Hello folks,
I am pleased to announce the availability of scap-security-guide of version 0.1.19: [1] https://github.com/OpenSCAP/scap-security-guide/tree/v0.1.19 [2] http://repos.ssgproject.org/sources/scap-security-guide-0.1.19.tar.gz [3] https://github.com/OpenSCAP/scap-security-guide/archive/v0.1.19.tar.gz
Major Changes since v0.1.18: ---------------------- * multiple bugfixes for RHEL-6 content (the list is too long to be detailed here, but major keyword for this release is / was 'stabilization'),
* enhancements of RHEL-7 RHT-CCP profile content (68 rules now enabled by default + fixes to many other rules).
For detailed (pre)view of changes since v0.1.18 version have a look at: [4] https://github.com/OpenSCAP/scap-security-guide/issues?q=milestone:0.1.19+is...
You are encouraged to check [2], [3] out. As always should you encounter some issue with the content, kindly report at: [5] https://github.com/OpenSCAP/scap-security-guide/issues/new
Happy hardening.
Jan (on behalf of the SSG team) -- Jan iankko Lieskovsky / Red Hat Security Technologies Team
On 9/28/14, 9:09 AM, Jan Lieskovsky wrote:
Hello folks,
I am pleased to announce the availability of scap-security-guide of version 0.1.19: [1] https://github.com/OpenSCAP/scap-security-guide/tree/v0.1.19 [2] http://repos.ssgproject.org/sources/scap-security-guide-0.1.19.tar.gz [3] https://github.com/OpenSCAP/scap-security-guide/archive/v0.1.19.tar.gz
Major Changes since v0.1.18:
multiple bugfixes for RHEL-6 content (the list is too long to be detailed here, but major keyword for this release is / was 'stabilization'),
enhancements of RHEL-7 RHT-CCP profile content (68 rules now enabled by default + fixes to many other rules).
For detailed (pre)view of changes since v0.1.18 version have a look at: [4] https://github.com/OpenSCAP/scap-security-guide/issues?q=milestone:0.1.19+is...
You are encouraged to check [2], [3] out. As always should you encounter some issue with the content, kindly report at: [5] https://github.com/OpenSCAP/scap-security-guide/issues/new
Happy hardening.
Jan (on behalf of the SSG team)
Jan iankko Lieskovsky / Red Hat Security Technologies Team
Thank you!
Were you able to kickoff an EPEL RPM build?
----- Original Message -----
From: "Shawn Wells" shawn@redhat.com To: scap-security-guide@lists.fedorahosted.org Sent: Sunday, September 28, 2014 8:05:23 PM Subject: Re: scap-security-guide 0.1.19 is now live
On 9/28/14, 9:09 AM, Jan Lieskovsky wrote:
Hello folks,
I am pleased to announce the availability of scap-security-guide of version 0.1.19: [1] https://github.com/OpenSCAP/scap-security-guide/tree/v0.1.19 [2] http://repos.ssgproject.org/sources/scap-security-guide-0.1.19.tar.gz [3] https://github.com/OpenSCAP/scap-security-guide/archive/v0.1.19.tar.gz
Major Changes since v0.1.18:
multiple bugfixes for RHEL-6 content (the list is too long to be detailed here, but major keyword for this release is / was 'stabilization'),
enhancements of RHEL-7 RHT-CCP profile content (68 rules now enabled by default + fixes to many other rules).
For detailed (pre)view of changes since v0.1.18 version have a look at: [4] https://github.com/OpenSCAP/scap-security-guide/issues?q=milestone:0.1.19+is...
You are encouraged to check [2], [3] out. As always should you encounter some issue with the content, kindly report at: [5] https://github.com/OpenSCAP/scap-security-guide/issues/new
Happy hardening.
Jan (on behalf of the SSG team)
Jan iankko Lieskovsky / Red Hat Security Technologies Team
Thank you!
Were you able to kickoff an EPEL RPM build?
Wanted to, but it's not possible. From EPEL guidelines: https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies#Policy_for_Conflic...
"When a package is added to RHEL that is already in EPEL, we need to block it from being updated in EPEL."
Since scap-security-guide is scheduled to be included in the upcoming version of Red Hat Enterprise Linux 7 directly, it's not possible to make updates on both sides (thus updates on EPEL yet).
For now people are advised just to download the tarball & issue 'make rpm' in the top of the scap-security-guide-0.1.19 directory tree to obtain an RPM.
Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Technologies Team
-- SCAP Security Guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
All-
Perhaps I missed the mailing stating this, so my apologies in advance.
Will the current (and future) versions of scap-security-guide be placed in the EPEL repository, or will they need to be built from a GIT cloned source always? The latest version I see in [the mirror I am using for] EPEL is the 0.1.17-1.20140524git2eeeca7.el6 version.
