #240 (artem-sidorenko)
- CI: Run unit tests on chef 14, update of some gems, small cleanup #239 (artem-sidorenko)
- Remove sysctl cookbook dependency and use new native sysctl resource #228 (josqu4red)
v3.2.1: Release 3.2.1
v3.2.1 (2019-03-07)
Fixed bugs:
- execute[update-pam] resource fails on Ubuntu 14.04 on Azure #237
- exec-shield incompatible with Oracle Linux UEK #234
Merged pull requests:
- Use full path for executing pam-auth-update #238 (sean-nixon)
- Do not apply exec-shield if running Oracle Linux with UEK - addresses #234 #235 (eyespies)
v3.2.0
v3.2.0 (2019-01-16)
Closed issues:
- Missing cookbook Chai #232
- Bug: unable to use override to disable module #208
- PAM config prevents launching of GDM on Fedora 27 #206
- Migration to the new major sysctl cookbook version #198
Merged pull requests:
- Update the CI settings - this fixes it again #231 (artem-sidorenko)
- Update issue templates #229 (rndmh3ro)
- Fix CI: pin cucumber 3 #227 (artem-sidorenko)
- Make the daemon umask configurable #226 (jaksi)
- Ubuntu 18.04 is supported #223 (frederikbosch)
- Fix Fedora EOL #221 (artem-sidorenko)
- Fix fedora EOL in the CI #220 (artem-sidorenko)
- Fixing debian-9 CI tests #219 (artem-sidorenko)
- Fedora 26 is EOL, replacing with 28 #218 (artem-sidorenko)
- added ability to use template cookbook for login.defs #217 (ekelson-bcove)
- allow setting uid/gid max by attribute #215 (mattlqx)
- Update kitchen config for more platforms #213 (tas50)
- Add pam_systemd.so to system-auth-ac #207 (avanier)
v3.1.0
v3.1.0 (2018-05-16)
Fixed bugs:
- fix metadata #204 (chris-rock)
Closed issues:
- earlier version #205
- Make auditd recipe optional #200
- Dependency on pinned, old version of sysctl #192
- compat_resource deprecated #186
- Usage of azure as cloud provider for CI #183
Merged pull requests:
- Test with Foodcritic 13 #212 (tas50)
- Test on Ruby 2.4.4 #211 (tas50)
- use sysctl 1.0 #210 (dhohengassner)
- added mail_dir attribute and moved component attributes to attributes… #209 (ekelson-bcove)
- improve testing around amazon linux #202 (chris-rock)
- Container support and dokken tests in travis CI #199 (artem-sidorenko)
- Lazy pin the sysctl major version #197 (artem-sidorenko)
- Feature/allow setting template source #196 (eyespies)
- Unpin sysctl dependency #195 (artem-sidorenko)
- add basic support for amazon linux #194 (chris-rock)
- Fix fedora shadow permissions #190 (artem-sidorenko)
- Fedora 25 is EOL, replacing with 27 #189 (artem-sidorenko)
- Remove dependency on compat_resource #188 (bablakely)
v3.0.0
v3.0.0 (2017-12-21)
Closed issues:
- os-10 from linux-baseline is missing #167
- Removal of core dump hardening configuration if core dumps are allowed #165
- Integration testing of this cookbook in the CI #142
- Selinux enforcing support for RHEL/Centos? #106
- If I "enable" core dumps with chef-os-hardening, am I really fully enabling core dumps? #105
Merged pull requests:
- Skip auditd tests #181 (artem-sidorenko)
- Make fedora tests pass #179 (shoekstra)
- Control ownership of /var/log #178 (shoekstra)
- RH family: adapt some settings, as RH has better defaults #177 (artem-sidorenko)
- Fix for fedora: lets use generic package resource #176 (artem-sidorenko)
- Kitchen: Using the same names for platforms for different drivers #175 (artem-sidorenko)
- Enable core dumps if they are enabled via attribute #174 (artem-sidorenko)
- Selinux enforcing support for RHEL/Centos #173 (AnMoeller)
- Kitchen: Update of testing boxes/images #172 (artem-sidorenko)
- Lets disable unused filesystems per default #169 (artem-sidorenko)
v2.1.1
v2.1.1 (2017-08-21)
Closed issues:
- Cookbook fails on CentOS Linux release 7.2.1511 - kernel.exec-shield #166
Merged pull requests:
- Fix: do not touch exec-shield on RHEL 7 #168 (artem-sidorenko)