Hello community, here is the log from the commit of package lynis for openSUSE:Factory checked in at 2017-04-11 09:41:39 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lynis (Old) and /work/SRC/openSUSE:Factory/.lynis.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lynis" Tue Apr 11 09:41:39 2017 rev:25 rq:485081 version:2.4.8 Changes: -------- --- /work/SRC/openSUSE:Factory/lynis/lynis.changes 2016-11-05 21:28:00.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2017-04-11 09:41:41.454511321 +0200 @@ -1,0 +2,70 @@ +Tue Apr 4 09:35:48 UTC 2017 - [email protected] + +- Lynis 2.4.8 (Changelog from 2.4.1) + * More PHP paths added + * Minor changes to text + * Show atomic test in report + * Added FileInstalledByPackage function (dpkg and rpm supported) + * Mark Arch Linux version as rolling release (instead of unknown) + * Support for Manjaro Linux + * Escape files when testing if they are readable + * Code cleanups + * Allow host alias to be specified in profile + * Code readability enhancements + * Solaris support has been improved + * Fix for upload function to be used from profile + * Reduce screen output for mail section, unless --verbose is used + * Code cleanups and removed 'update release' command + * Colored output can now be tuned with profile (colors=yes/no) + * Allow data upload to be set as a profile option + * Properly detect SSH daemon version + * Generic code improvements + * Improved the update check and display + * Finish, Portuguese, and Turkish translation + * Extended support and tests for DragonFlyBSD + * Option to configure hostid and hostid2 in profile + * Support for Trend Micro and Cylance (macOS) + * Remove comments at end of nginx configuration + * Used machine ID to create host ID when no SSH keys are available + * Added detection of iptables-save to binaries + +Tests: + BANN-7126 - Added more words to test for + CUPS-2308 - Improve logging for CUPS configuration test, removed exception handler + HTTP-6641 - Support detection for Apache module mod_reqtimeout + PKGS-7388 - Minor change to detect security repositories + CRYP-7902 - Test more certificates names, but only if they are not part of a package + FILE-7524 - Reduce standard screen output for file permissions check + MALW-3280 - Added Avira detection as a malware scanner + NAME-4018 - Only perform name services test when resolv.conf file exists + PKGS-7387 - Check all repositories if they use GPG signing + SCHD-7704 - Permission checks + TIME-3104 - Check permissions before open files + AUTH-9328 - Add missing 0027 and 0077 umasks + BOOT-5104 - Add initsplash and minor code enhancements + DBS-1882 - Include Redis configuration file + FIRE-4502 - Improved detection for iptables modules when using OpenVZ + PKGS-7381 - Enhanced package audit for FreeBSD + AUTH-9308 - Improved test for sulogin string (Debian systems) + FILE-6372 - Properly deal with comment on lines in /etc/fstab + MAIL-8817 - New test to check Postfix configuration for errors + SSH-7408 - Corrected SSH check + AUTH-9308 - Improved test for sulogin string + MAIL-8818 - Test if Linux version is known before comparing in Postfix banner + TIME-3116 - Skip stratum 16 items for time pools + TIME-3148 - New test to detect TZ variable + AUTH-9208 - Removed double logging + AUTH-9222 - Improve logging for double groups + AUTH-9226 - Improve logging for double groups + BOOT-5177 - Sort systemctl unit files to make them unique + DBS-1818 - New test to detect MongoDB + DBS-1820 - New test for MongoDB authentication + FIRE-4512 - Lowered minimum number of iptables firewall rules + FIRE-4586 - Fix applied when searching for "-j LOG" + HRDN-7222 - Changed reporting key of world executable compilers + SSH-7408 - Added filtering for PermitRootLogin (prohibit-password, OpenSSH 7.0) + FIRE-4586 - Check logging for firewall components + KRNL-5788 - Remove exception and style improvements + KRNL-5830 - Improved logging + +------------------------------------------------------------------- Old: ---- lynis-2.4.0.tar.gz lynis-2.4.0.tar.gz.asc New: ---- lynis-2.4.8.tar.gz lynis-2.4.8.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lynis.spec ++++++ --- /var/tmp/diff_new_pack.dSrO0j/_old 2017-04-11 09:41:42.714333354 +0200 +++ /var/tmp/diff_new_pack.dSrO0j/_new 2017-04-11 09:41:42.718332789 +0200 @@ -1,7 +1,7 @@ # # spec file for package lynis # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2009-2013 Sascha Manns <[email protected]> # # All modifications and additions to the file contributed by third parties @@ -24,7 +24,7 @@ %define _dbdir %{_datadir}/lynis/db %define _bindir %{_prefix}/bin Name: lynis -Version: 2.4.0 +Version: 2.4.8 Release: 0 Summary: Security and System auditing tool License: GPL-3.0 @@ -133,7 +133,7 @@ %dir %{_datadir}/%{name}/include %attr(640,root,root) %{_datadir}/%{name}/include/* %dir %{_datadir}/%{name}/plugins -%doc CHANGELOG.md CONTRIBUTORS FAQ LICENSE README +%doc CHANGELOG.md CONTRIBUTORS.md FAQ LICENSE README %{_mandir}/man8/%{name}.8.* %{_datadir}/%{name}/prepare_for_suse.sh ++++++ lynis-2.4.0.tar.gz -> lynis-2.4.8.tar.gz ++++++ ++++ 8253 lines of diff (skipped) ++++++ lynis_1.3.1_include_consts.diff ++++++ --- /var/tmp/diff_new_pack.dSrO0j/_old 2017-04-11 09:41:42.994293806 +0200 +++ /var/tmp/diff_new_pack.dSrO0j/_new 2017-04-11 09:41:42.994293806 +0200 @@ -1,8 +1,8 @@ Index: include/consts =================================================================== ---- include/consts.orig -+++ include/consts -@@ -97,6 +97,7 @@ unset LANG +--- include/consts.orig 2017-03-29 02:00:00.000000000 +0200 ++++ include/consts 2017-04-04 12:10:01.819656810 +0200 +@@ -99,6 +99,7 @@ unset LANG ERROR_ON_WARNINGS=0 FILEBINARY="" FILEVALUE="" ++++++ lynis_1.3.5_lynis.diff ++++++ --- /var/tmp/diff_new_pack.dSrO0j/_old 2017-04-11 09:41:43.006292111 +0200 +++ /var/tmp/diff_new_pack.dSrO0j/_new 2017-04-11 09:41:43.006292111 +0200 @@ -1,8 +1,8 @@ Index: lynis =================================================================== ---- lynis.orig -+++ lynis -@@ -906,7 +906,14 @@ ${NORMAL} +--- lynis.orig 2017-03-29 02:00:00.000000000 +0200 ++++ lynis 2017-04-04 12:09:55.043600381 +0200 +@@ -919,7 +919,14 @@ ${NORMAL} mail_messaging firewalls webservers ssh snmp databases ldap php squid logging \ insecure_services banners scheduling accounting time crypto virtualization containers \ mac_frameworks file_integrity tooling malware file_permissions homedirs \ ++++++ lynis_1.3.6_include-osdetection.diff ++++++ --- /var/tmp/diff_new_pack.dSrO0j/_old 2017-04-11 09:41:43.018290416 +0200 +++ /var/tmp/diff_new_pack.dSrO0j/_new 2017-04-11 09:41:43.018290416 +0200 @@ -1,8 +1,8 @@ Index: include/osdetection =================================================================== ---- include/osdetection.orig -+++ include/osdetection -@@ -353,7 +353,7 @@ +--- include/osdetection.orig 2017-03-29 02:00:00.000000000 +0200 ++++ include/osdetection 2017-04-04 12:10:06.183693153 +0200 +@@ -365,7 +365,7 @@ OS_NAME="${LINUX_VERSION}" fi # If Linux version (full name) is unknown, use uname value
