Commit Graph

  • 1445aa00f7 feat: add debian12 scripts damcava35/deb12_scripts_9 damien cavagnini 2025-08-01 16:20:58 +02:00
  • 0cf11ca4cf bring back missing "check_is_executable.sh" precommit damien cavagnini 2025-08-01 11:37:36 +02:00
  • c2598e484e feat: add debian12 scripts damcava35/deb12_scripts_5 damien cavagnini 2025-07-28 14:47:41 +02:00
  • c22ce20f9d feat: add debian12 scripts damcava35/deb12_scripts_8 damien cavagnini 2025-08-01 09:49:21 +02:00
  • ffab7bcb3e bring back missing "check_is_executable.sh" precommit damien cavagnini 2025-08-01 11:37:36 +02:00
  • 6c93b453bc feat: add debian12 scripts damcava35/deb12_scripts_7 damien cavagnini 2025-07-31 12:16:03 +02:00
  • 383a0a2ca6 refacto: systemd is-active / is-enabled damien cavagnini 2025-07-31 12:08:48 +02:00
  • a392d13cb0 refacto: systemd is-active / is-enabled damien cavagnini 2025-07-31 12:08:48 +02:00
  • 2cab6eda26 update lib/utils.sh Damien Cavagnini 2025-07-10 10:22:06 +02:00
  • 532c40d311 feat: add debian12 scripts damcava35/deb12_scripts_6 damien cavagnini 2025-07-30 10:09:28 +02:00
  • 57aa0e6ef5 update lib/utils.sh Damien Cavagnini 2025-07-10 10:22:06 +02:00
  • b0ca64f589 feat: add new scripts for debian 12 damcava35/deb12_scripts_3 Damien Cavagnini 2025-07-18 15:05:32 +02:00
  • a7bc6a47f9 feat: add new checks for debian12 damcava35/deb12_scripts_4 damien cavagnini 2025-07-23 10:09:28 +02:00
  • eda302d55f add "apt_remove" in lib/utils.sh damien cavagnini 2025-07-22 10:45:58 +02:00
  • dc03314e34 update lib/utils.sh Damien Cavagnini 2025-07-10 10:22:06 +02:00
  • 7c7730248e add "apt_remove" in lib/utils.sh damien cavagnini 2025-07-22 10:45:58 +02:00
  • f9f48ab630 update lib/utils.sh Damien Cavagnini 2025-07-10 10:22:06 +02:00
  • 02756efd06 chore: add new scripts for debian 12 damcava35/deb12_scripts_2 Damien Cavagnini 2025-07-09 17:36:05 +02:00
  • b9ded91724 update lib/utils.sh Damien Cavagnini 2025-07-11 14:20:27 +02:00
  • 15a59d6b2e feat: add 'is_service_active' in lib damien cavagnini 2025-07-28 16:04:11 +02:00
  • 74346b222f update lib/utils.sh Damien Cavagnini 2025-07-10 10:22:06 +02:00
  • 4a2e61a2fb chore: update script related to systemctl / service damcava35/update_lib Damien Cavagnini 2025-07-11 14:20:27 +02:00
  • e1e98a7270 update lib/utils.sh Damien Cavagnini 2025-07-10 10:22:06 +02:00
  • fbeac63e34 fix: shellcheck precommit (#276) master latest damcav35 2025-07-30 15:03:29 +02:00
  • 8c53258daf fix: shellcheck precommit damcava35/fix_shellcheck_precommit damien cavagnini 2025-07-30 14:13:41 +02:00
  • c9f9137e59 feat: add some precommit (#274) damcav35 2025-07-22 11:14:41 +02:00
  • 861ad71734 chore: rename some scripts damcava35/new_scripts Damien Cavagnini 2025-07-02 14:37:23 +02:00
  • 68f629ed36 adding new scripts for debian12 Damien Cavagnini 2025-06-27 17:25:13 +02:00
  • 51bc5825d6 refactor: is_kernel_option_enabled (#267) damcav35 2025-07-11 11:20:59 +02:00
  • ab0dba9f95 chore: drop debian 10 and below support (#264) v4.1-5 damcav35 2025-07-04 14:18:56 +02:00
  • f2c6f36b94 fix: ipv6_is_enabled related checks (#263) damcav35 2025-07-04 09:08:50 +02:00
  • 6123a56653 fix: update record_mac_edit.sh to use apparmor instead of selinux (#262) damcav35 2025-07-03 09:27:09 +02:00
  • 99e6694261 fix: "--only" option in "hardening.sh" (#261) damcav35 2025-07-02 14:22:20 +02:00
  • 231db2bf93 fix: debian package does not include "versions" (#260) damcav35 2025-07-01 13:55:26 +02:00
  • be33848d81 Damcava35/set version (#257) damcav35 2025-07-01 08:41:55 +02:00
