commit lynis for openSUSE:Factory

2020-10-07 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2020-10-07 14:18:03

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new.4249 (New)


Package is "lynis"

Wed Oct  7 14:18:03 2020 rev:39 rq:839830 version:3.0.1

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2020-06-19 
17:26:24.144420149 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new.4249/lynis.changes2020-10-07 
14:18:11.781471844 +0200
@@ -1,0 +2,36 @@
+Mon Oct  5 13:50:24 UTC 2020 - Robert Frohl 
+
+- Update to 3.0.1
+  * Added
+-  Detection of Alpine Linux
+-  Detection of CloudLinux
+-  Detection of Kali Linux
+-  Detection of Linux Mint
+-  Detection of macOS Big Sur (11.0)
+-  Detection of Pop!_OS
+-  Detection of PHP 7.4
+-  Malware detection tool: Microsoft Defender ATP
+-  New flag: --slow-warning to allow tests more time before showing a 
warning
+-  Test TIME-3185 to check systemd-timesyncd synchronized time
+-  rsh host file permissions
+  * Changed
+- Added option for LOCKED accounts and bugfix for older bash versions
+- Presence check for grub.d added
+- Added support for certificates in DER format
+- Added data to report
+- Redirect errors (e.g. when swap is not encrypted)
+- Don't grep nonexistant modprobe.d files
+- Set initial firewall state
+- Corrected text on screen
+- Handle zipped kernel configuration correctly
+- Improved version detection for non-symlinked kernel
+- Extended detection of BitDefender
+- Find more time synchronization commands
+- Corrected detection of time peers
+- Fix: hostid generation routine would sometimes show too short IDs
+- Fix: language detection
+- Generic improvements for macOS
+- German translation updated
+- End-of-life database updated
+
+---

Old:

  lynis-3.0.0.tar.gz
  lynis-3.0.0.tar.gz.asc

New:

  lynis-3.0.1.tar.gz
  lynis-3.0.1.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.uSa3kl/_old  2020-10-07 14:18:12.941472766 +0200
+++ /var/tmp/diff_new_pack.uSa3kl/_new  2020-10-07 14:18:12.945472769 +0200
@@ -23,7 +23,7 @@
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
 Name:   lynis
-Version:3.0.0
+Version:3.0.1
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0-only

++ lynis-3.0.0.tar.gz -> lynis-3.0.1.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md
--- old/lynis/CHANGELOG.md  2020-06-18 02:00:00.0 +0200
+++ new/lynis/CHANGELOG.md  2020-10-05 02:00:00.0 +0200
@@ -1,5 +1,43 @@
 # Lynis Changelog
 
+## Lynis 3.0.1 (2020-10-05)
+
+### Added
+- Detection of Alpine Linux
+- Detection of CloudLinux
+- Detection of Kali Linux
+- Detection of Linux Mint
+- Detection of macOS Big Sur (11.0)
+- Detection of Pop!_OS
+- Detection of PHP 7.4
+- Malware detection tool: Microsoft Defender ATP
+- New flag: --slow-warning to allow tests more time before showing a warning
+- Test TIME-3185 to check systemd-timesyncd synchronized time
+- rsh host file permissions
+
+### Changed
+- AUTH-9229 - Added option for LOCKED accounts and bugfix for older bash 
versions
+- BOOT-5122 - Presence check for grub.d added
+- CRYP-7902 - Added support for certificates in DER format
+- CRYP-7931 - Added data to report
+- CRYP-7931 - Redirect errors (e.g. when swap is not encrypted)
+- FILE-6430 - Don't grep nonexistant modprobe.d files
+- FIRE-4535 - Set initial firewall state
+- INSE-8312 - Corrected text on screen
+- KRNL-5728 - Handle zipped kernel configuration correctly
+- KRNL-5830 - Improved version detection for non-symlinked kernel
+- MALW-3280 - Extended detection of BitDefender
+- TIME-3104 - Find more time synchronization commands
+- TIME-3182 - Corrected detection of time peers
+- Fix: hostid generation routine would sometimes show too short IDs
+- Fix: language detection
+- Generic improvements for macOS
+- German translation updated
+- End-of-life database updated
+- Several minor code enhancements
+
+-
+
 ## Lynis 3.0.0 (2020-06-18)
 
 This is a major release of Lynis and includes several big changes.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/HAPPY_USERS.md new/lynis/HAPPY_USERS.md
--- old/lynis/HAPPY_USERS.md2020-06-18 02:00:00.0 +0200
+++ 

commit lynis for openSUSE:Factory

2020-06-19 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2020-06-19 17:25:33

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new.3606 (New)


Package is "lynis"

Fri Jun 19 17:25:33 2020 rev:38 rq:815892 version:3.0.0

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2019-11-20 
10:30:09.522597214 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new.3606/lynis.changes2020-06-19 
17:26:24.144420149 +0200
@@ -1,0 +2,28 @@
+Thu Jun 18 12:17:36 UTC 2020 - Robert Frohl 
+
+- Update to 3.0.0 
+  * Security issues
+- CVE-2020-13882: incorrect Access Control because of a TOCTOU race 
condition (boo#1173141).
+- CVE-2019-13033: local disclosure of license key when data is uploaded 
(boo#1173142).
+  * Breaking change: Non-interactive by default
+- Lynis now runs non-interactive by default, to be more in line with the 
Unix
+  philosophy. So the previously used '--quick' option is now default, and 
the tool
+  will only wait when using the '--wait' option.
+  * Breaking change: Deprecated options
+- Option: -c
+- Option: --check-update/--info
+- Option: --dump-options
+- Option: --license-key
+  * Breaking change: Profile options
+- The format of all profile options are converted (from key:value to 
key=value).
+  You may have to update the changes you made in your custom.prf.
+  * Security
+- An important focus area for this release is on security. We added several
+  measures to further tighten any possible misuse.
+  * New: DevOps, Forensics, and pentesting mode
+- This release adds initial support to allow defining a specialized type 
of audit
+  Using the relevant options, the scan will change base on the intended 
goal.
+- Further features, bug fixes and details about the release listed in
+  https://raw.githubusercontent.com/CISOfy/lynis/3.0.0/CHANGELOG.md
+
+---

Old:

  lynis-2.7.5.tar.gz
  lynis-2.7.5.tar.gz.asc

New:

  lynis-3.0.0.tar.gz
  lynis-3.0.0.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.33kROo/_old  2020-06-19 17:26:25.448424005 +0200
+++ /var/tmp/diff_new_pack.33kROo/_new  2020-06-19 17:26:25.448424005 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package lynis
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 # Copyright (c) 2009-2013 Sascha Manns 
 #
 # All modifications and additions to the file contributed by third parties
@@ -23,12 +23,12 @@
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
 Name:   lynis
-Version:2.7.5
+Version:3.0.0
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0-only
 Group:  System/Monitoring
-Url:https://cisofy.com/lynis/
+URL:https://cisofy.com/lynis/
 Source0:https://cisofy.com/files/%{name}-%{version}.tar.gz
 Source2:tests_binary_rpath
 Source3:tests_file_permissionsDB

++ lynis-2.7.5.tar.gz -> lynis-3.0.0.tar.gz ++
 16616 lines of diff (skipped)





commit lynis for openSUSE:Factory

2019-11-20 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2019-11-20 10:30:07

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new.26869 (New)


Package is "lynis"

Wed Nov 20 10:30:07 2019 rev:37 rq:749828 version:2.7.5

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2019-06-25 
22:22:07.765126485 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new.26869/lynis.changes   2019-11-20 
10:30:09.522597214 +0100
@@ -21,0 +22,5 @@
+Mon Jun  3 11:20:11 UTC 2019 - Tuukka Pasanen 
+
+- Add more false-positive packages to Dbus database: tuned, autofs, lightdm, 
geoglue2, snapper and ModemManager
+
+---
@@ -24,9 +29 @@
-- Add these common packages to Dbus database whitelist: FirewallD, SystemD and 
Wicked to prevent these false-positives:
-  * Warning: Package firewalld-0.5.5-lp151.5.1.noarch installs an unknown 
D-BUS autostart/system service: FirewallD.conf  [ WARNING ]
-  * Warning: Package systemd-234-lp151.25.7.x86_64 installs an unknown D-BUS 
autostart/system service: org.freedesktop.network1.conf  [ WARNING ]
-  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.AUTO4.conf [ WARNING ]
-  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.DHCP4.conf [ WARNING ]
-  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.DHCP6.conf [ WARNING ]
-  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.Nanny.conf [ WARNING ]
-  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.conf  [ WARNING ]
-  * Warning: Package systemd-234-lp151.25.7.x86_64 installs an unknown D-BUS 
autostart/system service: org.freedesktop.network1.service [ WARNING ]
+- Add these common false-positive packages to Dbus database whitelist: 
FirewallD, SystemD and Wicked



Other differences:
--
++ dbus-whitelist.db.openSUSE_12.2_x86_64 ++
--- /var/tmp/diff_new_pack.ymoruJ/_old  2019-11-20 10:30:10.462597401 +0100
+++ /var/tmp/diff_new_pack.ymoruJ/_new  2019-11-20 10:30:10.462597401 +0100
@@ -2,9 +2,13 @@
 bluetooth.conf
 com.redhat.NewPrinterNotification.conf
 com.redhat.PrinterDriversInstaller.conf
+com.redhat.tuned.conf
 ConsoleKit.conf
 cups.conf
 dnsmasq.conf
+fi.epitest.hostap.WPASupplicant.service
+FirewallD.conf
+fi.w1.wpa_supplicant1.service
 gdm.conf
 hal.conf
 nm-avahi-autoipd.conf
@@ -15,77 +19,82 @@
 nm-pptp-service.conf
 nm-vpnc-service.conf
 org.blueman.Mechanism.conf
-org.freedesktop.Accounts.conf
-org.freedesktop.colord-sane.conf
-org.freedesktop.ColorManager.conf
-org.freedesktop.hostname1.conf
-org.freedesktop.locale1.conf
-org.freedesktop.login1.conf
-org.freedesktop.ModemManager.conf
-org.freedesktop.NetworkManager.conf
-org.freedesktop.PackageKit.conf
-org.freedesktop.PolicyKit1.conf
-org.freedesktop.PolicyKit.conf
-org.freedesktop.RealtimeKit1.conf
-org.freedesktop.systemd1.conf
-org.freedesktop.timedate1.conf
-org.freedesktop.UDisks2.conf
-org.freedesktop.UDisks.conf
-org.freedesktop.UPower.conf
-org.gnome.GConf.Defaults.conf
-org.gnome.SettingsDaemon.DateTimeMechanism.conf
-org.kde.auth.conf
-org.kde.fontinst.conf
-org.kde.kcontrol.k3bsetup.conf
-org.kde.kcontrol.kcmclock.conf
-org.kde.kcontrol.kcmkdm.conf
-org.kde.kcontrol.kcmremotewidgets.conf
-org.kde.ksysguard.processlisthelper.conf
-org.kde.polkitkde1.helper.conf
-org.kde.powerdevil.backlighthelper.conf
-org.opensuse.CupsPkHelper.Mechanism.conf
-pulseaudio-system.conf
-skype.conf
-wpa_supplicant.conf
-fi.epitest.hostap.WPASupplicant.service
-fi.w1.wpa_supplicant1.service
 org.blueman.Mechanism.service
+org.freedesktop.Accounts.conf
 org.freedesktop.Accounts.service
+org.freedesktop.AutoMount.conf
 org.freedesktop.Avahi.service
+org.freedesktop.colord-sane.conf
 org.freedesktop.colord-sane.service
+org.freedesktop.ColorManager.conf
 org.freedesktop.ColorManager.service
 org.freedesktop.ConsoleKit.service
+org.freedesktop.DisplayManager.conf
+org.freedesktop.GeoClue2.Agent.conf
+org.freedesktop.GeoClue2.conf
+org.freedesktop.GeoClue2.service
 org.freedesktop.Hal.service
+org.freedesktop.hostname1.conf
 org.freedesktop.hostname1.service
+org.freedesktop.locale1.conf
 org.freedesktop.locale1.service
+org.freedesktop.login1.conf
 org.freedesktop.login1.service
+org.freedesktop.ModemManager1.conf
+org.freedesktop.ModemManager1.service
+org.freedesktop.ModemManager.conf
 org.freedesktop.ModemManager.service

commit lynis for openSUSE:Factory

2019-06-25 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2019-06-25 22:22:06

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new.4615 (New)


Package is "lynis"

Tue Jun 25 22:22:06 2019 rev:36 rq:711811 version:2.7.5

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2019-06-06 
18:16:56.988692573 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new.4615/lynis.changes2019-06-25 
22:22:07.765126485 +0200
@@ -1,0 +2,20 @@
+Tue Jun 25 07:32:29 UTC 2019 - Robert Frohl 
+
+- Update to 2.7.5
+  Added:
+  * Danish translation
+  * Slackware end-of-life information
+  * Detect BSD-style (rc.d) init in Linux systems
+  * Detection of Bro and Suricata (IDS)
+
+  Changed:
+  * Corrected end-of-life entries for CentOS 5 and 6
+  * Change name to check in /etc/passwd file for QNAP devices
+  * AIX enhancement to use correct find statement
+  * Filter on correct field for AIX
+  * Set ss command as preferred option for Linux and changed output format
+  * List of PHP ini file locations has been extended
+  * Removed several pieces of the code as part of cleanup and code health
+  * Extended help
+
+---

Old:

  lynis-2.7.4.tar.gz
  lynis-2.7.4.tar.gz.asc

New:

  lynis-2.7.5.tar.gz
  lynis-2.7.5.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.H2V1iV/_old  2019-06-25 22:22:10.077129656 +0200
+++ /var/tmp/diff_new_pack.H2V1iV/_new  2019-06-25 22:22:10.109129700 +0200
@@ -23,7 +23,7 @@
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
 Name:   lynis
-Version:2.7.4
+Version:2.7.5
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0-only

++ lynis-2.7.4.tar.gz -> lynis-2.7.5.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md
--- old/lynis/CHANGELOG.md  2019-04-21 02:00:00.0 +0200
+++ new/lynis/CHANGELOG.md  2019-06-24 02:00:00.0 +0200
@@ -1,9 +1,30 @@
 # Lynis Changelog
 
+## Lynis 2.7.5 (2019-06-24)
+
+### Added
+- Danish translation
+- Slackware end-of-life information
+- Detect BSD-style (rc.d) init in Linux systems
+- Detection of Bro and Suricata (IDS)
+
+### Changed
+- Corrected end-of-life entries for CentOS 5 and 6
+- AUTH-9204 - change name to check in /etc/passwd file for QNAP devices
+- AUTH-9268 - AIX enhancement to use correct find statement
+- FILE-6310 - Filter on correct field for AIX
+- NETW-3012 - set ss command as preferred option for Linux and changed output 
format
+- List of PHP ini file locations has been extended
+- Removed several pieces of the code as part of cleanup and code health
+- Extended help
+
+-
+
+
 ## Lynis 2.7.4 (2019-04-21)
 
 This is a bigger release than usual, including several new tests created by
-Capashenn (GitHub). It is a coincidence that it is released exactly one more
+Capashenn (GitHub). It is a coincidence that it is released exactly one month
 after the previous version and on Easter. No easter eggs, only improvements!
 
