Jun 11, 2025 Functional Update- UBTU-22-255050 - Ubuntu 22.04 LTS must configure the SSH daemon to use FIPS 140-3-approved ciphers to prevent the unauthorized disclosure of information and/or detect changes to information during transmission.
- UBTU-22-255055 - Ubuntu 22.04 LTS must configure the SSH daemon to use Message Authentication Codes (MACs) employing FIPS 140-3-approved cryptographic hashes to prevent the unauthorized disclosure of information and/or detect changes to information during transmission.
- UBTU-22-411045 - Ubuntu 22.04 LTS must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made.
- UBTU-22-412010 - Ubuntu 22.04 LTS must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.
- UBTU-22-611045 - Ubuntu 22.04 LTS must be configured so that when passwords are changed or new passwords are established, pwquality must be used.
- UBTU-22-611055 - Ubuntu 22.04 LTS must store only encrypted representations of passwords.
- UBTU-22-612025 - Ubuntu 22.04 LTS must electronically verify personal identity verification (PIV) credentials.
- UBTU-22-612030 - Ubuntu 22.04 LTS, for PKI-based authentication, must validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
- UBTU-22-631015 - Ubuntu 22.04 LTS must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day.
- UBTU-22-653045 - Ubuntu 22.04 LTS must be configured so that audit log files are not read- or write-accessible by unauthorized users.
- UBTU-22-653050 - Ubuntu 22.04 LTS must be configured to permit only authorized users ownership of the audit log files.
- UBTU-22-653060 - Ubuntu 22.04 LTS must be configured so that the audit log directory is not write-accessible by unauthorized users.
Miscellaneous- Audit deprecated.
- Metadata updated.
- References updated.
- Variables updated.
|
