From patchwork Sat Jun 11 10:55:19 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?=
 <peter.mueller@ipfire.org>
X-Patchwork-Id: 5656
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384)
	 client-signature ECDSA (P-384))
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4LKvr122Fqz3x1x
	for <patchwork@web04.haj.ipfire.org>; Sat, 11 Jun 2022 10:55:29 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-384)
	 client-signature ECDSA (P-384))
	(Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4LKvqz3ZNnz10Y;
	Sat, 11 Jun 2022 10:55:27 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4LKvqz3GTxz2y3d;
	Sat, 11 Jun 2022 10:55:27 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384)
 client-signature ECDSA (P-384))
 (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
 by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4LKvqx4w6zz2xNg
 for <development@lists.ipfire.org>; Sat, 11 Jun 2022 10:55:25 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-384))
 (No client certificate requested)
 by mail01.ipfire.org (Postfix) with ESMTPSA id 4LKvqv5mxzz3D
 for <development@lists.ipfire.org>; Sat, 11 Jun 2022 10:55:22 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003ed25519; t=1654944925;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding;
 bh=jdROZk8RUv/AFpGZEeqh3kgogeCz4fySnEnEiSH6Y/U=;
 b=Ju2SVurABS2JZjkdagDEDqZOe1ETMh0mOWHsfrJqcCteczTfl6h+rIiN42fVuCIeqnQuNx
 sQ4l9DKElXh9nYDA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
 t=1654944925;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding;
 bh=jdROZk8RUv/AFpGZEeqh3kgogeCz4fySnEnEiSH6Y/U=;
 b=HC/YcDPjZgF56S2jYbezFpefwBOKdd+pJJHfL30+YZnGyYHtk+X6XybOneqp+VXzFFo4jA
 3QH1SzX7pBxkVZn1O5NtC1tuOX7yLtZglodb89rCpFA3FNaRA/kigMVHd804LEPet6Jo2h
 9O4jGpedm6ltiqT+HRm/q2X3gdCuQVjQSTbbOUaAn2H81od1If9btSKoO6Z8lgHGOQ9dr4
 t4QZi8SfEGVPlONI06gJN/UxBaG6iAculgV65R71yPdMFsaHbUjh+X8JYU7Xl2RN2+LCx/
 kFpLg0SaypAdnYn2YNxSacLLpwkLkd3d+MtWcXE1fXpFpYO8yE8tWisUdU9PjQ==
Message-ID: <31849683-e94c-c4ab-fe01-730446fbee9d@ipfire.org>
Date: Sat, 11 Jun 2022 10:55:19 +0000
MIME-Version: 1.0
Content-Language: en-US
To: "IPFire: Development" <development@lists.ipfire.org>
From: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@ipfire.org>
Subject: [PATCH] lynis: Update to 3.0.8
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
 <mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <http://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
 <mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

Full changelog as retrived from https://cisofy.com/changelog/lynis/#308:

- MALW-3274 - Detect McAfee VirusScan Command Line Scanner
- PKGS-7346 Check Alpine Package Keeper (apk)
- PKGS-7395 Check Alpine upgradeable packages
- EOL for Alpine Linux 3.14 and 3.15

- AUTH-9408 - Check for pam_faillock as well (replacement for pam_tally2)
- FILE-7524 - Test enhanced to support symlinks
- HTTP-6643 - Support ModSecurity version 2 and 3
- KRNL-5788 - Only run relevant tests and improved logging
- KRNL-5820 - Additional path for security/limits.conf
- KRNL-5830 - Check for /var/run/needs_restarting (Slackware)
- KRNL-5830 - Add a presence check for /boot/vmlinuz
- PRNT-2308 - Bugfix that prevented test from storing values correctly
- Extended location of PAM files for AARCH64
- Some messages in log improved

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
 lfs/lynis | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lfs/lynis b/lfs/lynis
index bc6b29297..afc109945 100644
--- a/lfs/lynis
+++ b/lfs/lynis
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = Security and System auditing tool
 
-VER        = 3.0.7
+VER        = 3.0.8
 
 THISAPP    = lynis-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -35,7 +35,7 @@ DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 
 PROG       = lynis
-PAK_VER    = 11
+PAK_VER    = 12
 
 DEPS       =
 
@@ -49,7 +49,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = d9cddcba9c83ddee08ea38c8e80bf6f0a78179ad102673a876a1fe3d4544612e945d8637a8d026ce7bff72b09d6274223031e1cb6fc74596b2c65f0380fecd67
+$(DL_FILE)_BLAKE2 = 490bd6799619a4247c3fa68cc96f2f1fead651b23db0ffb512394960f8ca0360ab7f25d2bb8d9e742641558972e1fdd4b1e18d7de0d13007988276eed3a97b1f
 
 install : $(TARGET)