 ### Added
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/db/languages/da new/lynis/db/languages/da
--- old/lynis/db/languages/da   1970-01-01 01:00:00.0 +0100
+++ new/lynis/db/languages/da   2019-06-24 02:00:00.0 +0200
@@ -0,0 +1,41 @@
+ERROR_NO_LICENSE="Ingen licensnøgle konfigureret"
+ERROR_NO_UPLOAD_SERVER="Ingen upload server konfigureret"
+GEN_CHECKING="Tjekker"
+GEN_CURRENT_VERSION="Nuværende version"
+GEN_DEBUG_MODE="Fejlfindingstilstand"
+GEN_INITIALIZE_PROGRAM="Initialiserer program"
+GEN_LATEST_VERSION="Seneste version"
+GEN_PHASE="Fase"
+GEN_PLUGINS_ENABLED="Plugins aktiverede"
+GEN_UPDATE_AVAILABLE="opdatering tilgængelig"
+GEN_VERBOSE_MODE="Detaljeret tilstand"
+GEN_WHAT_TO_DO="At gøre"
+NOTE_EXCEPTIONS_FOUND="Undtagelser fundet"
+NOTE_EXCEPTIONS_FOUND_DETAILED="Nogle usædvanlige hændelser eller information 
var fundet"
+NOTE_PLUGINS_TAKE_TIME="Bemærk: plugins har mere omfattende tests og kan tage 
flere minutter at fuldføre"
+NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Sprang over tests på grund af 
ikke-privilegeret tilstand"
+SECTION_CUSTOM_TESTS="Brugerdefinerede Tests"
+SECTION_MALWARE="Malware"
+SECTION_MEMORY_AND_PROCESSES="Hukommelse og Processer"
+STATUS_DISABLED="DEAKTIVERET"
+STATUS_DONE="FÆRDIG"
+STATUS_ENABLED="AKTIVERET"
+STATUS_NOT_ENABLED="IKKE AKTIVERET"
+STATUS_ERROR="FEJL"
+STATUS_FOUND="FUNDET"

commit lynis for openSUSE:Factory

2019-06-06 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2019-06-06 18:16:55

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new.4811 (New)


Package is "lynis"

Thu Jun  6 18:16:55 2019 rev:35 rq:707790 version:2.7.4

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2019-04-24 
13:57:04.79249 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new.4811/lynis.changes2019-06-06 
18:16:56.988692573 +0200
@@ -1,0 +2,13 @@
+Wed May 29 11:47:34 UTC 2019 - Tuukka Pasanen 
+
+- Add these common packages to Dbus database whitelist: FirewallD, SystemD and 
Wicked to prevent these false-positives:
+  * Warning: Package firewalld-0.5.5-lp151.5.1.noarch installs an unknown 
D-BUS autostart/system service: FirewallD.conf  [ WARNING ]
+  * Warning: Package systemd-234-lp151.25.7.x86_64 installs an unknown D-BUS 
autostart/system service: org.freedesktop.network1.conf  [ WARNING ]
+  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.AUTO4.conf [ WARNING ]
+  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.DHCP4.conf [ WARNING ]
+  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.DHCP6.conf [ WARNING ]
+  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.Nanny.conf [ WARNING ]
+  * Warning: Package wicked-0.6.54-lp151.1.1.x86_64 installs an unknown D-BUS 
autostart/system service: org.opensuse.Network.conf  [ WARNING ]
+  * Warning: Package systemd-234-lp151.25.7.x86_64 installs an unknown D-BUS 
autostart/system service: org.freedesktop.network1.service [ WARNING ]
+
+---



Other differences:
--
++ dbus-whitelist.db.openSUSE_12.2_x86_64 ++
--- /var/tmp/diff_new_pack.6ThpG1/_old  2019-06-06 18:16:57.576692401 +0200
+++ /var/tmp/diff_new_pack.6ThpG1/_new  2019-06-06 18:16:57.580692400 +0200
@@ -81,3 +81,11 @@
 org.kde.polkitkde1.helper.service
 org.kde.powerdevil.backlighthelper.service
 org.opensuse.CupsPkHelper.Mechanism.service
+FirewallD.conf
+org.freedesktop.network1.conf
+org.opensuse.Network.AUTO4.conf
+org.opensuse.Network.DHCP4.conf
+org.opensuse.Network.DHCP6.conf
+org.opensuse.Network.Nanny.conf
+org.opensuse.Network.conf
+org.freedesktop.network1.service






commit lynis for openSUSE:Factory

2019-04-24 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2019-04-24 13:57:03

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new.5536 (New)


Package is "lynis"

Wed Apr 24 13:57:03 2019 rev:34 rq:697112 version:2.7.4

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2019-03-10 
09:34:45.456185117 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new.5536/lynis.changes2019-04-24 
13:57:04.79249 +0200
@@ -1,0 +2,50 @@
+Tue Apr 23 07:24:21 UTC 2019 - Robert Frohl 
+
+- Update to 2.7.4 
+  Added
+  * FILE-6324 - Discover XFS mount points
+  * INSE-8000 - Installed inetd package
+  * INSE-8100 - Installed xinetd package
+  * INSE-8102 - Status of xinet daemon
+  * INSE-8104 - xinetd configuration file
+  * INSE-8106 - xinetd configuration for inactive daemon
+  * INSE-8200 - Usage of TCP wrappers
+  * INSE-8300 - Presence of rsh client
+  * INSE-8302 - Presence of rsh server
+  * Detect equery binary detection
+  * New 'generate' command
+
+  Changed
+  * AUTH-9278 - Test LDAP in all PAM components on Red Hat and other systems
+  * PKGS-7410 - Add support for DPKG-based systems to gather installed kernel 
packages
+  * PKGS-7420 - Detect toolkit to automatically download and apply upgrades
+  * PKGS-7328 - Added global Zypper option --non-interactive
+  * PKGS-7386 - Only show warning when vulnerable packages were discovered
+  * PKGS-7392 - Skip test for Zypper-based systems
+  * Minor changes to improve text output, test descriptions, and logging
+  * Changed CentOS identifiers in end-of-life database
+  * AIX enhancement for IsRunning function
+  * Extended PackageIsInstalled function
+  * Improve text output on AIX systems
+  * Corrected lsvg binary detection
+
+---
+Thu Mar 21 12:11:32 UTC 2019 - Robert Frohl 
+
+- update to 2.7.3
+  Added
+  * Detection for Lynis being scheduled (e.g. cronjob)
+
+  Changed
+  * HTTP-6624 - Improved logging for test
+  * KRNL-5820 - Changed color for default fs.suid_dumpable value
+  * LOGG-2154 - Adjusted test to search in configuration file correctly
+  * NETW-3015 - Added support for ip binary
+  * SQD-3610 - Description of test changed
+  * SQD-3613 - Corrected description in code
+  * SSH-7408 - Increased values for MaxAuthRetries
+  * Improvements to allow tailored tool tips in future
+  * Corrected detection of blkid binary
+  * Minor textual changes and cleanups
+
+---

Old:

  lynis-2.7.2.tar.gz
  lynis-2.7.2.tar.gz.asc

New:

  lynis-2.7.4.tar.gz
  lynis-2.7.4.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.b0qySC/_old  2019-04-24 13:57:05.535999583 +0200
+++ /var/tmp/diff_new_pack.b0qySC/_new  2019-04-24 13:57:05.53581 +0200
@@ -23,12 +23,12 @@
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
 Name:   lynis
-Version:2.7.2
+Version:2.7.4
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0-only
 Group:  System/Monitoring
-URL:https://cisofy.com/lynis/
+Url:https://cisofy.com/lynis/
 Source0:https://cisofy.com/files/%{name}-%{version}.tar.gz
 Source2:tests_binary_rpath
 Source3:tests_file_permissionsDB

++ lynis-2.7.2.tar.gz -> lynis-2.7.4.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md
--- old/lynis/CHANGELOG.md  2019-03-07 01:00:00.0 +0100
+++ new/lynis/CHANGELOG.md  2019-04-21 02:00:00.0 +0200
@@ -1,5 +1,60 @@
 # Lynis Changelog
 
+## Lynis 2.7.4 (2019-04-21)
+
+This is a bigger release than usual, including several new tests created by
+Capashenn (GitHub). It is a coincidence that it is released exactly one more
+after the previous version and on Easter. No easter eggs, only improvements!
+
+### Added
+- FILE-6324 - Discover XFS mount points
+- INSE-8000 - Installed inetd package
+- INSE-8100 - Installed xinetd package
+- INSE-8102 - Status of xinet daemon
+- INSE-8104 - xinetd configuration file
+- INSE-8106 - xinetd configuration for inactive daemon
+- INSE-8200 - Usage of TCP wrappers
+- INSE-8300 - Presence of rsh client
+- INSE-8302 - Presence of rsh server
+- Detect equery binary detection
+- New 'generate' command
+
+### Changed
+- AUTH-9278 - Test LDAP in all PAM components on Red Hat and other systems
+- PKGS-7410 - Add support for DPKG-based systems to gather installed kernel 
packages
+- PKGS-7420 - Detect toolkit to 

commit lynis for openSUSE:Factory

2019-03-10 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2019-03-10 09:34:37

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new.28833 (New)


Package is "lynis"

Sun Mar 10 09:34:37 2019 rev:33 rq:682444 version:2.7.2

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2019-02-02 
21:50:10.239932927 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new.28833/lynis.changes   2019-03-10 
09:34:45.456185117 +0100
@@ -1,0 +2,14 @@
+Thu Mar  7 11:54:18 UTC 2019 - Robert Frohl 
+
+- update to 2.7.2 
+  * Added support for doas (OpenBSD)
+  * Added test file permissions of doas configuration
+  * Added support for systemd-boot boot loader
+  * Added simplify service filter and allow multiple dots in service names
+  * Added check OpenBSD boot daemons
+  * Added test permissions for boot files and scripts
+  * Added support for end-of-life detection of the operating system
+  * Added new 'lynis show eol' command
+  * Multiple changes and improvements
+
+---

Old:

  lynis-2.7.1.tar.gz
  lynis-2.7.1.tar.gz.asc

New:

  lynis-2.7.2.tar.gz
  lynis-2.7.2.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.xSPsA0/_old  2019-03-10 09:34:46.740184810 +0100
+++ /var/tmp/diff_new_pack.xSPsA0/_new  2019-03-10 09:34:46.740184810 +0100
@@ -23,7 +23,7 @@
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
 Name:   lynis
-Version:2.7.1
+Version:2.7.2
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0-only

++ lynis-2.7.1.tar.gz -> lynis-2.7.2.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md
--- old/lynis/CHANGELOG.md  2019-01-31 01:00:00.0 +0100
+++ new/lynis/CHANGELOG.md  2019-03-07 01:00:00.0 +0100
@@ -1,5 +1,31 @@
 # Lynis Changelog
 
+## Lynis 2.7.2 (2019-03-07)
+
+### Added
+- AUTH-9409 - Support for doas (OpenBSD)
+- AUTH-9410 - Test file permissions of doas configuration
+- BOOT-5117 - Support for systemd-boot boot loader added
+- BOOT-5177 -  Simplify service filter and allow multiple dots in service names
+- BOOT-5262 - Check OpenBSD boot daemons
+- BOOT-5263 - Test permissions for boot files and scripts
+- Support for end-of-life detection of the operating system
+- New 'lynis show eol' command
+- Korean translation
+
+### Changed
+- AUTH-9252 - Adds support for files in sudoers.d
+- AUTH-9252 - Test extended to check file and directory ownership
+- BOOT-5122 - Use NONE instead of WARNING if no password is set
+- FIRE-4540 - Modify test to better measure rules
+- KRNL-5788 - Resolve false positive warning on missing /vmlinuz
+- NETW-2704 - Ignore inline comments in /etc/resolv.conf
+- PKGS-7388 - Improve detection for security archive
+- RPi/Raspian path to PAM_FILE_LOCATIONS
+
+
+-
+
 ## Lynis 2.7.1 (2019-01-30)
 
 ### Added
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/db/languages/ko new/lynis/db/languages/ko
--- old/lynis/db/languages/ko   1970-01-01 01:00:00.0 +0100
+++ new/lynis/db/languages/ko   2019-03-07 01:00:00.0 +0100
@@ -0,0 +1,40 @@
+ERROR_NO_LICENSE="라이선스 키가 없습니다"
+ERROR_NO_UPLOAD_SERVER="업로드 서버가 설정되지 않았습니다"
+GEN_CHECKING="확인중입니다"
+GEN_CURRENT_VERSION="현재 버전"
+GEN_DEBUG_MODE="디버그 모드"
+GEN_INITIALIZE_PROGRAM="프로그램을 초기화합니다"
+GEN_LATEST_VERSION="최신 버전"
+GEN_PHASE="phase"
+GEN_PLUGINS_ENABLED="플러그인이 활성화되었습니다"
+GEN_UPDATE_AVAILABLE="업데이트 가능"
+GEN_VERBOSE_MODE="상세 모드"
+GEN_WHAT_TO_DO="할 일"
+NOTE_EXCEPTIONS_FOUND="예외 발견"
+NOTE_EXCEPTIONS_FOUND_DETAILED="몇 가지 예외 이벤트나 정보가 발견되었습니다"
+NOTE_PLUGINS_TAKE_TIME="참고: 플러그인은 광범위한 테스트를 거치며 완료될 때까지 몇 분의 시간이 소요됩니다"
+NOTE_SKIPPED_TESTS_NON_PRIVILEGED="비특권 모드로 인해 테스트를 생략했습니다"
+SECTION_CUSTOM_TESTS="사용자정의 테스트"
+SECTION_MALWARE="악성코드"
+SECTION_MEMORY_AND_PROCESSES="메모리와 프로세스"
+STATUS_DISABLED="비활성화됨"
+STATUS_DONE="완료"
+STATUS_ENABLED="활성화됨"
+STATUS_ERROR="에러"
+STATUS_FOUND="발견"
+STATUS_YES="예"
+STATUS_NO="아니오"
+STATUS_OFF="끔"
+STATUS_OK="OK"
+STATUS_ON="켬"
+STATUS_NONE="없음"
+STATUS_NOT_FOUND="발견되지않음"
+STATUS_NOT_RUNNING="동작하지않음"
+STATUS_RUNNING="동작중"
+STATUS_SKIPPED="생략"
+STATUS_SUGGESTION="추천"
+STATUS_UNKNOWN="알수없음"
+STATUS_WARNING="경고"
+STATUS_WEAK="취약"
+TEXT_YOU_CAN_HELP_LOGFILE="로그 파일을 제공하면 도움을 받을 수 있습니다"
+TEXT_UPDATE_AVAILABLE="업데이트 가능"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 

commit lynis for openSUSE:Factory

2019-02-02 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2019-02-02 21:50:08

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new.28833 (New)


Package is "lynis"

Sat Feb  2 21:50:08 2019 rev:32 rq:670591 version:2.7.1

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2018-11-05 
22:53:44.988180323 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new.28833/lynis.changes   2019-02-02 
21:50:10.239932927 +0100
@@ -1,0 +2,13 @@
+Fri Feb  1 10:28:13 UTC 2019 - Robert Frohl 
+
+- update to 2.7.1 
+  * Improve support for Red Hat and clones
+  * Additional support for Hands Off!, LuLu, and Radio Silence
+  * Added MariaDB filter for deleted files (tested on CentOS)
+  * Added /etc/bash.bashrc.local to umask check
+  * Removed shift statement that did not work on all operating systems
+  * Minor cleanups and enhancements
+  * Small improvements to logging
+  * Added translation for Slovak
+
+---

Old:

  lynis-2.7.0.tar.gz
  lynis-2.7.0.tar.gz.asc

New:

  lynis-2.7.1.tar.gz
  lynis-2.7.1.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.E4Vo1T/_old  2019-02-02 21:50:11.039932234 +0100
+++ /var/tmp/diff_new_pack.E4Vo1T/_new  2019-02-02 21:50:11.039932234 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package lynis
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
 # Copyright (c) 2009-2013 Sascha Manns 
 #
 # All modifications and additions to the file contributed by third parties
@@ -23,7 +23,7 @@
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
 Name:   lynis
-Version:2.7.0
+Version:2.7.1
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0-only

++ lynis-2.7.0.tar.gz -> lynis-2.7.1.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md
--- old/lynis/CHANGELOG.md  2018-10-26 02:00:00.0 +0200
+++ new/lynis/CHANGELOG.md  2019-01-31 01:00:00.0 +0100
@@ -1,5 +1,22 @@
 # Lynis Changelog
 
+## Lynis 2.7.1 (2019-01-30)
+
+### Added
+- Support for macOS Mojave
+- Translation: Slovak
+
+### Changed
+- AUTH-9282 - Improve support for Red Hat and clones
+- FIRE-4534 - Additional support for Hands Off!, LuLu, and Radio Silence
+- LOGG-2190 - Added MariaDB filter for deleted files (tested on CentOS)
+- SHLL-6230 - Add /etc/bash.bashrc.local to umask check
+- Removed shift statement that did not work on all operating systems
+- Minor cleanups and enhancements
+- Small improvements to logging
+
+-
+
 ## Lynis 2.7.0 (2018-10-26)
 
 ### Added
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/FAQ new/lynis/FAQ
--- old/lynis/FAQ   2018-10-26 02:00:00.0 +0200
+++ new/lynis/FAQ   2019-01-31 01:00:00.0 +0100
@@ -98,4 +98,4 @@
 
 
 

- Lynis - Copyright 2007-2018, Michael Boelen, CISOfy - https://cisofy.com
+ Lynis - Copyright 2007-2019, Michael Boelen, CISOfy - https://cisofy.com
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/INSTALL new/lynis/INSTALL
--- old/lynis/INSTALL   2018-10-26 02:00:00.0 +0200
+++ new/lynis/INSTALL   2019-01-31 01:00:00.0 +0100
@@ -48,4 +48,4 @@
 
