[BESAdmin-Announcements] Maintenance Update for DISA UNIX - June 15, 2011
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Wed Jun 15 15:01:38 PDT 2011
IBM Tivoli Endpoint Manager for Security and Compliance
Security Configuration Management (SCM) for Unix Systems
Release Notes for 15 June 2011 UNIX maintenance update:
The Security and Compliance team at IBM has modified the content within
the UNIX System checklists to
---- Affected Sites ----
SCM Checklist DISA STIG on AIX 5.1 site version 17
SCM Checklist DISA STIG on AIX 5.2 site version 15
SCM Checklist DISA STIG on AIX 5.3 site version 17
SCM Checklist DISA STIG on AIX 6.1 site version 13
SCM Checklist DISA STIG on HP-UX 11.00 site version 15
SCM Checklist DISA STIG on HP-UX 11.11 site version 13
SCM Checklist DISA STIG on HP-UX 11.23 site version 13
SCM Checklist DISA STIG on RedHat 3 site version 13
SCM Checklist DISA STIG on RedHat 4 site version 13
SCM Checklist DISA STIG on RedHat 5 site version 11
SCM Checklist DISA STIG on Solaris 8 site version 13
SCM Checklist DISA STIG on Solaris 9 site version 13
SCM Checklist DISA STIG on Solaris 10 site version 19
*Note: RHEL/RedHat content is also supported on CentOS.
---- CHANGES ----
GEN000460, GEN000540, GEN000560, GEN000600a, GEN000620, GEN000680,
GEN000700, GEN000800, GEN000880, GEN001440, GEN001460, GEN001500,
GEN001520, GEN001540, GEN001860, GEN001880, GEN001900, GEN001960,
GEN001980, GEN002000, GEN002020, GEN002040, GEN002060c, GEN002060d,
GEN002140, GEN004780, GEN005000, GEN005040, GEN005120a, GEN005120b,
GEN005180 - modified to ignore netgroups in the /etc/passwd file.
GEN000600a - resolved an issue on AIX in which remediation would fail if
the default: stanza AND an individual user's stanza were out of
compliance.
GEN000460, GEN000580, GEN000600a, GEN000600b, GEN000620, GEN000640 - a
parameter has been added for Linux fixlets to allow the console operator
to define in which PAM file to look for the desired setting.
GEN000460 - the fixlet description was modified.
GEN000800 - the shell script for Linux was revised to make it more
consistent with the other PAM checks; removed remediation capabilities on
Linux.
---- KNOWN ISSUES ----
GEN001700 on Solaris systems may create STDERR if it encounters a dead
symbolic link. This should not affect the compliance status of this
fixlet.
Please contact IBM Tivoli Endpoint Manager Technical Support if you have
any questions regarding this update.
We hope you find this latest release of SCM content useful and effective.
Thank you!
-- The Tivoli Endpoint Manager for Security and Compliance product team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20110615/1945fd89/attachment.htm
More information about the Besadmin-announcements
mailing list