Skip to content

Releases: CISOfy/lynis

Lynis 2.5.9

12 Jan 14:31
@mboelen mboelen
2.5.9
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
332cc49
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.9

Lynis 2.5.9 (2018-01-12)

Changes:

  • Don't show upgrade notice when being quiet/silent
  • Added --noplugins as an alias to skip execution of plugins
  • Use PATH variable for path detection, with predefined list as a backup

Tests:

  • [KRNL-6000] Multiple values are now allowed per sysctl key
  • [KRNL-6000] Individual tests can be skipped (skip-test=KRNL-6000:)
  • [KRNL-6000] Solution text has been added
Assets 2
Loading

Lynis 2.5.8

28 Dec 11:52
@mboelen mboelen
2.5.8
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
117f3db
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.8

Changes:

  • Check for empty files improved on several locations
  • New allow-auto-purge setting in profile for short-lived systems
  • Additional checks for log and report file
  • Changes to support time synchronization in old and newer systemd releases
  • Enhanced output for systems other than Linux

Plugins:

  • New class (hardware) added and enabled in default profile
Assets 2
Loading

Lynis 2.5.7

29 Oct 16:07
@mboelen mboelen
2.5.7
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
be82d80
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.7

Lynis 2.5.7 (2017-10-29)

Changes:

  • Update of Portuguese translation
  • Added --silent as alias for --quiet
  • Reduced screen output when running non-privileged
  • IsRunning function now allows full name process match
Assets 2
Loading

Lynis 2.5.6

27 Oct 11:02
@mboelen mboelen
2.5.6
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
858f849
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.6

Lynis 2.5.6 (2017-10-27)

Changes:

  • Added additional keywords for banners
  • DirectAdmin extensions
  • Enhancements to process detection
  • Spanish translation extended
  • Extended HP-UX support
  • Only show relevant messages in report

Tests:

  • [NETW-2705] - Allow local resolvers to bypass requirement for 2+ name servers
  • [SSH-7408] - Define default 'delayed' compression as a sane value for SSH tests
  • [SHLL-6220] - Improved detection of shell settings
Assets 2
Loading

Lynis 2.5.5

07 Sep 08:37
@mboelen mboelen
2.5.5
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
daeec98
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.5

Lynis 2.5.5 (2017-09-07)

Changes:

Minor release to solve errors on screen

Tests:

  • CRYP-7902 - certificate validation changed
Assets 2
Loading

Lynis 2.5.4

05 Sep 11:51
@mboelen mboelen
2.5.4
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
72dc0de
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.4

Lynis 2.5.4 (2017-09-05)

Changes:

  • Improve systemd detection
  • Detect Linux Mint version
  • Older versions of Mac OS X are detected as well
  • Norwegian translation added
  • PAM plugin extended

Tests:

  • CRYP-7902 - certificate validation changed
  • FIRE-4508 - Improved screen output
  • PKGS-7380 - NetBSD vulnerability detection adjusted
  • TOOL-5002 - Improved detection of Ansible directories and files
Assets 2
Loading

Lynis 2.5.3

17 Aug 12:32
@mboelen mboelen
2.5.3
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
83da68f
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.3

Lynis 2.5.3 (2017-08-17)

Changes:

  • DirectAdmin location added
  • Small adjustments to text
  • Enhanced detection for LXC and LXC
  • Added /opt/apache as a target location
  • Default log directory set for HP-UX
  • Screen output improvements

Tests:

  • CRYP-7902 - Prevent test from showing error on screen
  • FILE-6310 - Detection of mount point now match exact name
  • HRDN-7230 - Show single line when no malware scanner was detected
  • NETW-3006 - Updated detection of MAC addresses on Linux
  • PKGS-2379 - Improvement for OpenBSD usage of PHP suhosin
  • TOOL-5002 - Detection capabilities for Ansible added
Assets 2
Loading

Lynis 2.5.2

10 Jul 14:18
@mboelen mboelen
2.5.2
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
5a66eb8
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.2

Lynis 2.5.2 (2017-07-10)

Changes:

  • Support for PHP on CloudLinux
  • Check for presence of locale binary
  • Suhosin detection improvements
  • Generic code improvements
  • Changed 'lynis audit system remote' routine
  • Support for macOS High Sierra
  • French translation updated

Lynis Enterprise:

  • Allow 'tags' and 'system-customer-name' to be specified via Lynis client

Tests:

  • CONT-8102 - Check for dockerd instead of docker -d
  • FIRE-4594 - Check for presence Advanced Policy Firewall (APF)
  • PKGS-2379 - New test for PHP suhosin extension status
  • PKGS-7370 - Only use debsums on Debian
  • KRNL-6000 - Added kernel.dmesg_restrict testing
Assets 2
Loading

Lynis 2.5.1

31 May 13:58
@mboelen mboelen
2.5.1
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
1be5154
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.1

Lynis 2.5.1 (2017-05-31)

Changes:

  • Hebrew translation by Dolev Farhi
  • Improved detection of SSL certificate files
  • Minor changes to improve logging and results

Tests:

  • BOOT-5104 - Added support for macOS
  • FIRE-4524 - Determine if CSF is in testing mode
  • HTTP-6716 - Improved log message
Assets 2
Loading

Lynis 2.5.0

03 May 09:06
@mboelen mboelen
2.5.0
This tag was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
d012f81
This commit was signed with the committer’s verified signature. The key has expired.
mboelen Michael Boelen
GPG key ID: 26141F77A09D7F04
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Lynis 2.5.0

During the development of this release, the project got informed about a flaw that possibly could be abused by a local attacker. Even with the small risk of success, upgrading is highly recommended. See details on CVE-2017-8108

This release is a special maintenance release with focus on cleaning up the code for readability and future expansion.

Changes:

  • Use ROOTDIR variable instead of fixed paths
  • Introduction of IsEmpty and HasData functions for readability of code
  • Renamed some variables to better indicate their purpose (counting, data type)
  • Removal of unused code and comments
  • Deleted unused tests from database file
  • Correct levels of identation
  • Support for older mac OS X versions (Lion and Mountain Lion)
  • Initialized variables for more binaries
  • Additional sysctls are tested

Tests:

  • MALW-3280 - Extended test with Symantec components
  • PKGS-7332 - Detection of macOS ports tool and installed packages
  • TOOL-5120 - Snort detection
  • TOOL-5122 - Snort configuration file
Assets 2
Loading