[release-announce] [openstackansible] ansible-hardening 14.2.11 (newton)
no-reply at openstack.org
no-reply at openstack.org
Tue Nov 14 20:47:00 UTC 2017
We jubilantly announce the release of:
ansible-hardening 14.2.11: OpenStack-Ansible: Host security hardening
This release is part of the newton release series.
Download the package from:
https://tarballs.openstack.org/ansible-hardening/
For more details, please see below.
14.2.11
^^^^^^^
New Features
************
* The ansible-hardening role supports the application of the Red Hat
Enterprise Linux 6 STIG configurations to systems running CentOS 7
and Ubuntu 16.04 LTS.
Security Issues
***************
* "PermitRootLogin" in the ssh configuration has changed from "yes"
to "without-password". This will only allow ssh to be used to
authenticate root via a key.
Changes in ansible-hardening 14.2.3..14.2.11
--------------------------------------------
31bfec7 Change default prohibit root sshd password auth
d12b33b Updated from OpenStack Ansible Tests
436b6b6 [Docs] Replace security role references
62d5932 Fix ansible-hardening references in tox/playbook
6bbc4e9 Do not update grub if grub not used
c339fcf Fix .gitreview for older branches
5ee3c4e Don't install python-ndg_httpsclient
Diffstat (except docs and test files)
-------------------------------------
.gitignore | 7 +-
.gitreview | 2 +-
README.md | 6 +-
README.rst | 4 +-
Vagrantfile | 72 ++++++-----------
bindep.txt | 22 ++++--
defaults/main.yml | 16 ++--
files/V-38682-modprobe.conf | 2 +-
handlers/main.yml | 4 +
...ot-login-without-password-948ec79c6508c19b.yaml | 6 ++
...support-for-centos-xenial-2b89c318cc3df4b0.yaml | 2 +-
setup.cfg | 2 +-
tasks/main.yml | 7 ++
tasks/sshd.yml | 28 +++----
tox.ini | 2 +-
vars/main.yml | 2 +-
vars/redhat.yml | 2 +-
vars/ubuntu.yml | 2 +-
29 files changed, 174 insertions(+), 163 deletions(-)
More information about the Release-announce
mailing list