  • 99bc575714 Damcava35/test pre commit (#256) damcav35 2025-06-23 10:23:43 +02:00
  • 00e0a875c2 fix: add tinyproxy in HTTP proxies dev/thibault.dewailly/deb12 thibault.dewailly 2024-12-24 09:57:14 +00:00
  • 38bf8c4bc0 feat: add tftp check thibault.dewailly 2024-12-24 09:54:51 +00:00
  • 68f2c640b1 feat: enhance NIS check thibault.dewailly 2024-12-24 09:34:10 +00:00
  • 7fa2d5f516 feat: add dnsmasq on DNS packages denylist thibault.dewailly 2024-12-24 09:17:02 +00:00
  • 679df5b9cf feat: add restrict_ptrace_scope thibault.dewailly 2024-12-24 09:13:16 +00:00
  • 1733d1f460 build(deps): bump luizm/action-sh-checker from 0.8.0 to 0.9.0 dependabot/github_actions/luizm/action-sh-checker-0.9.0 dependabot[bot] 2024-09-16 22:28:53 +00:00
  • 9a225c6157 build(deps): bump dev-drprasad/delete-tag-and-release from 1.0.1 to 1.1 (#238) dependabot[bot] 2024-09-10 17:47:36 +02:00
  • 6079b16611 fix: invalid behavior on sid/alternative in 5.3.4/99.5.4.5.1 (#237) Hugo COURTIAL 2024-04-09 17:12:31 +02:00
  • f7cdf438d4 build(deps): bump metcalfc/changelog-generator from 4.2.0 to 4.3.1 (#234) dependabot[bot] 2024-03-05 09:33:10 +01:00
  • 43fc23ee40 fix: catch cidr network in ssh keys (#236) Isma399 2024-02-22 17:55:03 +01:00
  • 3bd4078e70 fix: allow set-hardening-level option usage (#232) GoldenKiwi 2024-02-01 17:09:35 +01:00
  • a08b71adae fix: allow set-hardening-level option usage dev/thibault.dewailly/set_hardening_level thibault.dewailly 2024-02-01 14:54:09 +00:00
  • a45aa40ce4 bump to 4.1.4 v4.1-4 thibault.dewailly 2024-01-18 09:14:30 +00:00
  • 730ab47437 allow multiple users in 5.2.18 (#228) lgaida 2024-01-10 17:07:02 +01:00
  • 5313799193 Allow multiple exception users to be defined for 99.5.2.4_ssh_keys_from (#221) lgaida 2023-12-27 13:42:10 +01:00
  • 73616af4eb Syslog-ng fixes and enhancements (#226) GoldenKiwi 2023-12-27 10:27:06 +01:00
  • 796a561fe5 enh: add test for 4.2.1.6 dev/thibault.dewailly/syslogng_remotecheck thibault.dewailly 2023-12-27 08:58:12 +00:00
  • 58f4ca0392 syslog-ng : fix remote host test and enhance Regex thibault.dewailly 2023-12-27 08:40:35 +00:00
  • c391723fe5 fix: Allow --only option to be called multiple times (#225) GoldenKiwi 2023-12-26 17:08:53 +01:00
  • 71019a5512 fix: update Readme to clarify project usage (#223) GoldenKiwi 2023-12-26 09:57:15 +01:00
  • fb4df82fc4 fix: typo in README. Update example of --audit usage (#222) GoldenKiwi 2023-12-26 09:19:55 +01:00
  • c75244e3b2 bump to 4.1.3 v4.1-3 thibault.dewailly 2023-11-28 10:34:12 +00:00
  • de295b3a77 Adapt all scripts to yescrypt (#216) Stéphane Lesimple 2023-11-21 17:43:31 +01:00
  • 693487c3a5 build(deps): bump metcalfc/changelog-generator from 4.1.0 to 4.2.0 (#214) dependabot[bot] 2023-11-14 15:44:50 +01:00
  • 670c8c62f5 fix: clean obsolete check 99.5.4.5.1, now handled by 5.3.4 (#215) GoldenKiwi 2023-11-14 12:03:58 +01:00
  • 0eb2e2ffde enh: remove ssh system sandbox check (#213) GoldenKiwi 2023-11-13 08:53:12 +01:00
  • d6c334182e build(deps): bump luizm/action-sh-checker from 0.7.0 to 0.8.0 (#210) dependabot[bot] 2023-11-10 15:05:25 +01:00
  • 2188577fc9 feat: advertise Debian 12 compatibility in readme thibault.dewailly 2023-10-02 13:34:04 +00:00
  • 0f59f73297 bump to 4.1.2 v4.1-2 thibault.dewailly 2023-10-02 13:17:00 +00:00
  • f888ce0d39 fix: root_dir is still /opt/cis-hardening for the moment (#208) GoldenKiwi 2023-10-02 14:50:52 +02:00
  • f6aa306127 bump to 4.1.1 v4.1-1 thibault.dewailly 2023-09-29 14:38:26 +00:00
