Hello community,
here is the log from the commit of package lynis for openSUSE:Factory checked
in at 2016-05-16 12:03:56
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lynis (Old)
and /work/SRC/openSUSE:Factory/.lynis.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lynis"
Changes:
--------
--- /work/SRC/openSUSE:Factory/lynis/lynis.changes 2015-08-14
14:46:41.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2016-05-16
12:03:57.000000000 +0200
@@ -1,0 +2,37 @@
+Thu May 12 08:32:25 UTC 2016 - astie...@suse.com
+
+- lynis 2.2.0:
+ * new features and tests, small enhancements
+ * optimisation, better detection
+ * dealing with OS quirks and unexcepted results
+ * adjustments for supporting more compliance in-depth
+ * Detection for CFEngine has been improved
+ * now tries to determine if failed logins are properly logged
+ * New plugin is introduced to analyze PAM settings
+ * Initial support to test UEFI settings, including Secure Boot option.
+ * Support added for Unbound DNS caching tool, configuration check
+ * Record if a name caching utility is being used like nscd or Unbound.
+ * Tests chains of iptables and their default policy (ACCEPT or DROP)
+ * Support upcoming nftables technology (status check)
+ * Test added to include osqueryd as a supported tool.
+ * Detection of firewire is enhanced (both ohci and core detected).
+ * Extended the test syslog-ng logging to remote systems.
+ * ESET and LMD (Linux Malware Detect) have been added.
+ * Discovered malware scanners are also logged to the report.
+ * Eexpanded test for multiple common mount points and define best
+ practice mount flags.
+ * Best practices for IPv6 configuration on Linux are now collected.
+ * Collect network interface names from most operating systems.
+ * Password change test has been extended to both capture minimum and
password age.
+ * Add Proxu support
+ * SystemV init is now detected.
+ * Now information will be logged when vulnerable software packages were
found.
+ * Support for DNF (Dandified YUM) for Fedora systems has been added.
+ * Multiple configuration tests of SSH merged.
+ * Extend detection of virtual machines (VMware tools)
+ * Machine state detection with Puppet, Facter, dmidecode, and lscpu
+ * When using pentest mode, it will continue without any delays (=quick mode).
+ * Improvements for automatic execution of Lynis
+ * Upload improvements
+
+-------------------------------------------------------------------
Old:
----
lynis-2.1.1.tar.gz
lynis-2.1.1.tar.gz.asc
New:
----
lynis-2.2.0.tar.gz
lynis-2.2.0.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lynis.spec ++++++
--- /var/tmp/diff_new_pack.CjZcGi/_old 2016-05-16 12:03:58.000000000 +0200
+++ /var/tmp/diff_new_pack.CjZcGi/_new 2016-05-16 12:03:58.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package lynis
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2009-2013 Sascha Manns <saigk...@opensuse.org>
#
# All modifications and additions to the file contributed by third parties
@@ -24,7 +24,7 @@
%define _dbdir %{_datadir}/lynis/db
%define _bindir %{_prefix}/bin
Name: lynis
-Version: 2.1.1
+Version: 2.2.0
Release: 0
Summary: Security and System auditing tool
License: GPL-3.0
++++++ lynis-2.1.1.tar.gz -> lynis-2.2.0.tar.gz ++++++
++++ 16719 lines of diff (skipped)
++++++ lynis_1.3.1_include_consts.diff ++++++
--- /var/tmp/diff_new_pack.CjZcGi/_old 2016-05-16 12:03:58.000000000 +0200
+++ /var/tmp/diff_new_pack.CjZcGi/_new 2016-05-16 12:03:58.000000000 +0200
@@ -1,9 +1,9 @@
Index: include/consts
===================================================================
---- include/consts.orig
-+++ include/consts
-@@ -54,6 +54,7 @@ unset LANG
- CUSTOM_URL_PREPEND=""
+--- include/consts.orig 2016-03-13 16:03:09.000000000 +0100
++++ include/consts 2016-05-12 10:30:55.994465439 +0200
+@@ -76,6 +76,7 @@ unset LANG
+ DISCOVERED_BINARIES=""
DOCKER_DAEMON_RUNNING=0
FILEVALUE=""
+ FILE_NUM_TOTAL=0
++++++ lynis_1.3.5_lynis.diff ++++++
--- /var/tmp/diff_new_pack.CjZcGi/_old 2016-05-16 12:03:58.000000000 +0200
+++ /var/tmp/diff_new_pack.CjZcGi/_new 2016-05-16 12:03:58.000000000 +0200
@@ -1,8 +1,8 @@
Index: lynis
===================================================================
---- lynis.orig
-+++ lynis
-@@ -720,7 +720,14 @@
+--- lynis.orig 2016-05-12 10:33:38.579963391 +0200
++++ lynis 2016-05-12 10:33:40.575981777 +0200
+@@ -797,7 +797,14 @@
mail_messaging firewalls webservers ssh snmp
databases ldap php squid logging \
insecure_services banners scheduling accounting
time crypto virtualization containers \
mac_frameworks file_integrity tooling malware
file_permissions homedirs \
++++++ lynis_1.3.6_include-osdetection.diff ++++++
--- /var/tmp/diff_new_pack.CjZcGi/_old 2016-05-16 12:03:58.000000000 +0200
+++ /var/tmp/diff_new_pack.CjZcGi/_new 2016-05-16 12:03:58.000000000 +0200
@@ -1,8 +1,8 @@
Index: include/osdetection
===================================================================
---- include/osdetection.orig
-+++ include/osdetection
-@@ -301,7 +301,7 @@
+--- include/osdetection.orig 2016-05-12 10:33:38.495962617 +0200
++++ include/osdetection 2016-05-12 10:33:48.828057790 +0200
+@@ -316,7 +316,7 @@
OS_NAME="${LINUX_VERSION}"
fi
# If Linux version (full name) is unknown, use uname value
