Skip to content

Releases: CISOfy/lynis

Release 1.6.3

14 Oct 09:01
@mboelen mboelen
1.6.3
ea44c2e
Compare
Choose a tag to compare
Release 1.6.3

New:

  • Added tests for Shellshock bash vulnerability [SHLL-6290]

  • Added test to determine if Snoopy is used [ACCT-9636]

  • New test for qdaemon configuration file [PRNT-2416]

  • Test for GRUB boot loader password [BOOT-5122]

  • New test for qdaemon printer jobs [PRNT-2420]

  • Added ClamXav test for Mac OS X [MALW-3288]

  • Gentoo vulnerable packages test [PKGS-7393]

  • New test for qdaemon status [PRNT-2418]

  • Gentoo package listing [PKGS-7304]

  • Running Lynis without root permissions will start non-privileged scan

  • Systemd service and timer example file added

  • Added grub2-install to binaries

    Changes:

  • Adjustments so insecure SSL protocols are detected in nginx config [HTTP-6710]

  • Directories will be skipped when searching for nginx log files [HTTP-6720]

  • Only gather unique name servers from /etc/resolv.conf [NAME-2704]

  • Properly detect mod_evasive on Gentoo and others [HTTP-6640]

  • Improved swap partition detection in /etc/fstab [FILE-6336]

  • Improvements to kernel detection (e.g. Gentoo) [KRNL-5830]

  • Test for built-in security options in YUM [PKGS-7386]

  • Improved boot loader detection for GRUB2 [BOOT-5121]

  • Split GRUB test into two tests [BOOT-5122]

  • Added Mac OS uptime check [BOOT-5202]

  • Improved GetHostID function for systems having only ip binary

  • Improved testing for symlinked binary directories

  • Minor adjustments to log output

  • Renamed dev directory to extras

Assets 2
Loading

Release 1.6.2

23 Sep 12:15
@mboelen mboelen
1.6.2
e89fa7e
Compare
Choose a tag to compare
Release 1.6.2

This is the 1.6.2 release.

  • 1.6.2 (2014-09-22)

    New:

  • IsVirtualMachine function to check if system is running in VM

    VM types: Bochs CPU emulation, IBM z/VM, KVM, Linux Containers,
    libvirt LXC driver (Linux Containers), Microsoft Virtual PC, OpenVZ,
    Oracle VM VirtualBox, QEMU, Systemd Namespace container,
    User-Mode Linux (UML), VMware products, XEN

  • Detection for SaltStack configuration management tooling

  • ShowSymlinkPath function to check path behind a symlink

  • Check of configuration options of pacman [PKGS-7314]

  • Support for drill binary to check for Lynis update

  • FileIsEmpty function to check for empty files

  • Detect updates for Arch Linux [PKGS-7312]

  • Add detection for machine ID (systemd)

  • Added linux_config_file to report

  • Bash completion script for Lynis

  • Added detection of ss binary

    Changes:

  • Extended system reboot check, to enable it for most Linux versions[KRNL-5830]

  • Improved inetd test to avoid false positive with xinetd process [INSE-8002]

  • Permissions check has been adjusted to allow packaging and pentest mode

  • Added detection for compressed Linux config file [KRNL-5728]

  • Added support for compressed Linux config file [KRNL-5730]

  • Store PID file in home directory of the user, if needed

  • Added usage of ss to gather listening ports [NETW-3012]

  • Additional permission added to CUPS check [PRNT-2307]

  • Extended telnet in inetd test [INSE-8016]

  • Fix for reading at.deny file [SCHD-7720]

  • Removed individual warnings [BOOT-5184]

  • Several improvements for Arch Linux

Assets 2
Loading

Version 1.6.1

11 Sep 13:48
@mboelen mboelen
1.6.1
90f927e
Compare
Choose a tag to compare
Version 1.6.1

Version 1.6.1

Assets 2
Loading