V2r4 release

RuleIDs updated for listed controls after changes

RHEL-08-010330, RHEL-08-010340, RHEL-08-010350
Added “/usr/lib64” to Check and Fix Text paths.
RHEL-08-010380 - Updated sudoers “NOPASSWD” Check Text command.
RHEL-08-010381 - Updated Check Text command to split the search for “NOPASSWD” and “!authenticate”
RHEL-08-010382 - Updated sudoers “ALL” Check Text command.
RHEL-08-010741 - Updated finding text.
RHEL-08-030610 - Adjusted to change rules.d file thanks to @platymatt
RHEL-08-030655 - Added requirement to audit any script or executable called by cron as root or by any privileged user.
RHEL-08-040030 - Updated Check command.
RHEL-08-040310 - Updated the Discussion to include “aide.conf” monitoring explanation and updated the Check to require the SA to review the “aide.conf” manually.
QA Linting Fixes
Revamp 08-010100
Removed boot_partition prem lim var
improvements in logic in several controls.

What's Changed

• Functions by @uk-bolly in #338
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #339
• 2025 April Update post audit shell output by @frederickw082922 in #341
• 2025 April Update post audit shell output v2 by @frederickw082922 in #342
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #344
• Merge stig v2r2 to devel by @uk-bolly in #345
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #346
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #347
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #348
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #349
• Audit alignment by @uk-bolly in #350
• V2R2 release to main by @uk-bolly in #351
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #353
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #355
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #356
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #357
• update workflow to standard by @frederickw082922 in #359
• .github standardization by @frederickw082922 in #360
• .github standardization + .pre-commit by @frederickw082922 in #361
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #362
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #363
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #364
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #365
• Jan25 updates by @uk-bolly in #366
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #367
• Pub v2r4 by @uk-bolly in #369
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #370
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #371
• Release V2r4 to main by @uk-bolly in #372

New Contributors

• @frederickw082922 made their first contribution in #341

Full Changelog: 4.0.0...4.1.0

V2R1 Release Oct 2024

Release of STIG V2R 24th October 2024

RuleIDs updated for all controls
Nist Control ID associations added

• RHEL-08-010350 - command updated
• RHEL-08-010472 - Not Applicable if fips
• RHEL-08-020035 - version 8.7+
• RHEL-08-020039 RHEL-08-020040 RHEL-08-020041 RHEL-08-020042, RHEL-08-020070 - TMUX removed
• RHEL-08-020220, RHEL-08-020221 - remember not required for PAM
• RHEL-08-020320 - Updated Check and Fix
• RHEL-08-030603, RHEL-08-040139, RHEL-08-040140, RHEL-08-040141 - Rules updated Ok if no USB peripherals
• RHEL-08-040284
• RHEL-08-040370
• RHEL-08-010001 - removed as not a NIST value
• RHEL-08-020035 - updated
• RHEL-08-040132 - updated
• RHEL-08-010040 - tags and conditional

#316
#327

Others updates include
workflow update
new linting
company name update
date changes

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #331
• Stig v2r1 release to devel by @uk-bolly in #332
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #333
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #334
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #335
• updated readme by @uk-bolly in #336
• Release v2r1 to main by @uk-bolly in #337

Full Changelog: 3.4.0...4.0.0

STIG Version1 Release14 - April 2024

Release of STIG V1R14 24th April 2023

GUI discovery update
RuleID updates
ansible config update

#232 - thanks to @eday87 @BJSmithIEEE
#298 thanks to @mikefrompsu
#299 thanks to @cpu010100
thanks to @dglinder
#301
#302

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #310
• Stigv1r14 Release to devel by @uk-bolly in #309
• Stigv1r14 release to main by @uk-bolly in #311
• fixed 040132-04 issue 312 by @uk-bolly in #313
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #315
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #318
• Name and alignment by @uk-bolly in #319
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #321
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #322
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #323
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #324
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #325
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #326
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #328
• Feb25 by @uk-bolly in #329
• Stig v1r14 release to main by @uk-bolly in #330

Full Changelog: 3.3.2...3.4.0

Final - STIG V1R13 release

STIG Version1 Release 13 release - Jan 24

Remediate

Pre-commit updates
new workflow configurations
removed jmespath dependency

Audit

Improvements and updates

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #276
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #285
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #286
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #288
• issues, workflow and jmespath by @uk-bolly in #291
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #290
• Updated ordering and notify location by @uk-bolly in #293
• workflow and audit updated devel to main by @uk-bolly in #292
• Remove remnants of removed openscap scanning feature by @qwestduck in #295
• Remove duplicate and templated task tags by @qwestduck in #297
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #300
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #303
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #304
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #307
• Final main release v1r13 - Jan24 -updated by @uk-bolly in #308

Full Changelog: 3.3.0...3.3.3

STIG V1R13 release

STIG Version1 Release 13 release - Jan 24

Main Release for v1r13 RHEL8 STIG

Remediate

• Issues closed and PRs merged - What's changed
• Pre-commit updates
• Many improvements to different controls
• Rebase required from v1r12

Audit

• Related Audit repo updated to improve tests audit binary(goss updated to latest version)