 
 

- Lynis - Copyright 2007-2018, Michael Boelen, CISOfy - https://cisofy.com
+ Lynis - Copyright 2007-2019, Michael Boelen, CISOfy - https://cisofy.com
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/db/languages/en new/lynis/db/languages/en
--- old/lynis/db/languages/en   2018-10-26 02:00:00.0 +0200
+++ new/lynis/db/languages/en   2019-01-31 01:00:00.0 +0100
@@ -35,5 +35,6 @@
 STATUS_SUGGESTION="SUGGESTION"
 STATUS_UNKNOWN="UNKNOWN"
 STATUS_WARNING="WARNING"
+STATUS_WEAK="WEAK"
 TEXT_YOU_CAN_HELP_LOGFILE="You can help by providing your log file"
 TEXT_UPDATE_AVAILABLE="update available"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/db/languages/sk new/lynis/db/languages/sk
--- old/lynis/db/languages/sk   1970-01-01 01:00:00.0 +0100
+++ new/lynis/db/languages/sk   2019-01-31 01:00:00.0 +0100
@@ -0,0 

commit lynis for openSUSE:Factory

2018-11-05 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2018-11-05 22:53:42

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Mon Nov  5 22:53:42 2018 rev:31 rq:646071 version:2.7.0

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2018-10-11 
11:55:31.326018185 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2018-11-05 
22:53:44.988180323 +0100
@@ -1,0 +2,12 @@
+Sat Oct 27 02:36:44 UTC 2018 - s...@suspend.net
+
+- update to 2.7.0
+  * added detection of TOMOYO binary (MACF-6240)
+  * Status of TOMOYO framework updated (MACF-6242)
+  * OpenSSH server version detected (SSH-7406)
+  * Check active OSSEC analysis daemon (TOOL-5160)
+  * Changed several warning labels on screen
+  * More generic sulogin for systemd rescue (AUTH-9308)
+  * OS detection now ignores quotes for getting the OS ID
+
+---

Old:

  lynis-2.6.9.tar.gz
  lynis-2.6.9.tar.gz.asc

New:

  lynis-2.7.0.tar.gz
  lynis-2.7.0.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.1FDt3e/_old  2018-11-05 22:53:45.796179301 +0100
+++ /var/tmp/diff_new_pack.1FDt3e/_new  2018-11-05 22:53:45.804179291 +0100
@@ -23,7 +23,7 @@
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
 Name:   lynis
-Version:2.6.9
+Version:2.7.0
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0-only

++ lynis-2.6.9.tar.gz -> lynis-2.7.0.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md
--- old/lynis/CHANGELOG.md  2018-09-19 02:00:00.0 +0200
+++ new/lynis/CHANGELOG.md  2018-10-26 02:00:00.0 +0200
@@ -1,5 +1,20 @@
 # Lynis Changelog
 
+## Lynis 2.7.0 (2018-10-26)
+
+### Added
+- MACF-6240 - Detection of TOMOYO binary
+- MACF-6242 - Status of TOMOYO framework
+- SSH-7406  - OpenSSH server version detection
+- TOOL-5160 - Check active OSSEC analysis daemon
+
+### Changed
+- Changed several warning labels on screen
+- AUTH-9308 - More generic sulogin for systemd rescue.service
+- OS detection now ignores quotes for getting the OS ID.
+
+-
+
 ## Lynis 2.6.9 (2018-09-19)
 
 ### Changed
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/db/tests.db new/lynis/db/tests.db
--- old/lynis/db/tests.db   2018-09-19 02:00:00.0 +0200
+++ new/lynis/db/tests.db   2018-10-26 02:00:00.0 +0200
@@ -210,6 +210,8 @@
 MACF-6208:test:security:mac_frameworks::Check if AppArmor is enabled:
 MACF-6232:test:security:mac_frameworks::Check SELINUX presence:
 MACF-6234:test:security:mac_frameworks::Check SELINUX status:
+MACF-6240:test:security:mac_frameworks::Detection of TOMOYO binary:
+MACF-6242:test:security:mac_frameworks::Status of TOMOYO MAC framework:
 MACF-6290:test:security:mac_frameworks::Check for implemented MAC framework:
 MAIL-8802:test:security:mail_messaging::Check Exim status:
 MAIL-8804:test:security:mail_messaging::Exim configuration:
@@ -352,6 +354,7 @@
 SQD-3680:test:security:squid::Check Squid version suppression:
 SSH-7402:test:security:ssh::Check for running SSH daemon:
 SSH-7404:test:security:ssh::Check SSH daemon file location:
+SSH-7406:test:security:ssh::Detection of OpenSSH server version:
 SSH-7408:test:security:ssh::Check SSH specific defined options:
 SSH-7440:test:security:ssh::AllowUsers and AllowGroups:
 STRG-1840:test:security:storage:Linux:Check if USB storage is disabled:
@@ -381,6 +384,7 @@
 TOOL-5104:test:security:tooling::Enabled tests for Fail2ban:
 TOOL-5120:test:security:tooling::Presence of Snort IDS:
 TOOL-5122:test:security:tooling::Snort IDS configuration file:
+TOOL-5160:test:security:tooling::Check for active OSSEC analysis daemon:
 TOOL-5190:test:security:tooling::Check presence of available IDS/IPS tooling:
 USB-3000:test:security:storage:Linux:Check for presence of USBGuard:
 # EOF
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/include/binaries new/lynis/include/binaries
--- old/lynis/include/binaries  2018-09-19 02:00:00.0 +0200
+++ new/lynis/include/binaries  2018-10-26 02:00:00.0 +0200
@@ -225,6 +225,7 @@
 syslog-ng)  
SYSLOGNGBINARY="${BINARY}";SYSLOGNGVERSION=$(${BINARY} -V 2>&1 | grep 
"^syslog-ng" | awk '{ print $2 }'); LogText "Found ${BINARY} 

commit lynis for openSUSE:Factory

2018-10-11 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2018-10-11 11:55:12

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Thu Oct 11 11:55:12 2018 rev:30 rq:640827 version:2.6.9

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2018-09-24 
13:12:24.369796768 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2018-10-11 
11:55:31.326018185 +0200
@@ -1,0 +2,13 @@
+Tue Oct  9 08:20:47 UTC 2018 - Robert Frohl 
+
+- update to 2.6.9
+  * Man page has been updated
+  * Command 'lynis show options' provides up-to-date list
+  * Option '--dump-options' is deprecated
+  * Several options and commands have been extended with more examples
+  * OS detection now supports openSUSE specific distribution names
+  * Changed command output when using 'lynis audit system remote'
+  * added /usr/local/redis/etc path and QNAP support
+  * ignore exception when no vmlinuz file was discovered
+
+---

Old:

  lynis-2.6.8.tar.gz
  lynis-2.6.8.tar.gz.asc

New:

  lynis-2.6.9.tar.gz
  lynis-2.6.9.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.CpGXhH/_old  2018-10-11 11:55:33.294015682 +0200
+++ /var/tmp/diff_new_pack.CpGXhH/_new  2018-10-11 11:55:33.298015677 +0200
@@ -13,7 +13,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
@@ -23,7 +23,7 @@
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
 Name:   lynis
-Version:2.6.8
+Version:2.6.9
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0-only

++ lynis-2.6.8.tar.gz -> lynis-2.6.9.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md
--- old/lynis/CHANGELOG.md  2018-08-23 02:00:00.0 +0200
+++ new/lynis/CHANGELOG.md  2018-09-19 02:00:00.0 +0200
@@ -1,5 +1,21 @@
 # Lynis Changelog
 
+## Lynis 2.6.9 (2018-09-19)
+
+### Changed
+- Man page has been updated
+- Command 'lynis show options' provides up-to-date list
+- Option '--dump-options' is deprecated
+- Several options and commands have been extended with more examples
+- OS detection now supports openSUSE specific distribution names
+- Changed command output when using 'lynis audit system remote'
+- DBS-1882  - added /usr/local/redis/etc path and QNAP support
+- PKGS-7322 - updated solution text
+- KRNL-5788 - ignore exception when no vmlinuz file was discovered
+- TIME-3104 - extended logging for test
+
+-
+
 ## Lynis 2.6.8 (2018-08-23)
 
 ### Changed
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/include/consts new/lynis/include/consts
--- old/lynis/include/consts2018-08-23 02:00:00.0 +0200
+++ new/lynis/include/consts2018-09-19 02:00:00.0 +0200
@@ -214,6 +214,7 @@
 PSBINARY="ps"
 PSOPTIONS=""
 PUPPETBINARY=""
+QNAP_DEVICE=0
 READLINKBINARY=""
 REDIS_RUNNING=0
 REFRESH_REPOSITORIES=1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/include/functions new/lynis/include/functions
--- old/lynis/include/functions 2018-08-23 02:00:00.0 +0200
+++ new/lynis/include/functions 2018-09-19 02:00:00.0 +0200
@@ -496,11 +496,11 @@
 INDENT=$1
 ;;
 --result)
-shift
+shift $(( $# > 0 ? 1 : 0 ))
 RESULT=$1
 ;;
 --text)
-shift
+shift $(( $# > 0 ? 1 : 0 ))
 TEXT=$1
 ;;
 *)
@@ -509,7 +509,7 @@
 ;;
 esac
 # Go to next parameter
-shift
+shift $(( $# > 0 ? 1 : 0 ))
 done
 
 if [ -z "${RESULT}" ]; then
@@ -2994,7 +2994,6 @@
 
 ViewCategories() {
 for CATEGORY in ${TEST_AVAILABLE_CATEGORIES}; do echo "${CATEGORY}"; 
done
-echo ""
 ExitClean
 }
 
@@ -3009,13 +3008,11 @@
 

 
 ViewGroups() {
-if [ ! "${INCLUDEDIR}" = "" ]; then
-   

commit lynis for openSUSE:Factory

2018-09-24 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2018-09-24 13:12:22

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Mon Sep 24 13:12:22 2018 rev:29 rq:636894 version:2.6.8

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2018-06-28 
15:13:12.155616687 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2018-09-24 
13:12:24.369796768 +0200
@@ -1,0 +2,19 @@
+Thu Sep 20 13:04:11 UTC 2018 - astie...@suse.com
+
+- update to 2.6.8:
+  * improved parsing of boot parameters to init process
+  * test all PHP files for expose_php and improved logging
+  * Docker check now tests also for CMD, ENTRYPOINT, and USER configuration
+  * Improved display in Docker output for showing which keys are used for 
signing
+- includes changes from 2.6.7:
+  * Added busybox as a service manager
+  * Limit PAE and no-execute test to AMD64 hardware only
+  * Ignore /dev/zero and /dev/[aio] as deleted files
+  * Changed classification of SSH root login with keys
+  * Docker scan uses new format for maintainer value
+- includes chagnes from 2.6.6:
+  * Improved log text about running kernel version
+  * Under some condition no hostid2 value was reported
+  * Solved 'extra operand' issue with tr command
+
+---

Old:

  lynis-2.6.5.tar.gz
  lynis-2.6.5.tar.gz.asc

New:

  lynis-2.6.8.tar.gz
  lynis-2.6.8.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.XCowLM/_old  2018-09-24 13:12:25.221795270 +0200
+++ /var/tmp/diff_new_pack.XCowLM/_new  2018-09-24 13:12:25.225795263 +0200
@@ -23,7 +23,7 @@
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
 Name:   lynis
-Version:2.6.5
+Version:2.6.8
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0-only
@@ -41,7 +41,7 @@
 Source10:   prepare_for_suse.sh
 Source11:   dbus-whitelist.db.openSUSE_12.2_x86_64
 Source12:   fileperms.db.openSUSE_12.2_x86_64
-Source13:   https://cisofy.com/files/%{name}-%{version}.tar.gz.asc
+Source13:   
https://downloads.cisofy.com/lynis/%{name}-%{version}.tar.gz.asc
 Source14:   https://cisofy.com/files/cisofy-software.pub#/%{name}.keyring
 Source15:   %{name}-rpmlintrc
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE

++ lynis-2.6.5.tar.gz -> lynis-2.6.8.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md
--- old/lynis/CHANGELOG.md  2018-06-26 02:00:00.0 +0200
+++ new/lynis/CHANGELOG.md  2018-08-23 02:00:00.0 +0200
@@ -1,5 +1,39 @@
-Lynis Changelog
-===
+# Lynis Changelog
+
+## Lynis 2.6.8 (2018-08-23)
+
+### Changed
+- BOOT-5104 - improved parsing of boot parameters to init process
+- PHP-2372  - test all PHP files for expose_php and improved logging
+- Alpine Linux detection for Docker audit
+- Docker check now tests also for CMD, ENTRYPOINT, and USER configuration
+- Improved display in Docker output for showing which keys are used for signing
+
+-
+
+## Lynis 2.6.7 (2018-08-09)
+
+### Changed
+- BOOT-5104 - Added busybox as a service manager
+- KRNL-5677 - Limit PAE and no-execute test to AMD64 hardware only
+- LOGG-2190 - Ignore /dev/zero and /dev/[aio] as deleted files
+- SSH-7408  - Changed classification of SSH root login with keys
+- Docker scan uses new format for maintainer value
+- New URL structure on CISOfy website implemented for Lynis controls
+
+-
+
+## Lynis 2.6.6 (2018-07-06)
+
+### Changed
+* New format of changelog (https://keepachangelog.com/en/1.0.0/)
+* KRNL-5830 - Improved log text about running kernel version
+
+### Fixed
+* Under some condition no hostid2 value was reported
+* Solved 'extra operand' issue with tr command
+
+-
 
 Lynis 2.6.5 (2018-06-26)
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CONTRIBUTORS.md new/lynis/CONTRIBUTORS.md
--- old/lynis/CONTRIBUTORS.md   2018-06-26 02:00:00.0 +0200
+++ new/lynis/CONTRIBUTORS.md   2018-08-23 02:00:00.0 +0200
@@ -25,6 +25,7 @@
 * FreeBSD port  - Lars Engels
 * NetBSD- Stephen Borrill
 * Slackware - Eric Hameleers
+* OpenBSD port  - Gonzalo 

commit lynis for openSUSE:Factory

2018-06-28 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2018-06-28 15:12:53

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Thu Jun 28 15:12:53 2018 rev:28 rq:619349 version:2.6.5

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2018-01-28 
00:39:57.496029197 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2018-06-28 
15:13:12.155616687 +0200
@@ -1,0 +2,24 @@
+Wed Jun 27 08:42:31 UTC 2018 - astie...@suse.com
+
+- update to 2.6.5:
+  * mail: Exim configuration test
+  * network: Use FQDN to test status of a nameserver instead of own IP address
+  * ssh: Improved test to allow configurations with a Match block
+- includes changes from 2.6.4:
+  * auth: Made 'sulogin' more generic for systemd rescue shell
+  * dns: Initial work on DNSSEC validation testing
+  * network: Added support for local resolver 127.0.0.53
+  * php: Suhosin test disbled
+  * ssh: Removed 'DELAYED' from OpenSSH Compression setting
+  * time: Improvements to detect step-tickers file and entries
+- includes changes from 2.6.3:
+  * crypt: Do prevalidation for certificates before testing them
+  * hardening: Enhanced compiler permission test
+  * name: Improved test to filter out empty lines
+  * packages: changes to detect yum-utils package and related tooling
+  * plugins: cron file permissions
+- includes changes from 2.6.2:
+  * Textual changes for several tests
+  * Update of tests database
+
+---

Old:

  lynis-2.6.1.tar.gz
  lynis-2.6.1.tar.gz.asc

New:

  lynis-2.6.5.tar.gz
  lynis-2.6.5.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.YJTuZS/_old  2018-06-28 15:13:13.771613726 +0200
+++ /var/tmp/diff_new_pack.YJTuZS/_new  2018-06-28 15:13:13.783613704 +0200
@@ -22,14 +22,13 @@
 %define _includedir   %{_datadir}/lynis/include
 %define _pluginsdir   %{_datadir}/lynis/plugins
 %define _dbdir%{_datadir}/lynis/db
-%define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:2.6.1
+Version:2.6.5
 Release:0
 Summary:Security and System auditing tool
-License:GPL-3.0
+License:GPL-3.0-only
 Group:  System/Monitoring
-Url:https://cisofy.com/lynis/
+URL:https://cisofy.com/lynis/
 Source0:https://cisofy.com/files/%{name}-%{version}.tar.gz
 Source2:tests_binary_rpath
 Source3:tests_file_permissionsDB
@@ -60,7 +59,6 @@
 Requires:   wget
 # FIXME: use proper Requires(pre/post/preun/...)
 PreReq: %fillup_prereq
-BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 BuildArch:  noarch
 
