action #39413

Security Audit

Added by lnussel about 1 year ago. Updated 7 months ago.

Status:ClosedStart date:18/02/2019
Priority:NormalDue date:22/02/2019
Assignee:lnussel% Done:

100%

Category:Security
Target version:Beta
Duration: 5


Related issues

Copied from openSUSE Leap 15.0 - action #24882: Security Audit Closed 31/03/2018 27/04/2018
Copied to openSUSE Leap 15.2 - action #56318: Security Audit New 17/02/2020 21/02/2020

History

#1 Updated by lnussel about 1 year ago

#2 Updated by lnussel 8 months ago

  • Due date changed from 02/01/2019 to 22/02/2019
  • Start date changed from 06/12/2018 to 18/02/2019

#3 Updated by lnussel 7 months ago

  • Assignee set to msmeissn

Beta phase starts soon. You may plan for a first security audit from next week or so.

#4 Updated by lnussel 7 months ago

  • Assignee changed from msmeissn to kdalai

#5 Updated by jsegitz 7 months ago

  • Assignee changed from kdalai to jsegitz

#6 Updated by jsegitz 7 months ago

  • Status changed from New to In Progress

I started with this but got something more important on my plate. I'll try to continue with this this week

#7 Updated by lnussel 7 months ago

do you have a checklist we can refer to here so we remember next time?

#8 Updated by jsegitz 7 months ago

  • % Done changed from 0 to 70

Yes, we have https://pes.suse.de/Maintenance-Security/Products/leap_sles/ as a template and the results for the Leap 15 review
https://pes.suse.de/Maintenance-Security/Products/leap15/

I'll add an tuned lynis profile and expected output for it to the checklist. I think I'll finish tomorrow

#9 Updated by lnussel 7 months ago

  • Description updated (diff)

#10 Updated by jsegitz 7 months ago

  • Status changed from In Progress to Feedback
  • Assignee changed from jsegitz to lnussel
  • % Done changed from 70 to 100

Done. Only the disabled firewall in the server profile, apart from that nothign major, report is here: https://pes.suse.de/Maintenance-Security/Products/leap15.1/

Please re-enable the FW. Once we're close to RC we'll compare the packages for missing CVE fixes, otherwise we're good to go

#11 Updated by lnussel 7 months ago

  • Status changed from Feedback to Closed

Your change to skelcd is in so firewall should be enabled:
https://build.opensuse.org/request/show/674531

#12 Updated by lnussel 20 days ago

Also available in: Atom PDF