Logan Rodrian
On 10/01/2014 10:39 PM, Rodrian, Logan P (IS) wrote:
All-
Perhaps I missed the mailing stating this, so my apologies in advance.
Will the current (and future) versions of scap-security-guide be placed in the EPEL repository, or will they need to be built from a GIT cloned source always? The latest version I see in [the mirror I am using for] EPEL is the 0.1.17-1.20140524git2eeeca7.el6 version.
Logan Rodrian
IIRC, scap-security-guide was promoted from epel6 to base Red Hat Enterprise Linux 6 package. Following epel rules, scap-security-guide can no longer be updated.
Unless there is an objection, I will retire scap-security-guide from epel repository.
Kind regards,
----- Original Message -----
From: "Simon Lukasik" isimluk@fedoraproject.org To: "SCAP Security Guide" scap-security-guide@lists.fedorahosted.org Sent: Thursday, October 2, 2014 10:33:37 AM Subject: Re: scap-security-guide 0.1.19 is now live
On 10/01/2014 10:39 PM, Rodrian, Logan P (IS) wrote:
All-
Perhaps I missed the mailing stating this, so my apologies in advance.
Will the current (and future) versions of scap-security-guide be placed in the EPEL repository, or will they need to be built from a GIT cloned source always? The latest version I see in [the mirror I am using for] EPEL is the 0.1.17-1.20140524git2eeeca7.el6 version.
Logan Rodrian
IIRC, scap-security-guide was promoted from epel6 to base Red Hat Enterprise Linux 6 package. Following epel rules, scap-security-guide can no longer be updated.
Unless there is an objection, I will retire scap-security-guide from epel repository.
Thank you for the offer, Simon. Please go ahead (there isn't much we can do wrt to that anyway when considering the above EPEL vs RHEL policy rule).
When at retiring already, pls request retiring of both of them (for EPEL6 and EPEL7), so we have both of them sorted out.
Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Technologies Team
Kind regards,
-- Simon Lukasik Security Technologies, Red Hat, Inc. -- SCAP Security Guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
----- Original Message -----
From: "Logan P Rodrian (IS)" Logan.Rodrian@ngc.com To: "SCAP Security Guide" scap-security-guide@lists.fedorahosted.org Sent: Wednesday, October 1, 2014 10:39:13 PM Subject: RE: scap-security-guide 0.1.19 is now live
All-
Perhaps I missed the mailing stating this, so my apologies in advance.
Will the current (and future) versions of scap-security-guide be placed in the EPEL repository, or will they need to be built from a GIT cloned source always? The latest version I see in [the mirror I am using for] EPEL is the 0.1.17-1.20140524git2eeeca7.el6 version.
Hi, the future versions of scap-security-guide will be packaged in the RHEL repositories directly, as per the email you are replying to.
See https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies
"When a package is added to RHEL that is already in EPEL, we need to block it from being updated in EPEL."
This means that no, you don't have to always build it from the repository. You can install it from the RHEL repository. It will however no longer be updated in EPEL. I hope all is clear now.
On 10/2/14, 4:35 AM, Martin Preisler wrote:
----- Original Message -----
From: "Logan P Rodrian (IS)" Logan.Rodrian@ngc.com To: "SCAP Security Guide" scap-security-guide@lists.fedorahosted.org Sent: Wednesday, October 1, 2014 10:39:13 PM Subject: RE: scap-security-guide 0.1.19 is now live
All-
Perhaps I missed the mailing stating this, so my apologies in advance.
Will the current (and future) versions of scap-security-guide be placed in the EPEL repository, or will they need to be built from a GIT cloned source always? The latest version I see in [the mirror I am using for] EPEL is the 0.1.17-1.20140524git2eeeca7.el6 version.
Hi, the future versions of scap-security-guide will be packaged in the RHEL repositories directly, as per the email you are replying to.
See https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies
"When a package is added to RHEL that is already in EPEL, we need to block it from being updated in EPEL."
This means that no, you don't have to always build it from the repository. You can install it from the RHEL repository. It will however no longer be updated in EPEL. I hope all is clear now.
Specifically, for RHEL6, SSG will be included in 6.6+: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6-Bet...
For RHEL7, we're tracking to include SSG v0.1.19 in a TBD release of RHEL7. The next window for RHEL7 package inclusion will be RHEL 7.1. (sorry, I have to word things indirectly to meet RHT rules)
With that said, I think there is still value to providing a community yum repo where we can land the upstream monthly builds for the user community to track against... would this be valuable to anyone?
scap-security-guide@lists.fedorahosted.org