 %description
@@ -121,7 +119,6 @@
 chmod +x %{buildroot}%{_pluginsdir}/custom_plugin.template
 
 %files
-%defattr(-,root,root)
 %{_bindir}/%{name}
 %config(noreplace) %{_sysconfdir}/%{name}/default.prf
 %{_dbdir}/*
@@ -133,8 +130,9 @@
 %dir %{_datadir}/%{name}/include
 %attr(640,root,root) %{_datadir}/%{name}/include/*
 %dir %{_datadir}/%{name}/plugins
-%doc CHANGELOG.md CONTRIBUTORS.md FAQ LICENSE README
-%{_mandir}/man8/%{name}.8.*
+%license LICENSE
+%doc CHANGELOG.md CONTRIBUTORS.md FAQ README
+%{_mandir}/man8/%{name}.8%{?ext_man}
 %{_datadir}/%{name}/prepare_for_suse.sh
 
 %changelog

++ lynis-2.6.1.tar.gz -> lynis-2.6.5.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md
--- old/lynis/CHANGELOG.md  2018-01-26 01:00:00.0 +0100
+++ new/lynis/CHANGELOG.md  2018-06-26 02:00:00.0 +0200
@@ -1,6 +1,65 @@
 Lynis Changelog
 ===
 
+Lynis 2.6.5 (2018-06-26)
+
+Tests:
+--
+
+* [MAIL-8804] - Exim configuration test
+* [NETW-2704] - Use FQDN to test status of a nameserver instead of own IP 
address
+* [SSH-7402]  - Improved test to allow configurations with a Match block
+
+-
+
+Lynis 2.6.4 (2018-05-02)
+
+Changes:
+
+* Several contributions merged, including grammar improvements
+* Initial support for Ubuntu 18.04 LTS
+* Small enhancements for usage
+
+Tests:
+--
+* [AUTH-9308] - Made 'sulogin' more generic for systemd rescue shell
+* [DNS-1600]  - Initial work on DNSSEC validation testing
+* [NETW-2704] - Added support for local resolver 127.0.0.53
+* [PHP-2379]  - Suhosin test disbled
+* [SSH-7408]  - Removed 'DELAYED' from OpenSSH Compression setting
+* [TIME-3160] - Improvements to detect step-tickers file and entries
+

commit lynis for openSUSE:Factory

2018-01-27 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2018-01-28 00:39:56

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Sun Jan 28 00:39:56 2018 rev:27 rq:569995 version:2.6.1

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2017-06-09 
15:57:43.644959080 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2018-01-28 
00:39:57.496029197 +0100
@@ -1,0 +2,9 @@
+Fri Jan 26 17:00:07 UTC 2018 - astie...@suse.com
+
+- update to 2.6.1:
+  * New group 'usb' for tests related to USB devices
+  * Updated and enhanced tests
+  * Many bug fixes
+  * output and UI fixes
+
+---

Old:

  lynis-2.5.1.tar.gz
  lynis-2.5.1.tar.gz.asc

New:

  lynis-2.6.1.tar.gz
  lynis-2.6.1.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.7exwcQ/_old  2018-01-28 00:39:58.387987644 +0100
+++ /var/tmp/diff_new_pack.7exwcQ/_new  2018-01-28 00:39:58.395987272 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package lynis
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 # Copyright (c) 2009-2013 Sascha Manns 
 #
 # All modifications and additions to the file contributed by third parties
@@ -24,7 +24,7 @@
 %define _dbdir%{_datadir}/lynis/db
 %define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:2.5.1
+Version:2.6.1
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0

++ lynis-2.5.1.tar.gz -> lynis-2.6.1.tar.gz ++
 4775 lines of diff (skipped)


++ lynis_1.3.1_include_consts.diff ++
--- /var/tmp/diff_new_pack.7exwcQ/_old  2018-01-28 00:39:58.707972738 +0100
+++ /var/tmp/diff_new_pack.7exwcQ/_new  2018-01-28 00:39:58.707972738 +0100
@@ -1,8 +1,8 @@
 Index: include/consts
 ===
 include/consts.orig
-+++ include/consts
-@@ -102,6 +102,7 @@ unset LANG
+--- include/consts.orig2018-01-26 18:04:07.912682680 +0100
 include/consts 2018-01-26 18:04:16.444766782 +0100
+@@ -104,6 +104,7 @@ unset LANG
  FAIL2BANBINARY=""
  FILEBINARY=""
  FILEVALUE=""

++ lynis_1.3.5_lynis.diff ++
--- /var/tmp/diff_new_pack.7exwcQ/_old  2018-01-28 00:39:58.719972179 +0100
+++ /var/tmp/diff_new_pack.7exwcQ/_new  2018-01-28 00:39:58.719972179 +0100
@@ -1,8 +1,8 @@
 Index: lynis
 ===
 lynis.orig 2017-03-29 02:00:00.0 +0200
-+++ lynis  2017-04-04 12:09:55.043600381 +0200
-@@ -919,7 +919,14 @@ ${NORMAL}
+--- lynis.orig 2018-01-26 18:04:08.168685204 +0100
 lynis  2018-01-26 18:04:11.584718885 +0100
+@@ -929,7 +929,14 @@ ${NORMAL}
 mail_messaging firewalls webservers ssh snmp 
databases ldap php squid logging \
 insecure_services banners scheduling accounting 
time crypto virtualization containers \
 mac_frameworks file_integrity tooling malware 
file_permissions homedirs \

++ lynis_1.3.6_include-osdetection.diff ++
--- /var/tmp/diff_new_pack.7exwcQ/_old  2018-01-28 00:39:58.731971620 +0100
+++ /var/tmp/diff_new_pack.7exwcQ/_new  2018-01-28 00:39:58.735971434 +0100
@@ -1,8 +1,8 @@
 Index: include/osdetection
 ===
 include/osdetection.orig
-+++ include/osdetection
-@@ -367,7 +367,7 @@
+--- include/osdetection.orig   2018-01-26 18:04:07.704680628 +0100
 include/osdetection2018-01-26 18:04:19.468796573 +0100
+@@ -386,7 +386,7 @@
  OS_NAME="${LINUX_VERSION}"
  fi
  # If Linux version (full name) is unknown, use uname value




commit lynis for openSUSE:Factory

2017-06-09 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2017-06-09 15:57:38

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Fri Jun  9 15:57:38 2017 rev:26 rq:502424 version:2.5.1

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2017-04-11 
09:41:41.454511321 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2017-06-09 
15:57:43.644959080 +0200
@@ -1,0 +2,16 @@
+Thu Jun  8 19:36:22 UTC 2017 - astie...@suse.com
+
+- Lynis 2.5.1:
+  * Improved detection of SSL certificate files
+  * Minor changes to improve logging and results
+  * Firewall tests: Determine if CSF is in testing mode
+- includes changes from Lynis 2.5.0:
+  * CVE-2017-8108: symlink attack may have allowed arbitrary file
+overwrite or privilege escalation (bsc#1043463)
+  * Deleted unused tests from database file
+  * Additional sysctls are tested
+  * Extended test with Symantec components
+  * Snort detection
+  * Snort configuration file
+
+---

Old:

  lynis-2.4.8.tar.gz
  lynis-2.4.8.tar.gz.asc

New:

  lynis-2.5.1.tar.gz
  lynis-2.5.1.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.6T10pD/_old  2017-06-09 15:57:45.936635630 +0200
+++ /var/tmp/diff_new_pack.6T10pD/_new  2017-06-09 15:57:45.936635630 +0200
@@ -24,7 +24,7 @@
 %define _dbdir%{_datadir}/lynis/db
 %define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:2.4.8
+Version:2.5.1
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0

++ lynis-2.4.8.tar.gz -> lynis-2.5.1.tar.gz ++
 8735 lines of diff (skipped)


++ lynis_1.3.1_include_consts.diff ++
--- /var/tmp/diff_new_pack.6T10pD/_old  2017-06-09 15:57:46.232593858 +0200
+++ /var/tmp/diff_new_pack.6T10pD/_new  2017-06-09 15:57:46.236593293 +0200
@@ -1,9 +1,9 @@
 Index: include/consts
 ===
 include/consts.orig2017-03-29 02:00:00.0 +0200
-+++ include/consts 2017-04-04 12:10:01.819656810 +0200
-@@ -99,6 +99,7 @@ unset LANG
- ERROR_ON_WARNINGS=0
+--- include/consts.orig
 include/consts
+@@ -102,6 +102,7 @@ unset LANG
+ FAIL2BANBINARY=""
  FILEBINARY=""
  FILEVALUE=""
 +FILE_NUM_TOTAL=0

++ lynis_1.3.6_include-osdetection.diff ++
--- /var/tmp/diff_new_pack.6T10pD/_old  2017-06-09 15:57:46.244592164 +0200
+++ /var/tmp/diff_new_pack.6T10pD/_new  2017-06-09 15:57:46.248591600 +0200
@@ -1,8 +1,8 @@
 Index: include/osdetection
 ===
 include/osdetection.orig   2017-03-29 02:00:00.0 +0200
-+++ include/osdetection2017-04-04 12:10:06.183693153 +0200
-@@ -365,7 +365,7 @@
+--- include/osdetection.orig
 include/osdetection
+@@ -367,7 +367,7 @@
  OS_NAME="${LINUX_VERSION}"
  fi
  # If Linux version (full name) is unknown, use uname value




commit lynis for openSUSE:Factory

2017-04-11 Thread root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2017-04-11 09:41:39

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Tue Apr 11 09:41:39 2017 rev:25 rq:485081 version:2.4.8

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2016-11-05 
21:28:00.0 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2017-04-11 
09:41:41.454511321 +0200
@@ -1,0 +2,70 @@
+Tue Apr  4 09:35:48 UTC 2017 - tuukka.pasa...@ilmi.fi
+
+- Lynis 2.4.8 (Changelog from 2.4.1)
+  * More PHP paths added
+  * Minor changes to text
+  * Show atomic test in report
+  * Added FileInstalledByPackage function (dpkg and rpm supported)
+  * Mark Arch Linux version as rolling release (instead of unknown)
+  * Support for Manjaro Linux
+  * Escape files when testing if they are readable
+  * Code cleanups
+  * Allow host alias to be specified in profile
+  * Code readability enhancements
+  * Solaris support has been improved
+  * Fix for upload function to be used from profile
+  * Reduce screen output for mail section, unless --verbose is used
+  * Code cleanups and removed 'update release' command
+  * Colored output can now be tuned with profile (colors=yes/no)
+  * Allow data upload to be set as a profile option
+  * Properly detect SSH daemon version
+  * Generic code improvements
+  * Improved the update check and display
+  * Finish, Portuguese, and Turkish translation
+  * Extended support and tests for DragonFlyBSD
+  * Option to configure hostid and hostid2 in profile
+  * Support for Trend Micro and Cylance (macOS)
+  * Remove comments at end of nginx configuration
+  * Used machine ID to create host ID when no SSH keys are available
+  * Added detection of iptables-save to binaries
+
+Tests:
+  BANN-7126 - Added more words to test for
+  CUPS-2308 - Improve logging for CUPS configuration test, removed exception 
handler
+  HTTP-6641 - Support detection for Apache module mod_reqtimeout
+  PKGS-7388 - Minor change to detect security repositories
+  CRYP-7902 - Test more certificates names, but only if they are not part of a 
package
+  FILE-7524 - Reduce standard screen output for file permissions check
+  MALW-3280 - Added Avira detection as a malware scanner
+  NAME-4018 - Only perform name services test when resolv.conf file exists
+  PKGS-7387 - Check all repositories if they use GPG signing
+  SCHD-7704 - Permission checks
+  TIME-3104 - Check permissions before open files
+  AUTH-9328 - Add missing 0027 and 0077 umasks
+  BOOT-5104 - Add initsplash and minor code enhancements
+  DBS-1882 - Include Redis configuration file
+  FIRE-4502 - Improved detection for iptables modules when using OpenVZ
+  PKGS-7381 - Enhanced package audit for FreeBSD
+  AUTH-9308 - Improved test for sulogin string (Debian systems)
+  FILE-6372 - Properly deal with comment on lines in /etc/fstab
+  MAIL-8817 - New test to check Postfix configuration for errors
+  SSH-7408 - Corrected SSH check
+  AUTH-9308 - Improved test for sulogin string
+  MAIL-8818 - Test if Linux version is known before comparing in Postfix banner
+  TIME-3116 - Skip stratum 16 items for time pools
+  TIME-3148 - New test to detect TZ variable
+  AUTH-9208 - Removed double logging
+  AUTH-9222 - Improve logging for double groups
+  AUTH-9226 - Improve logging for double groups
+  BOOT-5177 - Sort systemctl unit files to make them unique
+  DBS-1818 - New test to detect MongoDB
+  DBS-1820 - New test for MongoDB authentication
+  FIRE-4512 - Lowered minimum number of iptables firewall rules
+  FIRE-4586 - Fix applied when searching for "-j LOG"
+  HRDN-7222 - Changed reporting key of world executable compilers
+  SSH-7408 - Added filtering for PermitRootLogin (prohibit-password, OpenSSH 
7.0)
+  FIRE-4586 - Check logging for firewall components
+  KRNL-5788 - Remove exception and style improvements
+  KRNL-5830 - Improved logging
+
+---

Old:

  lynis-2.4.0.tar.gz
  lynis-2.4.0.tar.gz.asc

New:

  lynis-2.4.8.tar.gz
  lynis-2.4.8.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.dSrO0j/_old  2017-04-11 09:41:42.71454 +0200
+++ /var/tmp/diff_new_pack.dSrO0j/_new  2017-04-11 09:41:42.718332789 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package lynis
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 # Copyright (c) 2009-2013 Sascha Manns 
 #
 # All modifications and additions to the file contributed by third parties
@@ -24,7 +24,7 @@
 %define _dbdir%{_datadir}/lynis/db
 

commit lynis for openSUSE:Factory

2016-11-05 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2016-11-05 21:27:59

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2016-09-30 
15:33:37.0 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2016-11-05 
21:28:00.0 +0100
@@ -1,0 +2,11 @@
+Fri Nov  4 13:41:25 UTC 2016 - matthias.gerst...@suse.com
+
+- lynis 2.4.0  
+  * Mainly improved support for macOS users
+  * Support for CoreOS
+  * Support for clamconf utility
+  * Support for chinese translation
+  * More sysctl values in the default profile
+  * New commands: "upload-only", "show hostids", "show environment", "show os"
+
+---

Old:

  lynis-2.3.4.tar.gz
  lynis-2.3.4.tar.gz.asc

New:

  lynis-2.4.0.tar.gz
  lynis-2.4.0.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.TidT5g/_old  2016-11-05 21:28:01.0 +0100
+++ /var/tmp/diff_new_pack.TidT5g/_new  2016-11-05 21:28:01.0 +0100
@@ -24,7 +24,7 @@
 %define _dbdir%{_datadir}/lynis/db
 %define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:2.3.4
+Version:2.4.0
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0

++ lynis-2.3.4.tar.gz -> lynis-2.4.0.tar.gz ++
 2154 lines of diff (skipped)


++ lynis_1.3.1_include_consts.diff ++
--- /var/tmp/diff_new_pack.TidT5g/_old  2016-11-05 21:28:01.0 +0100
+++ /var/tmp/diff_new_pack.TidT5g/_new  2016-11-05 21:28:01.0 +0100
@@ -1,8 +1,8 @@
 Index: include/consts
 ===
 include/consts.orig2016-09-27 02:00:00.0 +0200
-+++ include/consts 2016-09-28 13:45:00.011142735 +0200
-@@ -95,6 +95,7 @@ unset LANG
+--- include/consts.orig
 include/consts
+@@ -97,6 +97,7 @@ unset LANG
  ERROR_ON_WARNINGS=0
  FILEBINARY=""
  FILEVALUE=""

