This came in yesterday under our Maintenance agreement. You need a maintenance code to download the RPM.
Title: Optional package to convert to EAL3+ certified system http://sdb.suse.de/en/psdb/html/5e43d0905ffbbf40e12ee5695e44c495.html _______________________________________________________ Applies to Product(s): SuSE Linux Enterprise Server 8 for x86 SLES 8 for IBM iSeries and IBM pSeries SuSE Linux Enterprise Server 8 for IBM S/390 and IBM zSeries SuSE Linux Enterprise Server 8 for AMD64 Package: certification-sles-eal3 Release: 20040121 Obsoletes: none Indications This package is required for the transition of a SLES8 with Service Pack 3 installation into the certified configuration (EAL3+). Contraindications None. Description This package (certification-sles-eal3) provides documentation, a script and a set of RPM packages for the EAL3+ security certification of SLES8 with Service Pack 3 (SP3). The included script can be used along the guidelines in the security guide to transfer the fresh installation of the SuSE Linux Enterprise Server 8 (SLES8), with Service Pack 3 installed, to the certified configuration. As a starting point, please refer to README-eal3.txt that is included in the package as /usr/share/doc/packages/certification-sles-eal3/README-eal3.txt Contrary to the certification-sles-eal2 package for the successful certification of the SUSE Linux Enterprise Server 8 under the Common Criteria EAL2, this package contains components that are required at runtime in the system. After the script (as described in the README file above, or in the "SLES-security-guide" manpage) in /usr/lib/eal3/bin has been run and completed successfully, the package may be removed again, since the active components have been copied to the appropriate locations afterwards. For more information about the Common Criteria Certification of the SUSE Linux Enterprise Server 8 (with Service Pack 3), please visit.... > -----Original Message----- > From: Linux on 390 Port [mailto:[EMAIL PROTECTED] Behalf Of > Ferguson, Neale > Sent: Tuesday, January 27, 2004 3:04 PM > To: [EMAIL PROTECTED] > Subject: [LINUX-390] SuSE Linux achieves CAPP/EAL3+ on eServers > > > IBM and Novell's SUSE LINUX business unit have announced the > achievement of > new levels of security and operations certification for SUSE that will > further enable the adoption of Linux by governments, as well as the > Department of Defense for critical command-and-control > operations. SUSE > LINUX Enterprise Server 8 with Service Pack 3 on IBM eServers > has achieved > Controlled Access Protection Profile compliance under The > Common Criteria > for Information Security Evaluation (CC), commonly referred to as > CAPP/EAL3+. > > The new CAPP/EAL3+ achievement crosses the IBM eServer product line > --iSeries, xSeries, pSeries and zSeries systems, as well as > Opteron-based > systems. CAPP/EAL3+ certification of Linux expands both the functional > capabilities and confidence in Linux security beyond that met > with the EAL2+ > last year, when EAL2+ certification was gained for IBM's > eServer xSeries. > IBM and SUSE LINUX also announced Common Operating Environment (COE) > compliance on IBM xSeries and zSeries platforms with SUSE > LINUX Enterprise > Server 8, with support for pSeries and iSeries available in > the first half > of 2004. This achievement means that SUSE LINUX is the first Linux > distributor to offer both Common Criteria and COE compliance > in the same > package. > > "A little over six months ago, Linux had no security or > interoperability > certifications. We--with SUSE obviously at the lead, but with IBM > support-have gone from no certification to EAL2 to now EAL3+ with the > interoperability certification known as COE in just a little > over six months > and we're on our way to higher levels of certification. > There's very clearly > a strong trend that we believe should address the Linux > critics who felt > that Linux could never achieve the certifications that it has," said > Westpfahl. For more information about IBM's current > certifications, visit > http://www-3.ibm.com/security/standards/st_evaluations.shtml. >
