cis-hardening (1.2-1) unstable; urgency=medium

  * Migrate generic checks from secaudit to cis-hardening
  * Add crontab
  * FIX: add becho to send batch output to syslog too
  * Update debian 7/8/9 in help files and remove in generic scripts
  * IMP: sort find result by name and version to ease reading
  * FIX: remove "exernal-sources" option when running shellcheck
  * Add shellcheck recommendation
  * FIX: add way of completely skipping test that bugged with jessie
  * Fix typo in test skeleton and add shellcheck comment
  * FIX: bug crashing for undeclared variable when consitency checks failed
  * IMP: tests readability and runtime error handling
  * IMP: new tag in file to tell that the script should pass shellcheck
  * FIX: tests return value that was always 255
  * FIX: quotes in find command, misinterpreted shellcheck advice
  * FEAT: Add sudo_wrapper to catch unauthorized sudo commands
  * FEAT: automate shellcheck test with docker
  * FIX: sed that was too greedy
  * Add missing /usr/bin/su
  * FIX: add /usr/bin/* path for suid/guid allowed binaries
  * Adding batch mode to output just one line of text (no colors) in order to be parsed by computer tools
  * Change from CIS reco and only warn (no crit) if logfile does not exist
  * IMP(test): Add feature to run functional tests in docker instance
  * Improve --only option to perform only specified test and no other lookalike test number
  * Redirect stderr to avoid printing "no such file" error
  * resolve #SOC-30 Also check /etc/security/limits.d/ for core dump limit
  * Fix SOC-28, add test if file exist, if not issue error
  * Add sudo management in main and utils

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Tue, 12 Feb 2019 11:39:44 +0100

cis-hardening (1.1-1) unstable; urgency=low

  * Add hardening templating and several enhancements
  * CIS_ROOT_DIR management
  * Update ciphers list in 9.3.11 with latest chacha20 and gcm ciphers
  * Debian packaging clean up

 -- Julien Delayen <julien.delayen@corp.ovh.com>  Fri, 02 Feb 2018 09:38:31 +0100

cis-hardening (1.0-11) jessie; urgency=low

  * fixed option name in 9.3.9_disable_sshd_permitemptypasswords.sh
  * [10.2] Fixed result parsing in case of spaces in passwd list
  * [Debian 8] Fixed comments for debian 8 compliance
  * [10.1.3] set the good value for $OPTIONS
  * set a fixed-size prefix for logger
  * handle ENOENT properly in does_pattern_exist_in_file\(\)

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Mon, 05 Jun 2017 14:32:56 +0200

cis-hardening (1.0-10) wheezy; urgency=low

  * Script output should be useful with pipe or redirection

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Wed, 18 May 2016 08:38:35 +0200

cis-hardening (1.0-9) wheezy; urgency=low

  * Fixed replace in file function with proper substitution
  * tripwire : fixed typo on postinstall helper
  * fix 99.1 Apply TMOUT Variable

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Tue, 03 May 2016 12:31:59 +0200

cis-hardening (1.0-8) wheezy; urgency=low

  * phrasing reworked all over the place
  * added debian dependencies bash and bc

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Tue, 26 Apr 2016 10:26:18 +0200

cis-hardening (1.0-7) wheezy; urgency=low

  * Fixed 6.15 netstat analysis

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Mon, 25 Apr 2016 09:18:30 +0200

cis-hardening (1.0-6) wheezy; urgency=low

  * corrected README.md CIS website address
  * corrected conffiles: etc/hardening.cfg was missing

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Fri, 22 Apr 2016 14:27:40 +0200

cis-hardening (1.0-5) wheezy; urgency=low

  * typo fix / phrasing reworked
  * Fixed default file error handling and quickstart
  * Fixed point 9.1.8 cron rights as a chmod 600 disabled the cron.allow
    features (file must be world readable)

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Fri, 22 Apr 2016 10:15:55 +0200

cis-hardening (1.0-4) wheezy; urgency=low

  * added AUTHORS file
  * s/README/README.md/ with more details
  * manpage extracted from README

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Thu, 21 Apr 2016 11:57:39 +0200

cis-hardening (1.0-3) wheezy; urgency=low

  * add --audit-all option
  * add --audit-all-enable-passed, add info in README and help
  * Added exit code to CIS_ROOT_DIR test def, optimized sed and sort
  * Fixed 8.2.4 check file exists before testing rights

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Wed, 20 Apr 2016 12:37:58 +0200

cis-hardening (1.0-2) wheezy; urgency=low

  * add LICENSE
  * duplicate README in /opt and /usr/share/doc
  * patch conffiles for new correct configuration files names

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Tue, 19 Apr 2016 14:31:03 +0200

cis-hardening (1.0-1) stable; urgency=low

  * Initial release.

 -- Kevin Tanguy <kevin.tanguy@ovh.net>  Mon, 18 Apr 2016 17:13:07 +0200