What's Changed

• Stig v1r12 release to devel by @uk-bolly in #259
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #260
• Updated RHEL-08-020050 to loop over stdout_lines. Fixes issue #261. by @Phenix66 in #262
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #264
• Meet fix text of V-244546 by @fallenpixel in #266
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #268
• April 24 issues into devel by @uk-bolly in #269
• fixed error in conditional rhel-08-020022 #271 by @uk-bolly in #272
• Merge in changes from v1r13 - Jan 24 by @uk-bolly in #274
• updated conditional 040260 by @uk-bolly in #279
• Updated of devel - DCO confirmation and signoff update by @uk-bolly in #280
• V13 merge fixes by @uk-bolly in #282
• May24 updates by @uk-bolly in #283
• Initial main release of v1r13 by @uk-bolly in #281

Full Changelog: 3.2.0...3.3.0

STIG v1r12 - April 2024 update

STIG Version1 Release 12 release - October 23

Main Release for v1r12 RHEL8 STIG

Remediate

• Issues closed and PRs merged - What's changed
• Pre-commit updates
• Many improvements to different controls

Audit

• Audit_only ability now added to run standalone audit
  • audit_only: true
• Related Audit repo updated to improve tests audit binary(goss updated to latest version)

What's Changed

• Change master to main in actions by @georgenalen in #4
• RHEL8 STIG Version 1 Release 1 by @georgenalen in #7
• Minor Fixes by @georgenalen in #11
• Devel to main by @uk-bolly in #34
• Benchmark Version 1 Rev. 2 and other fixes by @georgenalen in #44
• Added Issue and PR templates and an issue fix by @georgenalen in #49
• Benchmark 1.3 updates and issue fixes by @georgenalen in #61
• Release 2.3.1 by @georgenalen in #71
• V1.5 update by @uk-bolly in #102
• 2.5.0 Release by @georgenalen in #106
• Benchmark 1.7 and issue fixes by @georgenalen in #137
• Main updates to Benchmark v1r8 release by @uk-bolly in #155
• Devel to main release stig v1r9 by @uk-bolly in #188
• Release to main for bug fixes and improvements by @uk-bolly in #200
• Stig V1R10 Release to main by @uk-bolly in #203
• June devel to main by @uk-bolly in #206
• v1r11 updates release to main by @uk-bolly in #221
• devel - main - workflow and discord by @uk-bolly in #225
• New release devel -> main by @uk-bolly in #255
• Release of v1r12 by @uk-bolly in #275

Full Changelog: 3.1.0...3.2.0

Final STIG V1R11

STIG Version1 Release 11 release - July 23

Remediate

Issues closed and PRs merged - What's changed
Pre-commit updates
Many improvements to different controls
Update to allow Galaxy Releases for new galaxy_ng

What's Changed

• Precommit workflow by @uk-bolly in #223
• Issue #222 and tidy up by @uk-bolly in #224
• Issue 226 and alignment by @uk-bolly in #228
• Sysctl and collections by @uk-bolly in #235
• updated the workflow version and galaxy setup by @uk-bolly in #236
• Revert "fixed gnutls as per issue 196 thansk to @jmalpede" by @qwestduck in #234
• Update main.yml by @BillSkiCO in #237
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #238
• Oracle Linux rhel8stig_bootloader_path and RHEL-08-020030 fix by @BillSkiCO in #253
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #247
• Adds when criteria for rhel_08_040321 in tasks/fix-cat2.yml, to skip … by @whitehat237 in #250
• Update meta and readme due to galaxy_ng by @uk-bolly in #258

New Contributors

• @qwestduck made their first contribution in #234
• @BillSkiCO made their first contribution in #237
• @pre-commit-ci made their first contribution in #238

Full Changelog: 3.0.0...3.1.0

Stig V1R11 - release

What's Changed

• Fix typo in defaults/main by @fallenpixel in #215
• improve password check by @uk-bolly in #217
• Stig v1r11 release by @uk-bolly in #218
• July23 by @uk-bolly in #219
• Updated when on line 197 of prelim to use an or instead of and by @georgenalen in #220

New Contributors

• @fallenpixel made their first contribution in #215

#Issues:

• #207
• #208
• #209
• #210
• #211
• #212

Controls updated

• CAT2:
  • 010030 - ruleid
  • 010200 - ruleid
  • 010201 - ruleid
  • 010290 - ruleid and SSH MACS updated
  • 010291 - ruleid and SSH Ciphers updated
  • 010770 - ruleid
  • 020035 - new control idlesession timeout new var rhel_08_020035_idlesessiontimeout
  • 020041 - ruleid and tmux script update
  • 030690 - ruleid and protocol options added
  • 040159 - ruleid
  • 040160 - ruleid
  • 040342 - ruleid and SSH KEX algorithms updated

Full Changelog: 2.9.1...3.0.0

Stig V1R10 - release

What's Changed

• Container updates & issue 204 by @uk-bolly in #205
• Boot part variable by @uk-bolly in #214
• June devel to main by @uk-bolly in #206

Full Changelog: 2.9.0...2.9.1

Stig V1R10 Release

What's Changed

• Stig v1r10 - release by @uk-bolly in #201
• Fixed typo in user password assertion by @Phenix66 in #202
• Stig V1R10 Release to main by @uk-bolly in #203
• updates for containers on new version
• #204
• boot partition variable usage

New Contributors

• @Phenix66 made their first contribution in #202

Full Changelog: 2.8.1...2.9.0