++ lynis_1.3.5_lynis.diff ++
--- /var/tmp/diff_new_pack.TidT5g/_old  2016-11-05 21:28:01.0 +0100
+++ /var/tmp/diff_new_pack.TidT5g/_new  2016-11-05 21:28:01.0 +0100
@@ -1,8 +1,8 @@
 Index: lynis
 ===
 lynis.orig 2016-08-23 02:00:00.0 +0200
-+++ lynis  2016-09-15 15:03:54.718905556 +0200
-@@ -890,7 +890,14 @@ ${NORMAL}
+--- lynis.orig
 lynis
+@@ -906,7 +906,14 @@ ${NORMAL}
 mail_messaging firewalls webservers ssh snmp 
databases ldap php squid logging \
 insecure_services banners scheduling accounting 
time crypto virtualization containers \
 mac_frameworks file_integrity tooling malware 
file_permissions homedirs \
@@ -15,6 +15,6 @@
 +   file_permissions_ww \
 +   system_proc \
 +   network_allowed_ports"
-   else
+ else
  INCLUDE_TESTS="${TEST_GROUP_TO_CHECK}"
  LogText "Info: only performing tests from groups: 
${TEST_GROUP_TO_CHECK}"

++ lynis_1.3.6_include-osdetection.diff ++
--- /var/tmp/diff_new_pack.TidT5g/_old  2016-11-05 21:28:01.0 +0100
+++ /var/tmp/diff_new_pack.TidT5g/_new  2016-11-05 21:28:01.0 +0100
@@ -1,8 +1,8 @@
 Index: include/osdetection
 ===
 include/osdetection.orig   2016-09-28 13:47:58.244742090 +0200
-+++ include/osdetection2016-09-28 13:48:40.089118005 +0200
-@@ -321,7 +321,7 @@
+--- include/osdetection.orig
 include/osdetection
+@@ -353,7 +353,7 @@
  OS_NAME="${LINUX_VERSION}"
  fi
  # If Linux version (full name) is unknown, use uname value




commit lynis for openSUSE:Factory

2016-09-30 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2016-09-30 15:33:32

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2016-09-24 
15:29:13.0 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2016-09-30 
15:33:37.0 +0200
@@ -1,0 +2,10 @@
+Wed Sep 28 11:45:44 UTC 2016 - astie...@suse.com
+
+- lynis 2.3.4 with various improvements, including:
+  * Several tests have extended log details
+  * Detection of nftables improved
+  * Replaced cut, sed, tr and others commands with binary variable
+(for forensics and future intrusion checking capabilities)
+  * OS detection improved
+
+---

Old:

  lynis-2.3.3.tar.gz
  lynis-2.3.3.tar.gz.asc

New:

  lynis-2.3.4.tar.gz
  lynis-2.3.4.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.y6aCqF/_old  2016-09-30 15:33:39.0 +0200
+++ /var/tmp/diff_new_pack.y6aCqF/_new  2016-09-30 15:33:39.0 +0200
@@ -24,7 +24,7 @@
 %define _dbdir%{_datadir}/lynis/db
 %define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:2.3.3
+Version:2.3.4
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0

++ lynis-2.3.3.tar.gz -> lynis-2.3.4.tar.gz ++
 8538 lines of diff (skipped)


++ lynis_1.3.1_include_consts.diff ++
--- /var/tmp/diff_new_pack.y6aCqF/_old  2016-09-30 15:33:39.0 +0200
+++ /var/tmp/diff_new_pack.y6aCqF/_new  2016-09-30 15:33:39.0 +0200
@@ -1,10 +1,10 @@
 Index: include/consts
 ===
 include/consts.orig2016-08-23 02:00:00.0 +0200
-+++ include/consts 2016-09-15 15:04:08.947048290 +0200
-@@ -87,6 +87,7 @@ unset LANG
- ECHOCMD=""
+--- include/consts.orig2016-09-27 02:00:00.0 +0200
 include/consts 2016-09-28 13:45:00.011142735 +0200
+@@ -95,6 +95,7 @@ unset LANG
  ERROR_ON_WARNINGS=0
+ FILEBINARY=""
  FILEVALUE=""
 +FILE_NUM_TOTAL=0
  FIND=""

++ lynis_1.3.6_include-osdetection.diff ++
--- /var/tmp/diff_new_pack.y6aCqF/_old  2016-09-30 15:33:39.0 +0200
+++ /var/tmp/diff_new_pack.y6aCqF/_new  2016-09-30 15:33:39.0 +0200
@@ -1,13 +1,13 @@
 Index: include/osdetection
 ===
 include/osdetection.orig   2016-09-15 15:04:30.519264684 +0200
-+++ include/osdetection2016-09-15 15:05:13.115691924 +0200
-@@ -316,7 +316,7 @@
-   OS_NAME="${LINUX_VERSION}"
-   fi
-   # If Linux version (full name) is unknown, use uname value
--  if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=$(uname -s -r); fi
-+  #if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=$(uname -s -r); fi
-   SYSCTL_READKEY="sysctl -n"
- 
+--- include/osdetection.orig   2016-09-28 13:47:58.244742090 +0200
 include/osdetection2016-09-28 13:48:40.089118005 +0200
+@@ -321,7 +321,7 @@
+ OS_NAME="${LINUX_VERSION}"
+ fi
+ # If Linux version (full name) is unknown, use uname value
+-if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=$(uname -s -r); fi
++#if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=$(uname -s -r); fi
+ SYSCTL_READKEY="sysctl -n"
  ;;
+ 




commit lynis for openSUSE:Factory

2016-09-24 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2016-09-24 15:28:22

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2016-05-16 
12:03:57.0 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2016-09-24 
15:29:13.0 +0200
@@ -1,0 +2,5 @@
+Thu Sep 15 14:44:27 UTC 2016 - astie...@suse.com
+
+- lynis 2.3.3 with many improvements and updates
+
+---

Old:

  lynis-2.2.0.tar.gz
  lynis-2.2.0.tar.gz.asc

New:

  lynis-2.3.3.tar.gz
  lynis-2.3.3.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.9eFiSq/_old  2016-09-24 15:29:14.0 +0200
+++ /var/tmp/diff_new_pack.9eFiSq/_new  2016-09-24 15:29:14.0 +0200
@@ -24,7 +24,7 @@
 %define _dbdir%{_datadir}/lynis/db
 %define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:2.2.0
+Version:2.3.3
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0
@@ -108,7 +108,9 @@
 install -pm 644 plugins/* %{buildroot}%{_pluginsdir}
 # install database files
 install -d %{buildroot}%{_dbdir}
-install -pm 644 db/* %{buildroot}%{_dbdir}
+install -pm 644 db/*.db %{buildroot}%{_dbdir}
+install -d %{buildroot}%{_dbdir}/languages
+install -pm 644 db/languages/* %{buildroot}%{_dbdir}/languages
 install -pm 644 %{SOURCE11} %{buildroot}%{_dbdir}/dbus-whitelist.db
 install -pm 644 %{SOURCE12} %{buildroot}%{_dbdir}/fileperms.db
 #rm %%{buildroot}%%{_dbdir}/fileperms.db
@@ -131,7 +133,7 @@
 %dir %{_datadir}/%{name}/include
 %attr(640,root,root) %{_datadir}/%{name}/include/*
 %dir %{_datadir}/%{name}/plugins
-%doc CHANGELOG FAQ LICENSE README
+%doc CHANGELOG.md CONTRIBUTORS FAQ LICENSE README
 %{_mandir}/man8/%{name}.8.*
 %{_datadir}/%{name}/prepare_for_suse.sh
 

++ lynis-2.2.0.tar.gz -> lynis-2.3.3.tar.gz ++
 26282 lines of diff (skipped)


++ lynis_1.3.1_include_consts.diff ++
--- /var/tmp/diff_new_pack.9eFiSq/_old  2016-09-24 15:29:14.0 +0200
+++ /var/tmp/diff_new_pack.9eFiSq/_new  2016-09-24 15:29:14.0 +0200
@@ -1,10 +1,10 @@
 Index: include/consts
 ===
 include/consts.orig2016-03-13 16:03:09.0 +0100
-+++ include/consts 2016-05-12 10:30:55.994465439 +0200
-@@ -76,6 +76,7 @@ unset LANG
- DISCOVERED_BINARIES=""
- DOCKER_DAEMON_RUNNING=0
+--- include/consts.orig2016-08-23 02:00:00.0 +0200
 include/consts 2016-09-15 15:04:08.947048290 +0200
+@@ -87,6 +87,7 @@ unset LANG
+ ECHOCMD=""
+ ERROR_ON_WARNINGS=0
  FILEVALUE=""
 +FILE_NUM_TOTAL=0
  FIND=""

++ lynis_1.3.5_lynis.diff ++
--- /var/tmp/diff_new_pack.9eFiSq/_old  2016-09-24 15:29:14.0 +0200
+++ /var/tmp/diff_new_pack.9eFiSq/_new  2016-09-24 15:29:14.0 +0200
@@ -1,8 +1,8 @@
 Index: lynis
 ===
 lynis.orig 2016-05-12 10:33:38.579963391 +0200
-+++ lynis  2016-05-12 10:33:40.575981777 +0200
-@@ -797,7 +797,14 @@
+--- lynis.orig 2016-08-23 02:00:00.0 +0200
 lynis  2016-09-15 15:03:54.718905556 +0200
+@@ -890,7 +890,14 @@ ${NORMAL}
 mail_messaging firewalls webservers ssh snmp 
databases ldap php squid logging \
 insecure_services banners scheduling accounting 
time crypto virtualization containers \
 mac_frameworks file_integrity tooling malware 
file_permissions homedirs \
@@ -16,5 +16,5 @@
 +   system_proc \
 +   network_allowed_ports"
else
- INCLUDE_TESTS="${TESTS_CATEGORY_TO_PERFORM}"
- logtext "Info: only performing tests from categories: 
${TESTS_CATEGORY_TO_PERFORM}"
+ INCLUDE_TESTS="${TEST_GROUP_TO_CHECK}"
+ LogText "Info: only performing tests from groups: 
${TEST_GROUP_TO_CHECK}"

++ lynis_1.3.6_include-osdetection.diff ++
--- /var/tmp/diff_new_pack.9eFiSq/_old  2016-09-24 15:29:14.0 +0200
+++ /var/tmp/diff_new_pack.9eFiSq/_new  2016-09-24 15:29:14.0 +0200
@@ -1,13 +1,13 @@
 Index: include/osdetection
 ===
 include/osdetection.orig   2016-05-12 10:33:38.495962617 +0200
-+++ include/osdetection2016-05-12 10:33:48.828057790 +0200
+--- include/osdetection.orig   2016-09-15 15:04:30.519264684 +0200
 

commit lynis for openSUSE:Factory

2016-05-16 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2016-05-16 12:03:56

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is "lynis"

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2015-08-14 
14:46:41.0 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2016-05-16 
12:03:57.0 +0200
@@ -1,0 +2,37 @@
+Thu May 12 08:32:25 UTC 2016 - astie...@suse.com
+
+- lynis 2.2.0:
+  * new features and tests, small enhancements
+  * optimisation, better detection
+  * dealing with OS quirks and unexcepted results
+  * adjustments for supporting more compliance in-depth
+  * Detection for CFEngine has been improved
+  * now tries to determine if failed logins are properly logged
+  * New plugin is introduced to analyze PAM settings
+  * Initial support to test UEFI settings, including Secure Boot option.
+  * Support added for Unbound DNS caching tool, configuration check
+  * Record if a name caching utility is being used like nscd or Unbound.
+  * Tests chains of iptables and their default policy (ACCEPT or DROP)
+  * Support upcoming nftables technology (status check)
+  * Test added to include osqueryd as a supported tool.
+  * Detection of firewire is enhanced (both ohci and core detected).
+  * Extended the test syslog-ng logging to remote systems.
+  * ESET and LMD (Linux Malware Detect) have been added.
+  * Discovered malware scanners are also logged to the report.
+  * Eexpanded test for multiple common mount points and define best
+practice mount flags.
+  * Best practices for IPv6 configuration on Linux are now collected.
+  * Collect network interface names from most operating systems.
+  * Password change test has been extended to both capture minimum and 
password age.
+  * Add Proxu support
+  * SystemV init is now detected.
+  * Now information will be logged when vulnerable software packages were 
found.
+  * Support for DNF (Dandified YUM) for Fedora systems has been added.
+  * Multiple configuration tests of SSH merged.
+  * Extend detection of virtual machines (VMware tools)
+  * Machine state detection with Puppet, Facter, dmidecode, and lscpu
+  * When using pentest mode, it will continue without any delays (=quick mode).
+  * Improvements for automatic execution of Lynis
+  * Upload improvements
+
+---

Old:

  lynis-2.1.1.tar.gz
  lynis-2.1.1.tar.gz.asc

New:

  lynis-2.2.0.tar.gz
  lynis-2.2.0.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.CjZcGi/_old  2016-05-16 12:03:58.0 +0200
+++ /var/tmp/diff_new_pack.CjZcGi/_new  2016-05-16 12:03:58.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package lynis
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 # Copyright (c) 2009-2013 Sascha Manns 
 #
 # All modifications and additions to the file contributed by third parties
@@ -24,7 +24,7 @@
 %define _dbdir%{_datadir}/lynis/db
 %define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:2.1.1
+Version:2.2.0
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0

++ lynis-2.1.1.tar.gz -> lynis-2.2.0.tar.gz ++
 16719 lines of diff (skipped)


++ lynis_1.3.1_include_consts.diff ++
--- /var/tmp/diff_new_pack.CjZcGi/_old  2016-05-16 12:03:58.0 +0200
+++ /var/tmp/diff_new_pack.CjZcGi/_new  2016-05-16 12:03:58.0 +0200
@@ -1,9 +1,9 @@
 Index: include/consts
 ===
 include/consts.orig
-+++ include/consts
-@@ -54,6 +54,7 @@ unset LANG
- CUSTOM_URL_PREPEND=""
+--- include/consts.orig2016-03-13 16:03:09.0 +0100
 include/consts 2016-05-12 10:30:55.994465439 +0200
+@@ -76,6 +76,7 @@ unset LANG
+ DISCOVERED_BINARIES=""
  DOCKER_DAEMON_RUNNING=0
  FILEVALUE=""
 +FILE_NUM_TOTAL=0

++ lynis_1.3.5_lynis.diff ++
--- /var/tmp/diff_new_pack.CjZcGi/_old  2016-05-16 12:03:58.0 +0200
+++ /var/tmp/diff_new_pack.CjZcGi/_new  2016-05-16 12:03:58.0 +0200
@@ -1,8 +1,8 @@
 Index: lynis
 ===
 lynis.orig
-+++ lynis
-@@ -720,7 +720,14 @@
+--- lynis.orig 2016-05-12 10:33:38.579963391 +0200
 lynis  2016-05-12 10:33:40.575981777 +0200
+@@ -797,7 +797,14 @@
 mail_messaging firewalls webservers ssh snmp 
databases ldap php squid logging \
 

commit lynis for openSUSE:Factory

2015-08-14 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2015-08-14 14:46:39

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2015-05-15 
07:43:42.0 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2015-08-14 
14:46:41.0 +0200
@@ -1,0 +2,12 @@
+Wed Jul 29 11:05:22 UTC 2015 - astie...@suse.com
+
+- lynis 2.1.1:
+  * performance improvements
+  * additional support for Linux distributions and external utilities
+  * Apache module directory /usr/lib64/apache has been added, which
+is used on openSUSE.
+  * various other improvements and bug fixes
+- update patches for contect changes:
+  lynis_1.3.1_include_consts.diff, lynis_1.3.5_lynis.diff
+
+---

Old:

  lynis-2.1.0.tar.gz
  lynis-2.1.0.tar.gz.asc

New:

  lynis-2.1.1.tar.gz
  lynis-2.1.1.tar.gz.asc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.sJrwdA/_old  2015-08-14 14:46:42.0 +0200
+++ /var/tmp/diff_new_pack.sJrwdA/_new  2015-08-14 14:46:42.0 +0200
@@ -24,7 +24,7 @@
 %define _dbdir%{_datadir}/lynis/db
 %define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:2.1.0
+Version:2.1.1
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0

++ lynis-2.1.0.tar.gz - lynis-2.1.1.tar.gz ++
 5158 lines of diff (skipped)


++ lynis_1.3.1_include_consts.diff ++
--- /var/tmp/diff_new_pack.sJrwdA/_old  2015-08-14 14:46:42.0 +0200
+++ /var/tmp/diff_new_pack.sJrwdA/_new  2015-08-14 14:46:42.0 +0200
@@ -2,11 +2,11 @@
 ===
 --- include/consts.orig
 +++ include/consts
-@@ -78,6 +78,7 @@ unset LANG
- CUSTOM_URL_APPEND=
+@@ -54,6 +54,7 @@ unset LANG
  CUSTOM_URL_PREPEND=
+ DOCKER_DAEMON_RUNNING=0
  FILEVALUE=
 +FILE_NUM_TOTAL=0
  FIND=
+ FIREWALL_ACTIVE=0
  FOUNDPATH=0
- GREPBINARY=grep

