import scap-security-guide-0.1.69-2.el8_8

SPECS/scap-security-guide.spec

@@ -14,8 +14,9 @@ URL:		https://github.com/ComplianceAsCode/content/
 Source0:	https://github.com/ComplianceAsCode/content/releases/download/v%{version}/scap-security-guide-%{version}.tar.bz2
 # Include tarball with last released rhel6 content
 Source1:	%{_static_rhel6_content}.tar.bz2
-# Patch prevents cjis, rht-ccp and standard profiles in RHEL8 datastream
-Patch0: disable-not-in-good-shape-profiles.patch
+# Disable profiles not in good shape
+#     rhel8 - cjis rht-ccp standard
+Patch0:	 disable-not-in-good-shape-profiles.patch
 # Fix rule enable_fips_mode
 Patch1: scap-security-guide-0.1.70-improve_readability_enable_fips_mode-PR_10911.patch
 Patch2: scap-security-guide-0.1.70-fix_enable_fips_mode-PR_10961.patch
@@ -128,28 +129,23 @@ cp -r %{_builddir}/%{_static_rhel6_content}/guides %{buildroot}%{_docdir}/%{name
 
 %changelog
 * Thu Aug 17 2023 Vojtech Polasek <vpolasek@redhat.com> - 0.1.69-2
-- remove problematic rule from ANSSI High profile (RHBZ#2221695)
+- remove problematic rule from ANSSI High profile (RHBZ#2228444)
 
 * Thu Aug 10 2023 Jan Černý <jcerny@redhat.com> - 0.1.69-1
-- Rebase to a new upstream release 0.1.69 (RHBZ#2221695)
-- Fixed CCE link URL (RHBZ#2178516)
-- align remediations with rule description for rule configuring OpenSSL cryptopolicy (RHBZ#2192893)
-- Add rule audit_rules_login_events_faillock to STIG profile (RHBZ#2167999)
-- Fixed rules related to AIDE configuration (RHBZ#2175684)
-- Allow default permissions for files stored on EFI FAT partitions (RHBZ#2184487)
-- Add appropriate STIGID to accounts_passwords_pam_faillock_interval rule (RHBZ#2209073)
-- improved and unified OVAL checks checking for interactive users (RHBZ#2157877)
-- update ANSSI BP-028 profiles to be aligned with version 2.0 (RHBZ#2155789)
-- unify OVAL checks to correctly identify interactive users (RHBZ#2178740)
-- make rule checking for Postfix unrestricted relay accept more variants of valid configuration syntax (RHBZ#2170530)
-- Fixed excess quotes in journald configuration files (RHBZ#2169857)
-- rules related to polyinstantiated directories are not applied when building images for Image Builder (RHBZ#2130182)
-- evaluation and remediation of rules related to mount points have been enhanced for Image Builder (RHBZ#2130185)
-- do not enable FIPS mode when creating hardened images for Image Builder (RHBZ#2130181)
-- Correct URL used to download CVE checks (RHBZ#2222583)
-- mention exact required configuration value in description of some PAM related rules (RHBZ#2175882)
-- make mount point related rules not applicable when no such mount points exist (RHBZ#2176008)
-- improve checks determining if FIPS mode is enabled (RHBZ#2129100)
+- Rebase to a new upstream release 0.1.69 (RHBZ#2228444)
+- Add rule audit_rules_login_events_faillock to STIG profile (RHBZ#2228455)
+- Add appropriate STIGID to accounts_passwords_pam_faillock_interval rule (RHBZ#2228465)
+- Make rule checking for Postfix unrestricted relay accept more variants of valid configuration syntax (RHBZ#2228471)
+- Correct URL used to download CVE checks (RHBZ#2228452)
+- Evaluation and remediation of rules related to mount points have been enhanced for Image builder (RHBZ#2228448)
+- Mention exact required configuration value in description of some PAM related rules (RHBZ#2228441)
+- Fixed rules related to AIDE configuration (RHBZ#2228458)
+- Update ANSSI BP-028 profiles to be aligned with version 2.0 (RHBZ#2228429)
+- Improved and unified OVAL checks checking for interactive users (RHBZ#2228433)
+- Unify OVAL checks to correctly identify interactive users (RHBZ#2228460)
+- Fixed excess quotes in journald configuration files (RHBZ#2228437)
+- Allow default permissions for files stored on EFI FAT partitions (RHBZ#2228443)
+- Make mount point related rules not applicable when no such mount points exist (RHBZ#2228473)
 
 * Mon Feb 13 2023 Watson Sato <wsato@redhat.com> - 0.1.66-2
 - Unselect rule logind_session_timeout (RHBZ#2158404)