[SECURITY] Fedora 18 Update: lynis-1.3.6-1.fc18

updates at fedoraproject.org updates at fedoraproject.org
Mon Dec 9 02:02:18 UTC 2013

Fedora Update Notification
2013-12-05 09:18:35

Name        : lynis
Product     : Fedora 18
Version     : 1.3.6
Release     : 1.fc18
URL         : http://cisofy.com/lynis/
Summary     : Security and system auditing tool
Description :
Lynis is an auditing and hardening tool for Unix/Linux and you might even call
it a compliance tool. It scans the system and installed software. Then it
performs many individual security control checks. It determines the hardening
state of the machine, detects security issues and provides suggestions to
improve the security defense of the system.

Update Information:

 * 1.3.6 (2013-12-03)

 - Support for the dntpd time daemon
 - New Apache test for modules [HTTP-6632]
 - Apache test for mod_evasive [HTTP-6640]
 - Apache test for mod_qos [HTTP-6641]
 - Apache test for mod_spamhaus [HTTP-6642]
 - Apache test for ModSecurity [HTTP-6643]
 - Check for installed package audit tool [PKGS-7398]
 - Added initial support for new pkgng and related tools [PKGS-7381]
 - Check for ssh-keyscan binary
 - ZFS support for FreeBSD [FILE-6330]
 - Test for passwordless accounts [AUTH-9283]
 - Initial OS support for DragonFly BSD
 - Initial OS support for TrueOS (FreeBSD based)
 - Initial OS support for elementary OS (Luna)
 - GetHostID for DragonFly, FreeBSD, NetBSD and OpenBSD
 - Check for DHCP client [NETW-3030]
 - Initial support for OSSEC (system integrity) [FINT-4328]
 - New parameter --log-file to adjust log file location
 - New function IsRunning() to check status of processes
 - New function RealFilename() to determine file name
 - New function CheckItem() for parsing files
 - New function ReportManual() and ReportException() to simplify code
 - New function DirectoryExists() to check existence of a directory
 - Support for dntpd [TIME-3104]

 - Extended pf checks for FreeBSD/OpenBSD and others [FIRE-4518]
 - Extended test to gather listening network ports for Linux [NETW-3012]
 - Adjusted lsof statement to ignore warnings (e.g. fuse) [LOGG-2180] [LOGG-2190]
 - Added suggestion for discovered shells on FreeBSD [AUTH-9218]
 - Extended core dump test with additional details [KRNL-5820]
 - Properly display suggestion if portaudit is not installed [PKGS-7382]
 - Ignore message if no packages are installed (pkg_info) [PKGS-7320]
 - Also try using apt-check on Debian systems [PKGS-7392]
 - Adjusted logging for RPM binary on systems not using it [PKGS-7308]
 - Extended search in cron directories for rdate/ntpdate [TIME-3104]
 - Adjusted PHP check to find ini files [PHP-2211]
 - Skip Apache test for NetBSD [HTTP-6622]
 - Skip test http version check for NetBSD [HTTP-6624]
 - Additional check to surpress sort error [HTTP-6626]
 - Improved the way binaries are checked (less disk reads)
 - Adjusted ReportWarning() function to skip impact rating
 - Improved report on screen by leaving out date/time and type
 - Redirect errors while checking for OpenSSL version
 - Extended reporting with firewall status and software
 - Adjusted naming of some operating systems to make them more consistent
 - Extended update check by using host binary if dig is not installed
 - Count number of installed binaries/packages and report them
 - Report about log rotation tool and status
 - Updated man page
Belated update after 4 years.
Belated update after 4 years.
Belated update after 4 years.

* Wed Dec  4 2013 Christopher Meng <rpm at cicku.me> - 1.3.6-1
- Update to 1.3.6
* Tue Nov 26 2013 Christopher Meng <rpm at cicku.me> - 1.3.5-1
- Update to 1.3.5
* Sat Aug  3 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.9-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.9-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

  [ 1 ] Bug #469317 - Review request: lynis - Security and system auditing tool
  [ 2 ] Bug #1037866 - lynis-1.3.5-1.fc19.noarch: broken permissions

This update can be installed with the "yum" update program.  Use 
su -c 'yum update lynis' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list