Fedora 11 Update: lynis-1.2.9-1.fc11

updates at fedoraproject.org updates at fedoraproject.org
Thu Feb 18 22:29:01 UTC 2010

Fedora Update Notification
2010-02-18 16:56:05

Name        : lynis
Product     : Fedora 11
Version     : 1.2.9
Release     : 1.fc11
URL         : http://www.rootkit.nl/projects/lynis.html
Summary     : Security and system auditing tool
Description :
Lynis is a security and system auditing tool. It scans a system on the
most interesting parts useful for audits, like:
     - Security enhancements
     - Logging and auditing options
     - Banner identification
     - Software availability

Lynis is released as a GPL licensed project and free for everyone to use.

See http://www.rootkit.nl for a full description and documentation.

Update Information:

    New:   - Support for Squid3   - Added Squid unsafe ports check [SQD-3624]
- Added Squid configuration file permission check [SQD-3613]   - Added Squid
test: reply_body_max_size option [SQD-3630]   - Added /etc/init.d/rc and
/etc/init.d/rcS to umask test [AUTH-9328]   - Check PHP option allow_url_include
[PHP-2378]    - Squid support added   - Squid daemon detection [SQD-3602]   -
Squid configuration file search [SQD-3604]   - Squid version detection
[SQD-3606]   - Check /etc/motd banner [BANN-7122]   - Check /etc/issue.net file
[BANN-7128]   - Check contents in /etc/issue.net [BANN-7130]   - Solaris single
user mode login check (/etc/default/sulogin) [AUTH-9304]   - HP-UX boot
authentication check [AUTH-9306]   - Linux single user mode authentication check
[AUTH-9308]   - Solaris account locking policy check [AUTH-9340]       Changes:
- Extended possible Squid configuration file locations   - Added additional
sysctl keys to default profile   - Fixed typo in squid.conf checks   - Improved
descriptions, logging and reporting for several tests   - Corrected
/etc/security/limits.conf path in test [KRNL-5820]   - Updated man page, limited
lines to 80 chars   - Added prerequisite to SSH test, so the test is skipped
properly [SSH-7440]   - Check for /etc/issue symlink [BANN-7124]   - Added file
check for possible harmful shells found [AUTH-9218]   - Add user home
directories to report [HOME-9302]   - Extended Linux run level test with support
for Debian/Ubuntu [KRNL-5622]   - Added /lib64/security to PAM test [AUTH-9262]
- Extended security repository check [PKGS-7388]   - Iptables check should not
check for a module in a Linux config [FIRE-4511]   - Ignore APC ups daemon when
scanning for CUPS [PRNT-2304]   - Improved kernel logger daemon check
[LOGG-2138]   - Added auditctl to binary check [ACCT-9630]   - Log used auditd
ruleset [ACCT-9630]   - Corrected logging of Solaris c2audit module [ACCT-9656]
- Fixed warning function for Solaris passwordless accounts [AUTH-9254]   -
Commented kern.randompid in default profile   - For sysctl the parameter -n will
be used on Linux systems   - Changed syslog daemon detection and state   -
Extended report file

* Sat Jan 30 2010 Rakesh Pandit <rakesh at fedoraproject.org> - 1.2.9-1
- Updated to 1.2.9
* Mon Jun  8 2009 Rakesh Pandit <rakesh at fedoraproject.org> - 1.2.6-2
- fixed requires tag

  [ 1 ] Bug #554001 - False positives + Update

This update can be installed with the "yum" update program.  Use 
su -c 'yum update lynis' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list