++ lynis_1.3.5_lynis.diff ++
--- /var/tmp/diff_new_pack.sJrwdA/_old  2015-08-14 14:46:42.0 +0200
+++ /var/tmp/diff_new_pack.sJrwdA/_new  2015-08-14 14:46:42.0 +0200
@@ -2,19 +2,19 @@
 ===
 --- lynis.orig
 +++ lynis
-@@ -744,7 +744,14 @@
-webservers ssh snmp databases ldap php squid logging \
-insecure_services banners scheduling accounting \
-time crypto virtualization mac_frameworks 
file_integrity hardening_tools tooling \
--   malware file_permissions homedirs kernel_hardening 
hardening
-+   malware file_permissions homedirs kernel_hardening 
hardening \
-+   system_dbus \
-+   users_wo_password \
-+   binary_rpath \
-+   tmp_symlinks \
-+   file_permissions_ww \
-+   system_proc \
-+   network_allowed_ports
+@@ -720,7 +720,14 @@
+mail_messaging firewalls webservers ssh snmp 
databases ldap php squid logging \
+insecure_services banners scheduling accounting 
time crypto virtualization containers \
+mac_frameworks file_integrity tooling malware 
file_permissions homedirs \
+-   kernel_hardening hardening
++   kernel_hardening hardening \
++   system_dbus \
++   users_wo_password \
++   binary_rpath \
++   tmp_symlinks \
++   file_permissions_ww \
++   system_proc \
++   network_allowed_ports
else
  INCLUDE_TESTS=${TESTS_CATEGORY_TO_PERFORM}
  logtext Info: only performing tests from categories: 
${TESTS_CATEGORY_TO_PERFORM}




commit lynis for openSUSE:Factory

2015-05-14 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2015-05-15 07:43:38

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2015-02-18 
12:09:04.0 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2015-05-15 
07:43:42.0 +0200
@@ -1,0 +2,24 @@
+Tue May 12 15:19:07 UTC 2015 - astie...@suse.com
+
+- lynis 2.1.0:
+  * Screen output has been improved to provide additional information.
+  * Core dump check on Linux is extended to check for actual values as well.
+  * Software:
++ McAfee detection has been extended by detecting a running cma binary.
++ Security patch checking with zypper extended.
+  * Session timeout:
++ Tests to determine shell time out setting have been extended
++ determine also if variable is exported as a readonly variable.
++ Related compliance section PCI DSS 8.1.8 has been extended.
+- includes changes from Lynis 2.0.0:
+  * New feature: helpers
+  * docker build file audit helper
+  * Improved OS support
+  * support systemd, docker, nftables
+  * New parameters:
++ --dump-options (see all options)
++ --report-file (define a different location for the report file)
+- use tarball supplied default.prf
+- clean or silence rpmlint warnings 
+
+---

Old:

  default.prf
  lynis-1.6.4.tar.gz
  lynis-1.6.4.tar.gz.asc

New:

  lynis-2.1.0.tar.gz
  lynis-2.1.0.tar.gz.asc
  lynis-rpmlintrc



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.xY8ngH/_old  2015-05-15 07:43:43.0 +0200
+++ /var/tmp/diff_new_pack.xY8ngH/_new  2015-05-15 07:43:43.0 +0200
@@ -24,14 +24,13 @@
 %define _dbdir%{_datadir}/lynis/db
 %define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:1.6.4
+Version:2.1.0
 Release:0
 Summary:Security and System auditing tool
 License:GPL-3.0
 Group:  System/Monitoring
 Url:https://cisofy.com/lynis/
 Source0:https://cisofy.com/files/%{name}-%{version}.tar.gz
-Source1:default.prf
 Source2:tests_binary_rpath
 Source3:tests_file_permissionsDB
 Source4:tests_file_permissions_ww
@@ -45,6 +44,7 @@
 Source12:   fileperms.db.openSUSE_12.2_x86_64
 Source13:   https://cisofy.com/files/%{name}-%{version}.tar.gz.asc
 Source14:   https://cisofy.com/files/cisofy-software.pub#/%{name}.keyring
+Source15:   %{name}-rpmlintrc
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
 Patch0: %{name}_1.3.5_lynis.diff
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
@@ -71,8 +71,6 @@
  - Banner identification
  - Software availability
 
-Lynis is released as a GPL licensed project and free for everyone to use.
-
 %prep
 %setup -q -n %{name}
 %patch0
@@ -85,7 +83,7 @@
 
 # Install Profile (default.prf)
 install -d %{buildroot}%{_sysconfdir}/%{name}
-install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/default.prf
+install -m 644 default.prf %{buildroot}%{_sysconfdir}/%{name}/default.prf
 # install binary
 install -d %{buildroot}%{_bindir}
 install -d %{buildroot}%{_datadir}/%{name}
@@ -113,19 +111,17 @@
 install -pm 644 db/* %{buildroot}%{_dbdir}
 install -pm 644 %{SOURCE11} %{buildroot}%{_dbdir}/dbus-whitelist.db
 install -pm 644 %{SOURCE12} %{buildroot}%{_dbdir}/fileperms.db
-#rm %{buildroot}%{_dbdir}/fileperms.db
-#ln -s $(basename %{SOURCE11}) %{_dbdir}/dbus-whitelist.db
-#ln -s $(basename %{SOURCE12}) %{_dbdir}/fileperms.db
+#rm %%{buildroot}%%{_dbdir}/fileperms.db
+#ln -s $(basename %%{SOURCE11}) %%{_dbdir}/dbus-whitelist.db
+#ln -s $(basename %%{SOURCE12}) %%{_dbdir}/fileperms.db
 
 # pacify rpmlint
-#rm %{buildroot}%{_includedir}/tests_filesystems.orig
-#rm %{buildroot}%{_includedir}/osdetection.orig
 chmod +x %{buildroot}%{_pluginsdir}/custom_plugin.template
 
 %files
 %defattr(-,root,root)
 %{_bindir}/%{name}
-%config %{_sysconfdir}/%{name}/default.prf
+%config(noreplace) %{_sysconfdir}/%{name}/default.prf
 %{_dbdir}/*
 %{_includedir}/*
 %{_pluginsdir}/*
@@ -136,7 +132,7 @@
 %attr(640,root,root) %{_datadir}/%{name}/include/*
 %dir %{_datadir}/%{name}/plugins
 %doc CHANGELOG FAQ LICENSE README
-%doc %{_mandir}/man8/%{name}.8.*
+%{_mandir}/man8/%{name}.8.*
 %{_datadir}/%{name}/prepare_for_suse.sh
 
 %changelog

++ lynis-1.6.4.tar.gz - lynis-2.1.0.tar.gz ++
 5024 lines of diff (skipped)

++ lynis-rpmlintrc ++
# lynis demands 640 on these scripts
addFilter(non-executable-script /usr/share/lynis/include/[^ 

commit lynis for openSUSE:Factory

2015-02-18 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2015-02-18 11:39:45

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2014-12-21 
12:04:28.0 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2015-02-18 
12:09:04.0 +0100
@@ -1,0 +2,57 @@
+Tue Feb 17 12:32:20 UTC 2015 - astie...@suse.com
+
+- lynis 1.6.4:
+  * New:
++ Boot loader detection for AIX 
++ Detection of getcap and lsvg binary
++ Added filesystem_ext to report
++ Detect rootsh
+  * Changes:
++ Hide errors when RPM database is faulty and show suggestion instead 
++ Allow OpenBSD to gather information on listening network ports 
++ Don't trigger warning for Shellshock when doing segfault test 
++ Do not run Apache test on OpenBSD and strip control chars 
++ Extended AIDE test with configuration validation test 
++ Improved Shellshock test regarding non-Linux support 
++ Added support for gathering volume groups on AIX 
++ Properly parse PAM lines and add them to report 
++ Support for boot loader detection on OpenBSD 
++ Added uptime detection for OpenBSD systems 
++ Support for volume groups on AIX 
++ Redirect errors when searching for readlink binary
+- includes changes from 1.6.3:
+  * New:
++ Added tests for Shellshock bash vulnerability 
++ Added test to determine if Snoopy is used 
++ New test for qdaemon configuration file 
++ Test for GRUB boot loader password 
++ New test for qdaemon printer jobs 
++ Added ClamXav test for Mac OS X 
++ Gentoo vulnerable packages test 
++ New test for qdaemon status 
++ Gentoo package listing 
++ Running Lynis without root permissions will start non-privileged scan
++ Systemd service and timer example file added
++ Added grub2-install to binaries
+  * Changes:
++ Adjustments so insecure SSL protocols are detected in nginx config 
++ Directories will be skipped when searching for nginx log files 
++ Only gather unique name servers from /etc/resolv.conf 
++ Properly detect mod_evasive on Gentoo and others 
++ Improved swap partition detection in /etc/fstab 
++ Improvements to kernel detection (e.g. Gentoo) 
++ Test for built-in security options in YUM 
++ Improved boot loader detection for GRUB2 
++ Split GRUB test into two tests 
++ Added Mac OS uptime check 
++ Improved GetHostID function for systems having only ip binary
++ Improved testing for symlinked binary directories
++ Minor adjustments to log output
++ Renamed dev directory to extras
+- verify source signature
+- adjust permissions of items in /usr/share/lynis/include/consts
+  to match those requested by main executable
+- run spec_cleaner
+
+
+---

Old:

  lynis-1.6.2.tar.gz

New:

  lynis-1.6.4.tar.gz
  lynis-1.6.4.tar.gz.asc
  lynis.keyring



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.LLt4Nl/_old  2015-02-18 12:09:05.0 +0100
+++ /var/tmp/diff_new_pack.LLt4Nl/_new  2015-02-18 12:09:05.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package lynis
 #
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 # Copyright (c) 2009-2013 Sascha Manns saigk...@opensuse.org
 #
 # All modifications and additions to the file contributed by third parties
@@ -19,20 +19,18 @@
 
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
-
-%define _includedir   /usr/share/lynis/include
-%define _pluginsdir   /usr/share/lynis/plugins
-%define _dbdir/usr/share/lynis/db
-%define _bindir   /usr/bin
-
+%define _includedir   %{_datadir}/lynis/include
+%define _pluginsdir   %{_datadir}/lynis/plugins
+%define _dbdir%{_datadir}/lynis/db
+%define _bindir   %{_prefix}/bin
 Name:   lynis
-Version:1.6.2
-Release:1  
+Version:1.6.4
+Release:0
 Summary:Security and System auditing tool  
 License:GPL-3.0
 Group:  System/Monitoring  
-Url:http://www.rootkit.nl/projects/lynis.html  
-Source0:http://cisofy.com/files/%{name}-%{version}.tar.gz
+Url:https://cisofy.com/lynis/
+Source0:https://cisofy.com/files/%{name}-%{version}.tar.gz
 Source1:default.prf 
 Source2:tests_binary_rpath
 Source3:tests_file_permissionsDB
@@ -45,6 +43,8 @@
 Source10:   prepare_for_suse.sh
 Source11:   

commit lynis for openSUSE:Factory

2014-12-21 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2014-12-21 12:04:47

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2014-09-26 
11:21:28.0 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2014-12-21 
12:04:28.0 +0100
@@ -1,0 +2,5 @@
+Sun Nov 16 00:39:00 UTC 2014 - Led led...@gmail.com
+
+- fix bashisms in scripts
+
+---



Other differences:
--
++ prepare_for_suse.sh ++
--- /var/tmp/diff_new_pack.jasXYU/_old  2014-12-21 12:04:30.0 +0100
+++ /var/tmp/diff_new_pack.jasXYU/_new  2014-12-21 12:04:30.0 +0100
@@ -5,7 +5,7 @@
 OSVERS=$(grep VERSION /etc/SuSE-release |  sed s/VERSION = //)
 OS=$(head -n 1 /etc/SuSE-release | sed s/[()]//g | sed s/ /_/g)
 
-function fileperms()
+fileperms()
 {
PERMS=$(grep -E ^PERMISSION_SECURITY= /etc/sysconfig/security | awk 
-F'=' '{print $2}' | sed s/\//g)
echo $PERMS
@@ -24,7 +24,7 @@
ln -s fileperms.db.$OS db/fileperms.db
 }
 
-function dbussystem()
+dbussystem()
 {
for i in $(ls -1 /usr/share/dbus-*/system-services/*.service 
/etc/dbus-*/system.d/*.conf 2/dev/null)
do 

++ tests_file_permissionsDB ++
--- /var/tmp/diff_new_pack.jasXYU/_old  2014-12-21 12:04:30.0 +0100
+++ /var/tmp/diff_new_pack.jasXYU/_new  2014-12-21 12:04:30.0 +0100
@@ -37,7 +37,7 @@
HPBAD=0
for LINE in $(cat $DB)
do
-   ((HPMAX++))
+   HPMAX=$(($HPMAX + 1))
FN=$(echo $LINE | cut -d: -f2)
PM=$(echo $LINE | cut -d: -f3)
UN=$(echo $LINE | cut -d: -f4)
@@ -55,8 +55,8 @@
#Display --indent 4 --text ${FN} --result NOT FOUND 
--color WHITE
continue;
fi
-   if ! [ $STR == $STAT ]; then
-   ((HPBAD++))
+   if [ $STR != $STAT ]; then
+   HPBAD=$((HPBAD + 1))
Display --indent 4 --text ${FN} --result WARNING 
--color RED
else
Display --indent 4 --text ${FN} --result OK --color 
GREEN

++ tests_file_permissions_ww ++
--- /var/tmp/diff_new_pack.jasXYU/_old  2014-12-21 12:04:30.0 +0100
+++ /var/tmp/diff_new_pack.jasXYU/_new  2014-12-21 12:04:30.0 +0100
@@ -35,7 +35,7 @@
 find / -xdev \( -type f -o -type d -o -type s -o -type b -type p -o 
-type c \) -a -perm -0002 -print 2/dev/null  $TMP
for i in $(cat $TMP)
do
-   ((HP--))
+   HP=$((HP - 1))
Display --indent 4 --text ${i} is world-writeable --result 
WARNING --color RED
done
 #  echo  AddHP $HP $HPMAX

++ tests_system_dbus ++
--- /var/tmp/diff_new_pack.jasXYU/_old  2014-12-21 12:04:30.0 +0100
+++ /var/tmp/diff_new_pack.jasXYU/_new  2014-12-21 12:04:30.0 +0100
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
 
 
#
 #
@@ -55,11 +55,11 @@
FOUND=0
for j in $WHITELIST
do
-   if [ $DF == $j ]; then FOUND=1; fi
+   if [ $DF = $j ]; then FOUND=1; fi
done
if [ $FOUND -eq 0 ]
then
-   ((HPBAD++))
+   HPBAD=$((HPBAD + 1))
PKG=$(rpm -qf $i)
Display --indent 4 --text Warning: Package 
$PKG installs an unknown D-BUS autostart/system service: $DF --result WARNING 
--color RED
fi

++ tests_system_proc ++
--- /var/tmp/diff_new_pack.jasXYU/_old  2014-12-21 12:04:30.0 +0100
+++ /var/tmp/diff_new_pack.jasXYU/_new  2014-12-21 12:04:30.0 +0100
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
 
 
#
 #
@@ -38,7 +38,7 @@
HP=$HPMAX
for i in $(cat $TMP2)
do
-   ((HP--))
+   HP=$((HP - 1))
PID=$(echo $i | cut -d: -f2)
PNAME=$(echo $i | cut -d: -f3)
Display --indent 4 --text ${PNAME} [PID ${PID}] runs as user 
'nobody' --result WARNING --color RED

++ tests_users_wo_password ++
--- /var/tmp/diff_new_pack.jasXYU/_old  2014-12-21 12:04:30.0 +0100
+++ 

commit lynis for openSUSE:Factory

2014-09-26 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2014-09-26 10:52:08

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2014-01-23 
15:49:19.0 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2014-09-26 
11:21:28.0 +0200
@@ -1,0 +2,8 @@
+Wed Sep 24 16:36:21 UTC 2014 - cit...@gmail.com
+
+- Upgrade to version 1.6.2
+- Remove files:
+  * lynis_1.3.7_include-test-filesystem.diff( already fixed)
+  * lynis-1.3.9.tar.gz 
+
+---

Old:

  lynis-1.3.9.tar.gz
  lynis_1.3.7_include-test-filesystem.diff

New:

  lynis-1.6.2.tar.gz



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.H3hLRY/_old  2014-09-26 11:21:28.0 +0200
+++ /var/tmp/diff_new_pack.H3hLRY/_new  2014-09-26 11:21:28.0 +0200
@@ -26,7 +26,7 @@
 %define _bindir   /usr/bin
 
 Name:   lynis
-Version:1.3.9
+Version:1.6.2
 Release:1  
 Summary:Security and System auditing tool  
 License:GPL-3.0
@@ -50,7 +50,6 @@
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
 Patch2: %{name}_1.3.1_include_consts.diff
 Patch5: %{name}_1.3.6_include-osdetection.diff
-Patch6: %{name}_1.3.7_include-test-filesystem.diff
 BuildRequires:  gcc-c++
 BuildRequires:  libxml2-devel
 PreReq: %fillup_prereq  
@@ -76,11 +75,10 @@
 See http://www.rootkit.nl for a full description and documentation.  
   
