Add AlmaLinux support

2026-01-14 16:50:55 +00:00 · 2026-01-14 16:50:55 +00:00 · 6b7dd7eb65
commit 6b7dd7eb65
parent 6183ee2646 6fb683a2ac
4 changed files with 533 additions and 430 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,3 @@
 SOURCES/scap-security-guide-0.1.52-2.el7_9-rhel6.tar.bz2
 SOURCES/scap-security-guide-0.1.73-1.el7_9-rhel7.tar.bz2
-SOURCES/scap-security-guide-0.1.78.tar.bz2
+SOURCES/scap-security-guide-0.1.79.tar.bz2
--- a/.scap-security-guide.metadata
+++ b/.scap-security-guide.metadata
@ -1,3 +1,3 @@
 b22b45d29ad5a97020516230a6ef3140a91d050a SOURCES/scap-security-guide-0.1.52-2.el7_9-rhel6.tar.bz2
 17274daaa588330aa4df9a4d8df5ef448e40a696 SOURCES/scap-security-guide-0.1.73-1.el7_9-rhel7.tar.bz2
-c5818deab3cfdbfb59c3dc745de3898380429a94 SOURCES/scap-security-guide-0.1.78.tar.bz2
+91163dda2ac5ca31984d3488bcea8eda7fce1de8 SOURCES/scap-security-guide-0.1.79.tar.bz2
--- a/SOURCES/scap-security-guide-add-almalinux8-product.patch
+++ b/SOURCES/scap-security-guide-add-almalinux8-product.patch
--- a/SPECS/scap-security-guide.spec
+++ b/SPECS/scap-security-guide.spec
@ -5,7 +5,7 @@
 # global _default_patch_fuzz 2  # Normally shouldn't be needed as patches should apply cleanly

 Name:		scap-security-guide
-Version:	0.1.78
+Version:	0.1.79
 Release:	1%{?dist}.alma.1
 Summary:	Security guidance and baselines in SCAP formats
 License:	BSD-3-Clause
@ -129,9 +129,18 @@ ln -s ssg-firefox-ds.xml %{buildroot}%{_datadir}/xml/scap/ssg/content/ssg-firefo
 %{_datadir}/%{name}/ansible/rule_playbooks

 %changelog
-* Wed Oct 08 2025 Andrew Lukoshko <alukoshko@almalinux.org> - 0.1.78-1.alma.1
+* Wed Jan 14 2026 Andrew Lukoshko <alukoshko@almalinux.org> - 0.1.79-1.alma.1
 - Add AlmaLinux support

+* Mon Dec 1 2025 Artem Denisov <adenisov@redhat.com> - 0.1.79-1
+- Rebase scap-security-guide to the latest upstream version 0.1.79 (RHEL-130249)
+- Introduce configure_custom_crypto_policy_cis rule to restrict weak ciphers in RHEL CIS profiles (RHEL-111896)
+- Cover configuration of maxseq parameter in pwquality in all CIS profiles (RHEL-128593)
+- Add missing requirement to configure_custom_crypto_policy_cis rule (RHEL-76009)
+- Enable sshd_disable_forwarding rule for RHEL8 (RHEL-76009)
+- Fix idempotency of network_ipv6_privacy_extensions rule (RHEL-106813)
+- Make enable_authselect rule not applicable in containers (RHEL-84439)
+
 * Tue Sep 16 2025 Matthew Burket <mburket@redhat.com> - 0.1.78-1
 - Rebase scap-security-guide to the latest upstream version 0.1.78 (RHEL-111011)
 - Rule service_rngd_enabled is now evaluated on RHEL >= 8.4 in case kernel is not in FIPS mode (RHEL-95188)