Project

General

Profile

action #39413

Security Audit

Added by lnussel almost 2 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
2019-02-18
Due date:
2019-02-22
% Done:

100%

Estimated time:
Duration: 5


Related issues

Copied from openSUSE Leap 15.0 - action #24882: Security AuditClosed2018-03-312018-04-27

Copied to openSUSE Leap 15.2 - action #56318: Security AuditResolved2020-02-252020-02-28

History

#1 Updated by lnussel almost 2 years ago

#2 Updated by lnussel over 1 year ago

  • Due date changed from 2019-01-02 to 2019-02-22
  • Start date changed from 2018-12-06 to 2019-02-18

#3 Updated by lnussel over 1 year ago

  • Assignee set to msmeissn

Beta phase starts soon. You may plan for a first security audit from next week or so.

#4 Updated by lnussel over 1 year ago

  • Assignee changed from msmeissn to kdalai

#5 Updated by jsegitz over 1 year ago

  • Assignee changed from kdalai to jsegitz

#6 Updated by jsegitz over 1 year ago

  • Status changed from New to In Progress

I started with this but got something more important on my plate. I'll try to continue with this this week

#7 Updated by lnussel over 1 year ago

do you have a checklist we can refer to here so we remember next time?

#8 Updated by jsegitz over 1 year ago

  • % Done changed from 0 to 70

Yes, we have https://pes.suse.de/Maintenance-Security/Products/leap_sles/ as a template and the results for the Leap 15 review
https://pes.suse.de/Maintenance-Security/Products/leap15/

I'll add an tuned lynis profile and expected output for it to the checklist. I think I'll finish tomorrow

#9 Updated by lnussel over 1 year ago

  • Description updated (diff)

#10 Updated by jsegitz over 1 year ago

  • Status changed from In Progress to Feedback
  • Assignee changed from jsegitz to lnussel
  • % Done changed from 70 to 100

Done. Only the disabled firewall in the server profile, apart from that nothign major, report is here: https://pes.suse.de/Maintenance-Security/Products/leap15.1/

Please re-enable the FW. Once we're close to RC we'll compare the packages for missing CVE fixes, otherwise we're good to go

#11 Updated by lnussel over 1 year ago

  • Status changed from Feedback to Closed

Your change to skelcd is in so firewall should be enabled:
https://build.opensuse.org/request/show/674531

#12 Updated by lnussel 11 months ago

Also available in: Atom PDF