debian-cis
PCI-DSS compliant Debian 10/11/12 hardening
OTHER License
Stars
719
Bot releases are hidden (Show)
debian-cis
- Release v3.2-2
Published by tdenof almost 3 years ago
- Fix 5.4.5 pattern search
- Bump actions-ecosystem/action-get-latest-tag from 1 to 1.4.1
- Bump luizm/action-sh-checker from v0.1.12 to v0.1.13
- 99.5.4.5.2: fix bug where sha512 option rounds provoke KO
- Bump dev-drprasad/delete-tag-and-release from v0.1.3 to v0.2.0
- Bump luizm/action-sh-checker from 0.1.13 to 0.3.0
- Bump metcalfc/changelog-generator from v0.4.4 to v1.0.0
- FIX(2.2.1.4): Validate debian default ntp config
- FIX(1.7.1.4): don't abort script in case of unconfined processes
- Add silent mode and json summary
- fix: kernel module detection
- Honor --set-log-level parameter
- Allow grub.cfg permission to be 600
- Fix grub detection
- Fix 3.4.2 audit rule
- Skip NTP and Chrony config check if they are not installed
- Fix empty fstab test
- Update changelog for release 3.2-2
debian-cis
- Release v3.0
Published by thibaultserti almost 4 years ago
- Migration to debian10 numbering
- Add utils to compare file permissions to a list of authorized permissions
- Update skel, update documentation
- Add 1.1.1.7 check and test (disable FAT)
- Add 1.1.23 check and test (disable usb storage)
- Add 1.7.x checks and tests (apparmor)
- Add 2.2.1.2 check and test (systemd-timesyncd)
- Add 4.1.1.1,4 check (auditd)
- Add 4.2.1.6 check (syslog-ng)
- Add 4.2.2.x checks and tests (journald)
- Add 4.4 checks and tests (logrotate permission)
- Add 5.2.20-23 checks and tests (sshd)
- Add 6.1.3-9 checks (/etc/passwd-, /etc/shadow-, ...)