From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] lynis: Update to version 3.0.6 Date: Sat, 01 Jan 2022 17:59:20 +0100 Message-ID: <20220101165920.3480735-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0442239020329866275==" List-Id: --===============0442239020329866275== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable - Update from 3.0.3 to 3.0.6 - Communication had with cisofy about the website and github versions of lyni= s and the lack of a signature file on github. Following response received from Micha= el Boelen of cisofy. "GitHub releases are different as they (the tarballs) are created by GitHu= b itself. So yes, the hashes will differ. In fact, the contents of the files will be d= ifferent as well. These files are not signed by GitHub or us. We consider GitHub the = work version. When we release a new version, we tag them on GitHub with a version as we= ll. For the stable releases, use the version on the website." - Based on the above the version used in this build is from the website. The = signature file for version 3.0.6 on the website is now available. - The lynis-3.0.6.tar.gz in the IPFire Source location will probably need to = be removed as it is from the Github location and running ./make.sh uploadsrc will pro= bably not upload the correct version because the filenames are the same. The tarball= used in this patch was from https://cisofy.com/downloads/lynis/ - The lfs file modified to take account of the tarball expanding to just lyni= s without any version number. Also the rm -rf line has been modified due to the file= differences with the previous Github versions. - Update rootfile to take account of the plugin_pam_phase1 and plugin_systemd= _phase1 plugins not being included in the cisofy website version of the tarball. I= f these two plugins that are available for community users are needed then they have t= o be downloaded separately from cisofy via an email subscription to the notific= ation test. All other plugins are only available for paying customers. - Changelog Version 3.0.6 (2021-07-22) ### Added - OS detection: Artix Linux, macOS Monterey, NethServer, openSUSE MicroOS - Check for outdated translation files ### Changed - DBS-1826 - Check if PostgreSQL is being used - DBS-1828 - Test multiple PostgreSQL configuration file(s) - KRNL-5830 - Sort kernels by version instead of modification date - PKGS-7410 - Don't show exception for systems using LXC - GetHostID function: fallback options added for Linux systems - Fix: macOS Big Sur detection - Fix: show correct text when egrep is missing - Fix: variable name for PostgreSQL - German and Spanish translations extended Version 3.0.5 (2021-07-02) ### Added - OS detection of Arch Linux 32, BunsenLabs Linux, and Rocky Linux - CRYP-8006 - Check MemoryOverwriteRequest bit to protect against cold-b= oot attacks (Linux) ### Changed - ACCT-9622 - Corrected typo - HRDN-7231 - When calling wc, use the short -l flag instead of --lines = (Busybox compatibility) - PKGS-7320 - extended to Arch Linux 32 - Generation of host identifiers (hostid/hostid2) extended - Linux host identifiers are now using ip as preferred input source - Improved logging in several areas Version 3.0.4 (2021-05-11) ### Added - ACCT-9670 - Detection of cmd tooling - ACCT-9672 - Test cmd configuration file - BOOT-5140 - Check for ELILO boot loader presence - OS detection of AlmaLinux, Garuda Linux, Manjaro (ARM), and others ### Changed - BOOT-5104 - Add service manager detection support for runit - FILE-6430 - Report suggestion only when at least one kernel module is = not in the blacklist - FIRE-4540 - Corrected nftables empy ruleset test - LOGG-2138 - Do not check for klogd when metalog is being used - TIME-3185 - Improved support for Debian stretch - Corrected issue when Lynis is not executed directly from lynis directo= ry Signed-off-by: Adolf Belka --- config/rootfiles/packages/lynis | 2 -- lfs/lynis | 14 +++++++------- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/config/rootfiles/packages/lynis b/config/rootfiles/packages/lynis index 357f9cb3a..922efe5f1 100644 --- a/config/rootfiles/packages/lynis +++ b/config/rootfiles/packages/lynis @@ -117,5 +117,3 @@ var/ipfire/lynis/lynis #var/ipfire/lynis/plugins #var/ipfire/lynis/plugins/README var/ipfire/lynis/plugins/custom_plugin.template -var/ipfire/lynis/plugins/plugin_pam_phase1 -var/ipfire/lynis/plugins/plugin_systemd_phase1 diff --git a/lfs/lynis b/lfs/lynis index 1ae501603..e6f2007b0 100644 --- a/lfs/lynis +++ b/lfs/lynis @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 3.0.3 +VER =3D 3.0.6 =20 THISAPP =3D lynis-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -33,7 +33,7 @@ DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) =20 PROG =3D lynis -PAK_VER =3D 9 +PAK_VER =3D 10 DEPS =3D =20 ############################################################################= ### @@ -44,7 +44,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D d5c7cdbab15029449fe5ef4b59ee941d +$(DL_FILE)_MD5 =3D 23cc369984d564e4a8232473b1ace137 =20 install : $(TARGET) =20 @@ -76,8 +76,8 @@ dist: =20 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && rm -rf .git* .travis.yml *.md FAQ INSTALL LICENCE lynis.8 = README - cp -vrf $(DIR_APP) /var/ipfire/lynis - @rm -rf $(DIR_APP) + @rm -rf $(DIR_SRC)/$(PROG) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_SRC)/$(PROG) && rm -rf *.md FAQ INSTALL LICENCE lynis.8 README + cp -vrf $(DIR_SRC)/$(PROG) /var/ipfire/lynis + @rm -rf $(DIR_SRC)/$(PROG) @$(POSTBUILD) --=20 2.34.1 --===============0442239020329866275==--