|
 |
dac76a |
From 9931560aa3bca34cc1a5231b370dc86618ba6d9b Mon Sep 17 00:00:00 2001
|
|
|
dac76a |
From: Gabriel Becker <ggasparb@redhat.com>
|
|
|
dac76a |
Date: Thu, 16 Apr 2020 14:04:40 +0200
|
|
|
dac76a |
Subject: [PATCH 1/2] Add CCE identifiers to sshd_disable_x11_forwarding.
|
|
|
dac76a |
|
|
|
dac76a |
---
|
|
|
dac76a |
.../ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml | 3 +++
|
|
|
dac76a |
shared/references/cce-redhat-avail.txt | 2 --
|
|
|
dac76a |
2 files changed, 3 insertions(+), 2 deletions(-)
|
|
|
dac76a |
|
|
|
dac76a |
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
|
|
|
dac76a |
index 09dd808e99..91297a03b9 100644
|
|
|
dac76a |
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
|
|
|
dac76a |
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
|
|
|
dac76a |
@@ -26,6 +26,9 @@ ocil_clause: "that the X11Forwarding option exists and is enabled"
|
|
|
dac76a |
ocil: |-
|
|
|
dac76a |
{{{ ocil_sshd_option(default="no", option="X11Forwarding", value="no") }}}
|
|
|
dac76a |
|
|
|
dac76a |
+identifiers:
|
|
|
dac76a |
+ cce@rhel7: 83359-0
|
|
|
dac76a |
+ cce@rhel8: 83360-8
|
|
|
dac76a |
|
|
|
dac76a |
references:
|
|
|
dac76a |
cis@rhel7: 5.2.5
|
|
|
dac76a |
diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
|
|
|
dac76a |
index c10448ff8d..cbba06db56 100644
|
|
|
dac76a |
--- a/shared/references/cce-redhat-avail.txt
|
|
|
dac76a |
+++ b/shared/references/cce-redhat-avail.txt
|
|
|
dac76a |
@@ -50,8 +50,6 @@ CCE-83355-8
|
|
|
dac76a |
CCE-83356-6
|
|
|
dac76a |
CCE-83357-4
|
|
|
dac76a |
CCE-83358-2
|
|
|
dac76a |
-CCE-83359-0
|
|
|
dac76a |
-CCE-83360-8
|
|
|
dac76a |
CCE-83361-6
|
|
|
dac76a |
CCE-83362-4
|
|
|
dac76a |
CCE-83363-2
|
|
|
dac76a |
|
|
|
dac76a |
From 176d03b11b60c0ae41ace2e95e4bb2688f5ac429 Mon Sep 17 00:00:00 2001
|
|
|
dac76a |
From: Gabriel Becker <ggasparb@redhat.com>
|
|
|
dac76a |
Date: Thu, 16 Apr 2020 14:05:26 +0200
|
|
|
dac76a |
Subject: [PATCH 2/2] Correct CIS reference number for RHEL7.
|
|
|
dac76a |
|
|
|
dac76a |
---
|
|
|
dac76a |
.../ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml | 2 +-
|
|
|
dac76a |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
dac76a |
|
|
|
dac76a |
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
|
|
|
dac76a |
index 91297a03b9..23cb0a07f8 100644
|
|
|
dac76a |
--- a/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
|
|
|
dac76a |
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_x11_forwarding/rule.yml
|
|
|
dac76a |
@@ -31,7 +31,7 @@ identifiers:
|
|
|
dac76a |
cce@rhel8: 83360-8
|
|
|
dac76a |
|
|
|
dac76a |
references:
|
|
|
dac76a |
- cis@rhel7: 5.2.5
|
|
|
dac76a |
+ cis@rhel7: 5.2.4
|
|
|
dac76a |
cis@rhel8: 5.2.6
|
|
|
dac76a |
cis@sle12: 5.2.4
|
|
|
dac76a |
cis@sle15: 5.2.6
|