Jan 4, 2023 Functional Update- OL07-00-010339 - The Oracle Linux operating system must specify the default 'include' directory for the /etc/sudoers file. - sudoers
- OL07-00-010339 - The Oracle Linux operating system must specify the default 'include' directory for the /etc/sudoers file. - sudoers.d/
|
Dec 7, 2022 |
Nov 18, 2022 Miscellaneous- Audit deprecated.
- Metadata updated.
- References updated.
|
Nov 14, 2022 Functional Update- OL07-00-030360 - The Oracle Linux operating system must audit all executions of privileged functions - setgid 32 bit
- OL07-00-030360 - The Oracle Linux operating system must audit all executions of privileged functions - setgid 64 bit
- OL07-00-030360 - The Oracle Linux operating system must audit all executions of privileged functions - setuid 32 bit
- OL07-00-030360 - The Oracle Linux operating system must audit all executions of privileged functions - setuid 64 bit
- OL07-00-030510 - The Oracle Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls - EACCES 32 bit
- OL07-00-030510 - The Oracle Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls - EACCES 64 bit
- OL07-00-030510 - The Oracle Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls - EPERM 32 bit
- OL07-00-030510 - The Oracle Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls - EPERM 64 bit
- OL07-00-030740 - The Oracle Linux operating system must audit all uses of the mount command and syscall - 32 bit
- OL07-00-030740 - The Oracle Linux operating system must audit all uses of the mount command and syscall - 64 bit
|
Nov 7, 2022 Functional Update- OL07-00-030910 - The Oracle Linux operating system must audit all uses of the unlink, unlinkat, rename, renameat, and rmdir syscalls - 32 bit
- OL07-00-030910 - The Oracle Linux operating system must audit all uses of the unlink, unlinkat, rename, renameat, and rmdir syscalls - 64 bit
|
Oct 18, 2022 Functional Update- OL07-00-010341 - The Oracle Linux operating system must restrict privilege elevation to authorized personnel - sudoers.d
- OL07-00-020030 - The Oracle Linux operating system must be configured so that a file integrity tool verifies the baseline operating system configuration at least weekly - cron
- OL07-00-021600 - The Oracle Linux operating system must be configured so that the file integrity tool is configured to verify Access Control Lists (ACLs) - config
- OL07-00-021610 - The Oracle Linux operating system must be configured so that the file integrity tool is configured to verify extended attributes - config
- OL07-00-021620 - The Oracle Linux operating system must use a file integrity tool that is configured to use FIPS 140-2 approved cryptographic hashes for validating file contents and directories - sha512
- OL07-00-030330 - The Oracle Linux operating system must initiate an action to notify the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity - SA and Information System Security Officer ISSO, at a minimum, when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity.
Informational Update- OL07-00-021600 - The Oracle Linux operating system must be configured so that the file integrity tool is configured to verify Access Control Lists (ACLs) - config
- OL07-00-021610 - The Oracle Linux operating system must be configured so that the file integrity tool is configured to verify extended attributes - config
- OL07-00-021620 - The Oracle Linux operating system must use a file integrity tool that is configured to use FIPS 140-2 approved cryptographic hashes for validating file contents and directories - sha512
|
Aug 11, 2022 Functional Update- OL07-00-031000 - The Oracle Linux operating system must send rsyslog output to a log aggregation server.
|
May 3, 2022 |