 %prep  
-%setup -q  
+%setup -q -n %{name} 
 %patch0
 %patch2
 %patch5
-%patch6
 
 %build  
 
@@ -122,7 +120,7 @@
 
 # pacify rpmlint
 #rm %{buildroot}%{_includedir}/tests_filesystems.orig
-rm %{buildroot}%{_includedir}/osdetection.orig
+#rm %{buildroot}%{_includedir}/osdetection.orig
 chmod +x %{buildroot}%{_pluginsdir}/custom_plugin.template
 
 %files  

++ lynis-1.3.9.tar.gz - lynis-1.6.2.tar.gz ++
 14806 lines of diff (skipped)

++ lynis_1.3.1_include_consts.diff ++
--- /var/tmp/diff_new_pack.H3hLRY/_old  2014-09-26 11:21:29.0 +0200
+++ /var/tmp/diff_new_pack.H3hLRY/_new  2014-09-26 11:21:29.0 +0200
@@ -2,11 +2,11 @@
 ===
 --- include/consts.orig
 +++ include/consts
-@@ -68,6 +68,7 @@ BINPATHS=/bin /sbin /usr/bin /usr/sbin
+@@ -71,6 +71,7 @@ unset LANG
  CHKROOTKITBINARY=
  CHKCONFIGBINARY=
  FILEVALUE=
 +FILE_NUM_TOTAL=0
  FIND=
+ FOUNDPATH=0
  GRPCKBINARY=
- IPTABLESBINARY=

++ lynis_1.3.5_lynis.diff ++
--- /var/tmp/diff_new_pack.H3hLRY/_old  2014-09-26 11:21:29.0 +0200
+++ /var/tmp/diff_new_pack.H3hLRY/_new  2014-09-26 11:21:29.0 +0200
@@ -2,15 +2,14 @@
 ===
 --- lynis.orig
 +++ lynis
-@@ -512,7 +512,10 @@
+@@ -716,7 +716,9 @@
 webservers ssh snmp databases ldap php squid logging \
 insecure_services banners scheduling accounting \
-time crypto virtualization mac_frameworks 
file_integrity hardening_tools \
+time crypto virtualization mac_frameworks 
file_integrity hardening_tools tooling \
 -   malware file_permissions homedirs kernel_hardening 
hardening
 +   malware file_permissions file_permissionsDB homedirs 
kernel_hardening hardening \
-+ system_dbus users_wo_password binary_rpath tmp_symlinks 
file_permissions_ww \
-+ system_proc network_allowed_ports
-+
++  system_dbus users_wo_password binary_rpath tmp_symlinks 
file_permissions_ww \
++  system_proc network_allowed_ports
else
  INCLUDE_TESTS=${TESTS_CATEGORY_TO_PERFORM}
  logtext Info: only performing tests from categories: 
${TESTS_CATEGORY_TO_PERFORM}

++ lynis_1.3.6_include-osdetection.diff ++
--- /var/tmp/diff_new_pack.H3hLRY/_old  2014-09-26 11:21:29.0 +0200
+++ /var/tmp/diff_new_pack.H3hLRY/_new  2014-09-26 11:21:29.0 +0200
@@ -2,7 +2,7 @@
 ===
 --- include/osdetection.orig
 +++ include/osdetection
-@@ -242,7 +242,7 @@
+@@ -303,7 +303,7 @@
OS_NAME=${LINUX_VERSION}
fi
# If Linux version (full name) is unknown, use uname value

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit lynis for openSUSE:Factory

2014-01-23 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2014-01-17 11:04:25

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2013-12-13 
11:58:39.0 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2014-01-23 
15:49:19.0 +0100
@@ -1,0 +2,7 @@
+Thu Jan  9 18:45:44 UTC 2014 - saigk...@opensuse.org
+
+- updated to version 1.3.9
+- removed patch
+  * lynis_1.3.6_include-test-kernel.diff (fixed upstream) 
+
+---

Old:

  lynis-1.3.7.tar.gz
  lynis_1.3.6_include-test-kernel.diff

New:

  lynis-1.3.9.tar.gz



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.Z8Hvi9/_old  2014-01-23 15:49:20.0 +0100
+++ /var/tmp/diff_new_pack.Z8Hvi9/_new  2014-01-23 15:49:20.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package lynis
 #
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # Copyright (c) 2009-2013 Sascha Manns saigk...@opensuse.org
 #
 # All modifications and additions to the file contributed by third parties
@@ -26,7 +26,7 @@
 %define _bindir   /usr/bin
 
 Name:   lynis
-Version:1.3.7
+Version:1.3.9
 Release:1  
 Summary:Security and System auditing tool  
 License:GPL-3.0
@@ -51,7 +51,6 @@
 Patch2: %{name}_1.3.1_include_consts.diff
 Patch5: %{name}_1.3.6_include-osdetection.diff
 Patch6: %{name}_1.3.7_include-test-filesystem.diff
-Patch7: %{name}_1.3.6_include-test-kernel.diff
 BuildRequires:  gcc-c++
 BuildRequires:  libxml2-devel
 PreReq: %fillup_prereq  
@@ -82,7 +81,6 @@
 %patch2
 %patch5
 %patch6
-%patch7
 
 %build  
 
@@ -124,6 +122,7 @@
 
 # pacify rpmlint
 #rm %{buildroot}%{_includedir}/tests_filesystems.orig
+rm %{buildroot}%{_includedir}/osdetection.orig
 chmod +x %{buildroot}%{_pluginsdir}/custom_plugin.template
 
 %files  

++ lynis-1.3.7.tar.gz - lynis-1.3.9.tar.gz ++
 2776 lines of diff (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit lynis for openSUSE:Factory

2013-12-13 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2013-12-13 11:58:38

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2013-06-24 
09:34:47.0 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2013-12-13 
11:58:39.0 +0100
@@ -1,0 +2,38 @@
+Wed Dec 11 20:14:06 UTC 2013 - saigk...@opensuse.org
+
+- updated to version 1.3.7
+- Changelog:
+  * FileExists() and SearchItem() functions were added. The yum-security
+check and iptables binary check were improved, and the report was
+extended to show which tests have been executed or skipped
+- updated patch
+  * lynis_1.3.7_include-test-filesystem.diff 
+
+---
+Tue Dec 10 18:46:14 UTC 2013 - saigk...@opensuse.org
+
+- updated to version 1.3.6
+- Removed patches (obsolete):
+  * lynis_1.3.5_include_binaries.diff 
+
+- Updated patches
+  * lynis_1.3.6_include_osdetection.diff
+  * lynis_1.3.6_include-test-kernel.diff
+
+---
+Sun Nov 24 14:29:06 UTC 2013 - saigk...@opensuse.org
+
+- updated to version 1.3.5
+
+- Updated patches:
+  o lynis_1.3.1_lynis.diff
+  o lynis_1.3.1_include_binaries.diff
+  o lynis_1.3.1_include-osdetection.diff
+  o lynis_1.3.1_include-test-kernel.diff
+
+- Removed patches (obsolete) 
+  o lynis_1.3.1_include-test-databases.diff
+  o lynis_1.3.1_include-test-storage.diff
+  o lynis_1.3.1_include-test-homedirs.diff
+
+---

Old:

  lynis-1.3.0.tar.bz2
  lynis_1.3.0_include-osdetection.diff
  lynis_1.3.0_include-test-databases.diff
  lynis_1.3.0_include-test-filesystem.diff
  lynis_1.3.0_include-test-homedirs.diff
  lynis_1.3.0_include-test-kernel.diff
  lynis_1.3.0_include-test-storage.diff
  lynis_1.3.0_include_binaries.diff
  lynis_1.3.0_include_consts.diff
  lynis_1.3.0_lynis.diff

New:

  lynis-1.3.7.tar.gz
  lynis_1.3.1_include_consts.diff
  lynis_1.3.5_lynis.diff
  lynis_1.3.6_include-osdetection.diff
  lynis_1.3.6_include-test-kernel.diff
  lynis_1.3.7_include-test-filesystem.diff



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.KjDiEx/_old  2013-12-13 11:58:41.0 +0100
+++ /var/tmp/diff_new_pack.KjDiEx/_new  2013-12-13 11:58:41.0 +0100
@@ -2,7 +2,7 @@
 # spec file for package lynis
 #
 # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
-# Copyright (c) 2009-2011 Sascha Manns saigk...@opensuse.org
+# Copyright (c) 2009-2013 Sascha Manns saigk...@opensuse.org
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,19 +17,22 @@
 #
 
 
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+
 %define _includedir   /usr/share/lynis/include
 %define _pluginsdir   /usr/share/lynis/plugins
 %define _dbdir/usr/share/lynis/db
 %define _bindir   /usr/bin
 
 Name:   lynis
-Version:1.3.0  
+Version:1.3.7
 Release:1  
 Summary:Security and System auditing tool  
 License:GPL-3.0
 Group:  System/Monitoring  
 Url:http://www.rootkit.nl/projects/lynis.html  
-Source0:%{name}-%{version}.tar.bz2
+Source0:http://cisofy.com/files/%{name}-%{version}.tar.gz
 Source1:default.prf 
 Source2:tests_binary_rpath
 Source3:tests_file_permissionsDB
@@ -43,18 +46,12 @@
 Source11:   dbus-whitelist.db.openSUSE_12.2_x86_64
 Source12:   fileperms.db.openSUSE_12.2_x86_64
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE  
-Patch0: %{name}_%{version}_lynis.diff
-# PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
-Patch2: %{name}_%{version}_include_consts.diff
-# PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
-Patch3: %{name}_%{version}_include_binaries.diff
+Patch0: %{name}_1.3.5_lynis.diff
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
-Patch4: %{name}_%{version}_include-test-databases.diff
-Patch5: %{name}_%{version}_include-osdetection.diff
-Patch6: %{name}_%{version}_include-test-filesystem.diff
-Patch7: %{name}_%{version}_include-test-kernel.diff
-Patch8: %{name}_%{version}_include-test-storage.diff
-Patch9: %{name}_%{version}_include-test-homedirs.diff
+Patch2: %{name}_1.3.1_include_consts.diff
+Patch5: 

commit lynis for openSUSE:Factory

2013-06-24 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2013-06-24 09:34:46

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2013-01-29 
14:21:59.0 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2013-06-24 
09:34:47.0 +0200
@@ -1,0 +2,5 @@
+Fri Jun 21 12:22:08 UTC 2013 - tho...@suse.com
+
+- fixed typo in prepare_for_suse.sh
+
+---



Other differences:
--
++ prepare_for_suse.sh ++
--- /var/tmp/diff_new_pack.5yAB8i/_old  2013-06-24 09:34:47.0 +0200
+++ /var/tmp/diff_new_pack.5yAB8i/_new  2013-06-24 09:34:47.0 +0200
@@ -3,8 +3,7 @@
 umask 0077
 
 OSVERS=$(grep VERSION /etc/SuSE-release |  sed s/VERSION = //)
-OS=$(head -n 1 /etc/SuSE-release | sed s/[()]//g | sed s/ /_/g
-openSUSE_12.2_x86_64)
+OS=$(head -n 1 /etc/SuSE-release | sed s/[()]//g | sed s/ /_/g)
 
 function fileperms()
 {

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit lynis for openSUSE:Factory

2013-01-29 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2013-01-29 14:21:59

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis, Maintainer is 

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2013-01-14 
22:23:09.0 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2013-01-29 
14:21:59.0 +0100
@@ -1,0 +2,6 @@
+Fri Jan 25 09:40:52 UTC 2013 - tho...@suse.com
+
+- fixed log message for dbus test
+- fixed bash variable incrementation that sneaked in the code 
+
+---



Other differences:
--
++ tests_binary_rpath ++
--- /var/tmp/diff_new_pack.m9VFKu/_old  2013-01-29 14:22:01.0 +0100
+++ /var/tmp/diff_new_pack.m9VFKu/_new  2013-01-29 14:22:01.0 +0100
@@ -36,10 +36,10 @@
HPBAD=0
for FILE in $(find / -xdev -type f \( -perm -0100 -o -perm -0010 -o 
-perm -0001 \) 2/dev/null)
do
-   ((FILENUM))
+   ((FILENUM++))
for RPATH_VAL in $(objdump -p $FILE 2/dev/null | egrep -w 
'(RPATH|RUNPATH)' | awk '{ print $2 :}')
do
-   ((HPMAX))
+   ((HPMAX++))
if [ ${RPATH_VAL:0:7} = \$ORIGIN ]; then continue; 
fi
while [ -n $RPATH_VAL ]
do
@@ -59,7 +59,7 @@
:/usr/local/lib*)
;;
*)
-   ((HPBAD))
+   ((HPBAD++))
RPNOTOK=1;
Display --indent 4 --text 
${FILE} --text RPATH \$RPATH_VAL_NXT\ on $FILE is not allowed --result 
WARNING --color RED
esac
@@ -78,4 +78,4 @@
 
#
 #
 
-wait_for_keypress
\ No newline at end of file
+wait_for_keypress

++ tests_file_permissionsDB ++
--- /var/tmp/diff_new_pack.m9VFKu/_old  2013-01-29 14:22:01.0 +0100
+++ /var/tmp/diff_new_pack.m9VFKu/_new  2013-01-29 14:22:01.0 +0100
@@ -37,7 +37,7 @@
HPBAD=0
for LINE in $(cat $DB)
do
-   ((HPMAX))
+   ((HPMAX++))
FN=$(echo $LINE | cut -d: -f2)
PM=$(echo $LINE | cut -d: -f3)
UN=$(echo $LINE | cut -d: -f4)
@@ -56,7 +56,7 @@
continue;
fi
if ! [ $STR == $STAT ]; then
-   ((HPBAD))
+   ((HPBAD++))
Display --indent 4 --text ${FN} --result WARNING 
--color RED
else
Display --indent 4 --text ${FN} --result OK --color 
GREEN
@@ -74,4 +74,4 @@
 wait_for_keypress
 
 #
-#
\ No newline at end of file
+#

++ tests_network_allowed_ports ++
--- /var/tmp/diff_new_pack.m9VFKu/_old  2013-01-29 14:22:01.0 +0100
+++ /var/tmp/diff_new_pack.m9VFKu/_new  2013-01-29 14:22:01.0 +0100
@@ -58,7 +58,7 @@
done
if [ $PORTOK -eq 0 ]
then
-   ((NUM_NOTOK))
+   ((NUM_NOTOK++))
P=${PORTS[$IDX_P]}
Display --indent 4 --text Open port ${P} not allowed 
--result WARNING --color RED
fi

++ tests_system_dbus ++
--- /var/tmp/diff_new_pack.m9VFKu/_old  2013-01-29 14:22:01.0 +0100
+++ /var/tmp/diff_new_pack.m9VFKu/_new  2013-01-29 14:22:01.0 +0100
@@ -25,7 +25,7 @@
 #
 # Test: SYSTEM-1000
 # Description : Verifies dbus policy.
-Register --test-no SYSTEM-1000 --weight L --network NO --description 
Verifies if a binary contains an insecure RPATH variable.
+Register --test-no SYSTEM-1000 --weight L --network NO --description 
Verifies if an unknown dbus service is installed.
 if [ ${SKIPTEST} -eq 0 ]; then
 Display --indent 2 --text - Starting dbus policy check...
 logtext Test: Checking dbus policy
@@ -59,7 +59,7 @@
done
if [ $FOUND -eq 0 ]
then
-   ((HPBAD))
+   ((HPBAD++))
PKG=$(rpm -qf $i)
 

commit lynis for openSUSE:Factory

2013-01-14 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2013-01-14 09:43:10

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis, Maintainer is 

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2012-02-29 
14:08:29.0 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2013-01-14 
09:43:11.0 +0100
@@ -1,0 +2,13 @@
+Thu Jan 10 16:53:32 UTC 2013 - tho...@suse.com
+
+- fixed test_homedirs 
+
+---
+Thu Jan 10 16:46:02 UTC 2013 - tho...@suse.com
+
+- some bugfixing for pathnames, didn't work with sudo
+- improved default.prf by adding more sysctl vars
+- fixed test_storage
+- generated fileperm.db and dbus-whitelist for 12.2 
+
+---