  • ceea343ad9 fix: debian12 functional test pass is now mandatory (#207) GoldenKiwi 2023-09-29 16:34:25 +02:00
  • 2e53dfb573 feat: Officialize Debian 12 support (#206) GoldenKiwi 2023-09-29 16:20:34 +02:00
  • 08aff5d3fc Update the README to reflect on changes made in PR#204 (#205) P-EB 2023-09-29 09:21:40 +02:00
  • 32886d3a3d Replace CIS_ROOT_DIR by a more flexible system (#204) P-EB 2023-09-25 14:24:01 +02:00
  • 5370ec2ef6 feat: add nftables to firewall software allow list (#203) GoldenKiwi 2023-09-07 14:36:08 +02:00
  • 9d3fb18e6b build(deps): bump actions/checkout from 3 to 4 (#202) dependabot[bot] 2023-09-05 17:07:12 +02:00
  • 6e79fcd00a fix: correct debian version check on 5.2.15 configuration generation (#199) GoldenKiwi 2023-09-01 08:34:28 +02:00
  • 27edec6d5f fix: chore, debug logs print correctly now (#197) GoldenKiwi 2023-08-31 14:40:27 +02:00
  • f2cc14c383 fix: chore debian manual update (#198) GoldenKiwi 2023-08-31 14:34:59 +02:00
  • 46377fc255 build(deps): bump dev-drprasad/delete-tag-and-release (#184) dependabot[bot] 2023-08-30 10:32:29 +02:00
  • a468b29036 fix: added systemd-timesyncd to use_time_sync script (#189) (#190) Joseph 2023-08-30 16:28:03 +08:00
  • db9ff8a7fd Update warn messages on 2.2.15_mta_localhost.sh (#193) JugeHuge 2023-08-30 11:23:27 +03:00
  • 6135c3d0e5 fix: enhance test 99.1.3 speed for large /etc/sudoers.d folders (#188) Stéphane Lesimple 2023-07-18 17:28:35 +02:00
  • a6ad528087 feat: Add experimental debian12 functionnal tests (#187) Tarik Megzari 2023-07-10 10:52:17 +02:00
  • bc98bedf73 bump to 4.0-1 v4.0-1 thibault.dewailly 2023-07-10 07:21:13 +00:00
  • 873ef8827d fix: 99.1.3_acc_sudoers_no_all: fix a race condition (#186) Stéphane Lesimple 2023-07-03 17:05:45 +02:00
  • bd27cd0dae fix: change auditd file rule remediation (#179) GoldenKiwi 2023-05-05 12:32:22 +02:00
  • f28ffc244c fix: correct debian package compression override (#181) GoldenKiwi 2023-05-02 18:06:59 +02:00
  • 19ce790a27 fix: ensure mountpoints are properly detected (#177) GoldenKiwi 2023-05-02 18:01:53 +02:00
  • 47cf86237b fix: correct search in 5.4.5_default_timeout in apply mode (#178) GoldenKiwi 2023-05-02 17:57:35 +02:00
  • ccd9c1a7aa fix: force xz compression during .deb build (#180) GoldenKiwi 2023-05-02 15:24:32 +02:00
  • 04457e7df2 feat: official Debian 11 compatibility (#176) GoldenKiwi 2023-05-02 14:16:19 +02:00
  • 05521d5961 Bump luizm/action-sh-checker from 0.5.0 to 0.7.0 (#171) dependabot[bot] 2023-04-26 10:20:11 +02:00
  • 06525f06f9 bump to 3.8-1 v3.8-1 thibault.dewailly 2023-03-23 10:03:37 +00:00
  • d5c1c63971 Bump luizm/action-sh-checker from 0.4.0 to 0.5.0 (#161) dependabot[bot] 2023-03-23 10:56:12 +01:00
  • 7d93ddeb86 Bump metcalfc/changelog-generator from 3.0.0 to 4.1.0 (#169) dependabot[bot] 2023-03-23 10:50:46 +01:00
  • a35ecab377 Bump dev-drprasad/delete-tag-and-release from 0.2.0 to 0.2.1 (#170) dependabot[bot] 2023-03-23 10:47:09 +01:00
  • dc952b90df fix: timeout of 99.1.3 (#168) Stéphane Lesimple 2022-12-22 09:47:35 +01:00
  • 82a217032d fix(6.2.9): Start from UID 1000 for home ownership check (#164) Tarik Megzari 2022-09-30 10:28:48 +02:00
  • e478a89bad bump to 3.7-1 (#160) v3.7-1 ymartin-ovh 2022-07-04 15:37:08 +02:00
  • 371c23cd52 feat: add FIND_IGNORE_NOSUCHFILE_ERR flag (#159) ymartin-ovh 2022-07-04 14:29:25 +02:00
  • ea8334d516 bump to 3.6-1 (#157) v3.6-1 Tarik Megzari 2022-06-27 12:13:01 +02:00
  • 987bb9c975 Bump luizm/action-sh-checker from 0.3.0 to 0.4.0 (#154) dependabot[bot] 2022-06-26 16:58:46 +02:00