Hello community, here is the log from the commit of package lynis for openSUSE:Factory checked in at 2016-05-16 12:03:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lynis (Old) and /work/SRC/openSUSE:Factory/.lynis.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lynis" Changes: -------- --- /work/SRC/openSUSE:Factory/lynis/lynis.changes 2015-08-14 14:46:41.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2016-05-16 12:03:57.000000000 +0200 @@ -1,0 +2,37 @@ +Thu May 12 08:32:25 UTC 2016 - astie...@suse.com + +- lynis 2.2.0: + * new features and tests, small enhancements + * optimisation, better detection + * dealing with OS quirks and unexcepted results + * adjustments for supporting more compliance in-depth + * Detection for CFEngine has been improved + * now tries to determine if failed logins are properly logged + * New plugin is introduced to analyze PAM settings + * Initial support to test UEFI settings, including Secure Boot option. + * Support added for Unbound DNS caching tool, configuration check + * Record if a name caching utility is being used like nscd or Unbound. + * Tests chains of iptables and their default policy (ACCEPT or DROP) + * Support upcoming nftables technology (status check) + * Test added to include osqueryd as a supported tool. + * Detection of firewire is enhanced (both ohci and core detected). + * Extended the test syslog-ng logging to remote systems. + * ESET and LMD (Linux Malware Detect) have been added. + * Discovered malware scanners are also logged to the report. + * Eexpanded test for multiple common mount points and define best + practice mount flags. + * Best practices for IPv6 configuration on Linux are now collected. + * Collect network interface names from most operating systems. + * Password change test has been extended to both capture minimum and password age. + * Add Proxu support + * SystemV init is now detected. + * Now information will be logged when vulnerable software packages were found. + * Support for DNF (Dandified YUM) for Fedora systems has been added. + * Multiple configuration tests of SSH merged. + * Extend detection of virtual machines (VMware tools) + * Machine state detection with Puppet, Facter, dmidecode, and lscpu + * When using pentest mode, it will continue without any delays (=quick mode). + * Improvements for automatic execution of Lynis + * Upload improvements + +------------------------------------------------------------------- Old: ---- lynis-2.1.1.tar.gz lynis-2.1.1.tar.gz.asc New: ---- lynis-2.2.0.tar.gz lynis-2.2.0.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lynis.spec ++++++ --- /var/tmp/diff_new_pack.CjZcGi/_old 2016-05-16 12:03:58.000000000 +0200 +++ /var/tmp/diff_new_pack.CjZcGi/_new 2016-05-16 12:03:58.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package lynis # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2009-2013 Sascha Manns <saigk...@opensuse.org> # # All modifications and additions to the file contributed by third parties @@ -24,7 +24,7 @@ %define _dbdir %{_datadir}/lynis/db %define _bindir %{_prefix}/bin Name: lynis -Version: 2.1.1 +Version: 2.2.0 Release: 0 Summary: Security and System auditing tool License: GPL-3.0 ++++++ lynis-2.1.1.tar.gz -> lynis-2.2.0.tar.gz ++++++ ++++ 16719 lines of diff (skipped) ++++++ lynis_1.3.1_include_consts.diff ++++++ --- /var/tmp/diff_new_pack.CjZcGi/_old 2016-05-16 12:03:58.000000000 +0200 +++ /var/tmp/diff_new_pack.CjZcGi/_new 2016-05-16 12:03:58.000000000 +0200 @@ -1,9 +1,9 @@ Index: include/consts =================================================================== ---- include/consts.orig -+++ include/consts -@@ -54,6 +54,7 @@ unset LANG - CUSTOM_URL_PREPEND="" +--- include/consts.orig 2016-03-13 16:03:09.000000000 +0100 ++++ include/consts 2016-05-12 10:30:55.994465439 +0200 +@@ -76,6 +76,7 @@ unset LANG + DISCOVERED_BINARIES="" DOCKER_DAEMON_RUNNING=0 FILEVALUE="" + FILE_NUM_TOTAL=0 ++++++ lynis_1.3.5_lynis.diff ++++++ --- /var/tmp/diff_new_pack.CjZcGi/_old 2016-05-16 12:03:58.000000000 +0200 +++ /var/tmp/diff_new_pack.CjZcGi/_new 2016-05-16 12:03:58.000000000 +0200 @@ -1,8 +1,8 @@ Index: lynis =================================================================== ---- lynis.orig -+++ lynis -@@ -720,7 +720,14 @@ +--- lynis.orig 2016-05-12 10:33:38.579963391 +0200 ++++ lynis 2016-05-12 10:33:40.575981777 +0200 +@@ -797,7 +797,14 @@ mail_messaging firewalls webservers ssh snmp databases ldap php squid logging \ insecure_services banners scheduling accounting time crypto virtualization containers \ mac_frameworks file_integrity tooling malware file_permissions homedirs \ ++++++ lynis_1.3.6_include-osdetection.diff ++++++ --- /var/tmp/diff_new_pack.CjZcGi/_old 2016-05-16 12:03:58.000000000 +0200 +++ /var/tmp/diff_new_pack.CjZcGi/_new 2016-05-16 12:03:58.000000000 +0200 @@ -1,8 +1,8 @@ Index: include/osdetection =================================================================== ---- include/osdetection.orig -+++ include/osdetection -@@ -301,7 +301,7 @@ +--- include/osdetection.orig 2016-05-12 10:33:38.495962617 +0200 ++++ include/osdetection 2016-05-12 10:33:48.828057790 +0200 +@@ -316,7 +316,7 @@ OS_NAME="${LINUX_VERSION}" fi # If Linux version (full name) is unknown, use uname value