Old:

  dbus-whitelist.db
  lynis_1.3.0_db-fileperms.diff

New:

  dbus-whitelist.db.openSUSE_12.2_x86_64
  fileperms.db.openSUSE_12.2_x86_64
  lynis_1.3.0_include-osdetection.diff
  lynis_1.3.0_include-test-filesystem.diff
  lynis_1.3.0_include-test-homedirs.diff
  lynis_1.3.0_include-test-kernel.diff
  lynis_1.3.0_include-test-storage.diff



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.9cMQRX/_old  2013-01-14 09:43:12.0 +0100
+++ /var/tmp/diff_new_pack.9cMQRX/_new  2013-01-14 09:43:12.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package lynis
 #
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # Copyright (c) 2009-2011 Sascha Manns saigk...@opensuse.org
 #
 # All modifications and additions to the file contributed by third parties
@@ -25,10 +25,10 @@
 Name:   lynis
 Version:1.3.0  
 Release:1  
-License:GPL-3.0  
 Summary:Security and System auditing tool  
-Url:http://www.rootkit.nl/projects/lynis.html  
+License:GPL-3.0
 Group:  System/Monitoring  
+Url:http://www.rootkit.nl/projects/lynis.html  
 Source0:%{name}-%{version}.tar.bz2
 Source1:default.prf 
 Source2:tests_binary_rpath
@@ -40,17 +40,21 @@
 Source8:tests_tmp_symlinks
 Source9:tests_users_wo_password
 Source10:   prepare_for_suse.sh
-Source11:   dbus-whitelist.db
+Source11:   dbus-whitelist.db.openSUSE_12.2_x86_64
+Source12:   fileperms.db.openSUSE_12.2_x86_64
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE  
 Patch0: %{name}_%{version}_lynis.diff
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE  
-Patch1: %{name}_%{version}_db-fileperms.diff
-# PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
 Patch2: %{name}_%{version}_include_consts.diff
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
 Patch3: %{name}_%{version}_include_binaries.diff
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
 Patch4: %{name}_%{version}_include-test-databases.diff
+Patch5: %{name}_%{version}_include-osdetection.diff
+Patch6: %{name}_%{version}_include-test-filesystem.diff
+Patch7: %{name}_%{version}_include-test-kernel.diff
+Patch8: %{name}_%{version}_include-test-storage.diff
+Patch9: %{name}_%{version}_include-test-homedirs.diff
 BuildRequires:  gcc-c++
 BuildRequires:  libxml2-devel
 PreReq: %fillup_prereq  
@@ -78,10 +82,15 @@
 %prep  
 %setup -q  
 %patch0
-%patch1
+#%patch1
 %patch2
 %patch3
 %patch4
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
 
 %build  
 
@@ -115,7 +124,11 @@
 # install database files  
 %__install -d %{buildroot}%{_dbdir}  
 %__install -pm 644 db/* %{buildroot}%{_dbdir}
-%__install -pm 644 %{SOURCE11} %{buildroot}%{_dbdir}
+%__install -pm 644 %{SOURCE11} %{buildroot}%{_dbdir}/dbus-whitelist.db
+%__install -pm 644 %{SOURCE12} %{buildroot}%{_dbdir}/fileperms.db
+#rm %{buildroot}%{_dbdir}/fileperms.db
+#ln -s $(basename %{SOURCE11}) %{_dbdir}/dbus-whitelist.db
+#ln -s $(basename %{SOURCE12}) %{_dbdir}/fileperms.db
 
 %clean  
 %__rm -rf %{buildroot}  

++ dbus-whitelist.db.openSUSE_12.2_x86_64 ++
avahi-dbus.conf
bluetooth.conf
com.redhat.NewPrinterNotification.conf
com.redhat.PrinterDriversInstaller.conf
ConsoleKit.conf
cups.conf
dnsmasq.conf
gdm.conf
hal.conf
nm-avahi-autoipd.conf
nm-dhcp-client.conf
nm-dispatcher.conf
nm-openconnect-service.conf
nm-openvpn-service.conf
nm-pptp-service.conf
nm-vpnc-service.conf
org.blueman.Mechanism.conf
org.freedesktop.Accounts.conf
org.freedesktop.colord-sane.conf

commit lynis for openSUSE:Factory

2013-01-14 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2013-01-14 22:23:08

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis, Maintainer is 

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2013-01-14 
09:43:11.0 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2013-01-14 
22:23:09.0 +0100
@@ -1,0 +2,6 @@
+Mon Jan 14 14:57:15 UTC 2013 - tho...@suse.com
+
+- fixed tests_network_allowed_ports to increment index vars
+  and not loop forever 
+
+---



Other differences:
--
++ tests_network_allowed_ports ++
--- /var/tmp/diff_new_pack.wU5SBi/_old  2013-01-14 22:23:10.0 +0100
+++ /var/tmp/diff_new_pack.wU5SBi/_new  2013-01-14 22:23:10.0 +0100
@@ -23,10 +23,10 @@
 
#
 #
 # Test: NETW-3085
-# Description : Verifies dbus policy.
+# Description : Verifies open network ports.
 Register --test-no NETW-3085 --weight L --network NO --description 
Verifies open network ports.
 if [ ${SKIPTEST} -eq 0 ]; then
-   ALLOWED_PORTS=( 22 25 68 80 111 443 )
+   ALLOWED_PORTS=( 22 25 80 111 443 )
TMP=$(mktemp /tmp/lynis.XX)
 
STR=${ALLOWED_PORTS[@]:0}
@@ -54,7 +54,7 @@
PORTOK=1
break
fi
-   ((IDX_A))
+   ((IDX_A++))
done
if [ $PORTOK -eq 0 ]
then
@@ -63,7 +63,7 @@
Display --indent 4 --text Open port ${P} not allowed 
--result WARNING --color RED
fi
 
-   ((IDX_P))
+   ((IDX_P++))
done
 
HPMAX=$LEN_A
@@ -81,4 +81,4 @@
 wait_for_keypress
 
 #
-#
\ No newline at end of file
+#

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit lynis for openSUSE:Factory

2012-02-29 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2012-02-29 14:08:27

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis, Maintainer is 

Changes:

--- /work/SRC/openSUSE:Factory/lynis/lynis.changes  2011-09-23 
02:12:29.0 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2012-02-29 
14:08:29.0 +0100
@@ -1,0 +2,31 @@
+Mon Dec 26 16:24:35 UTC 2011 - sascha.ma...@open-slx.de
+
+- fixed conflict in spec 
+
+---
+Mon Dec 26 16:18:01 UTC 2011 - sascha.ma...@open-slx.de
+
+- updated to version 1.3.0
+- from Changelog:
+- New:
+ - Profile option: ignore_home_dir
+ - TCP wrappers category added
+ - Tooling category added
+ - Initial extensions to support plugins in the future
+ - Test for unpurged Debian packages [PKGS-7346]
+ - Test for compiler permissions [HRDN-7222]
+- Changes:
+ - Converted all dates to ISO format and updated copyright lines
+ - Correct suggestion for file integrity tool [FINT-4350]
+ - Added hint when RPM list is empty on DPKG based systems [PKGS-7308]
+ - Changed logging for /etc/security/limits.conf file [KRNL-5820]
+ - Fixed incorrect warning for single user mode [AUTH-9308]
+ - Improved output for stratum 16 time servers [TIME-3116]
+ - Added suggestion and screen output for kernel hardening [KRNL-6000]
+ - Screen layout optimalizations and log file improvements
+ - Improved list/layout of scan options
+ - Improved binary check for compilers
+ - Added configuration option in scan profile (show_tool_tips, default
+   true) 
+
+---

Old:

  lynis-1.2.9.tar.gz
  lynis-1.2.9_suse.diff
  lynis-1.2.9_suse_detection.diff

New:

  dbus-whitelist.db
  lynis-1.3.0.tar.bz2
  lynis_1.3.0_db-fileperms.diff
  lynis_1.3.0_include-test-databases.diff
  lynis_1.3.0_include_binaries.diff
  lynis_1.3.0_include_consts.diff
  lynis_1.3.0_lynis.diff
  prepare_for_suse.sh
  tests_binary_rpath
  tests_file_permissionsDB
  tests_file_permissions_ww
  tests_network_allowed_ports
  tests_system_dbus
  tests_system_proc
  tests_tmp_symlinks
  tests_users_wo_password



Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.2egam3/_old  2012-02-29 14:08:31.0 +0100
+++ /var/tmp/diff_new_pack.2egam3/_new  2012-02-29 14:08:31.0 +0100
@@ -2,7 +2,7 @@
 # spec file for package lynis
 #
 # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
-# Copyright (c) 2009-2010 Sascha Manns saigk...@opensuse.org
+# Copyright (c) 2009-2011 Sascha Manns saigk...@opensuse.org
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -23,17 +23,34 @@
 %define _bindir   /usr/bin
 
 Name:   lynis
-Version:1.2.9  
+Version:1.3.0  
 Release:1
-License:GPL-2.0+
+License:GPL-3.0  
 Summary:Security and System auditing tool  
 Url:http://www.rootkit.nl/projects/lynis.html  
 Group:  System/Monitoring
-Source: %{name}-%{version}.tar.gz  
+Source0:%{name}-%{version}.tar.bz2
 Source1:default.prf 
+Source2:tests_binary_rpath
+Source3:tests_file_permissionsDB
+Source4:tests_file_permissions_ww
+Source5:tests_network_allowed_ports
+Source6:tests_system_dbus
+Source7:tests_system_proc
+Source8:tests_tmp_symlinks
+Source9:tests_users_wo_password
+Source10:   prepare_for_suse.sh
+Source11:   dbus-whitelist.db
 # PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE  
-Patch0: %{name}-%{version}_suse.diff  
-Patch1: %{name}-%{version}_suse_detection.diff
+Patch0: %{name}_%{version}_lynis.diff
+# PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE  
+Patch1: %{name}_%{version}_db-fileperms.diff
+# PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
+Patch2: %{name}_%{version}_include_consts.diff
+# PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
+Patch3: %{name}_%{version}_include_binaries.diff
+# PATCH-OPENSUSE-FIX -- tho...@novell.com - modifying for openSUSE
+Patch4: %{name}_%{version}_include-test-databases.diff
 BuildRequires:  gcc-c++
 BuildRequires:  libxml2-devel
 PreReq: %fillup_prereq  
@@ -60,8 +77,11 @@
   
 %prep  
 %setup -q  
-%patch0 -p1  
-%patch1 -p1  
+%patch0
+%patch1
+%patch2
+%patch3
+%patch4
 
 %build  
 
@@ -74,22 +94,28 @@
 %__install -d %{buildroot}%{_bindir}  
 

commit lynis for openSUSE:Factory

2011-12-06 Thread h_root
Hello community,

here is the log from the commit of package lynis for openSUSE:Factory checked 
in at 2011-12-06 18:27:37

Comparing /work/SRC/openSUSE:Factory/lynis (Old)
 and  /work/SRC/openSUSE:Factory/.lynis.new (New)


Package is lynis, Maintainer is 

Changes:




Other differences:
--
++ lynis.spec ++
--- /var/tmp/diff_new_pack.uBAwGh/_old  2011-12-06 18:50:05.0 +0100
+++ /var/tmp/diff_new_pack.uBAwGh/_new  2011-12-06 18:50:05.0 +0100
@@ -25,7 +25,7 @@
 Name:   lynis
 Version:1.2.9  
 Release:1
-License:GPL v2 or later  
+License:GPL-2.0+
 Summary:Security and System auditing tool  
 Url:http://www.rootkit.nl/projects/lynis.html  
 Group:  System/Monitoring

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit lynis for openSUSE:Factory

2011-08-19 Thread h_root

Hello community,

here is the log from the commit of package lynis for openSUSE:Factory
checked in at Fri Aug 19 12:48:36 CEST 2011.




New Changes file:

--- /dev/null   2010-08-26 16:28:41.0 +0200
+++ /mounts/work_src_done/STABLE/lynis/lynis.changes2011-04-07 
17:59:04.0 +0200
@@ -0,0 +1,134 @@
+---
+Thu Apr  7 15:57:31 UTC 2011 - tho...@novell.com
+
+- added patch for apache2 and oracle detection 
+
+---
+Fri Apr  1 22:00:13 UTC 2011 - saigk...@opensuse.org
+
+- removed rpmlintrc and fixed non-executable-script 
+
+---
+Sun Dec 26 19:55:21 UTC 2010 - saigk...@opensuse.org
+
+- prettyfied spec file
+- NOTE: Please submit submitrequests to home:saigkill. This Package links to 
this Repository. 
+
+---
+Fri Sep  3 05:41:52 UTC 2010 - tho...@novell.com
+
+- fixed %files section to include /etc/lynis 
+
+---
+Fri Sep  3 05:12:43 UTC 2010 - tho...@novell.com
+
+- fixed %files section to reflect new default.prf location 
+
+---
+Fri Sep  3 05:09:47 UTC 2010 - tho...@novell.com
+
+- added permdir /root/.gnupg to default.prf 
+
+---
+Fri Sep  3 05:04:03 UTC 2010 - tho...@novell.com
+
+- copy default.prf to /etc/lynis/ instead of /etc/, otherwise
+  lynis will not find it and hang 
+
+---
+Thu Sep  2 11:32:50 UTC 2010 - tho...@novell.com
+
+- added %{_datadir}/%{name}/prepare_for_suse.sh
+
+---
+Thu Sep  2 10:56:55 UTC 2010 - tho...@novell.com
+
+- adjusted patch and spec file to make it build 
+
+---
+Wed Sep  1 12:30:43 UTC 2010 - tho...@novell.com
+
+- put code from Matthias Weckbecker sec_check into lynis
+- adjusted lynis for opensuse
+- details:
+  + tests_tmp_symlinks
+  + tests_network_allowed_ports
+  + tests_system_proc
+  + tests_file_permissions_ww
+  + tests_binary_rpath
+  + tests_users_wo_password
+  + tests_file_permissionsDB
+  + tests_system_dbus
+
+---
+Wed Dec 16 05:19:37 UTC 2009 - saigk...@opensuse.org
+
+- updated to version 1.2.9
+- added default.prf 
+
+---
+Wed Dec  9 16:21:53 UTC 2009 - saigk...@opensuse.org
+
+- update to 1.2.8 
+
+---
+Mon Nov  2 18:16:38 UTC 2009 - saigk...@opensuse.org
+
+- update to 1.2.7
+- This release adds AIX Support and several new tests related to SSH, logging, 
databases and SMTP. Many minor issues are solved or improved. 
+
+-
+Mon Apr  6 09:04:05 CEST 2009 - saigk...@opensuse.org
+
+- update to 1.2.6
+- This release has several new tests and test improvements, like a sudoers
+  file permissions check, a core dumps configuration check for Linux, PHP
+  tests, and an /etc/issue banner test.
+
+-
+Sat Mar 28 10:27:12 CET 2009 - saigk...@opensuse.org
+
+- update to 1.2.5
+- This release adds 40+ new tests for services like Dovecot, 
+  BIND, PowerDNS, SSH, Exim, and nginx
+
+-
+Tue Mar 17 2009 20:32 CET - mrd...@opensuse.org
+
+- added 1.2.4 release
+- This release adds more than 30 new tests, 
+including NTP, auditd, PAM, NFS and ClamAV. 
+
+--
+Mon Mar 02 22:32 CET 2009 - mrd...@opensuse.org
+
+- 1.2.3 release see CHANGELOG for changes
+
+---
+Thu Feb 26 14:16:35 CET 2009 - pgaj...@suse.cz
+
+- removed patches:
+  - passwd-args.patch
+  - suppress-dpkg-error.patch
+- source repacked gz - bz2
+
+---
+Sun Feb 17 2009 - mrd...@opensuse.org
+
+- 1.2.2 release - see CHANGELOG for changes
+
+--
+Mon Feb 16 03:15:44 CET 2009 - saigk...@opensuse.org 
+
+- updated to Version 1.2.2
+
+--
+Wed Jan 07 12:00:00 CET 2009 - saigk...@opensuse.org
+
+- fixed Rpmlint Errors
+- branched for Contrib
+
+--
+Wed Nov 10 12:00:00 CET 2008 - saigk...@opensuse.org
+
+- initial version using the buildservice

calling whatdependson for head-i586


New:

  default.prf