Automate 1.8.96 Released


#1

We are delighted to announce release 1.8.96 of Chef Automate. The release is available for download from https://downloads.chef.io/automate.

New Features

  • automate-ctl create-backup now has a --timeout option to control the timeout for backups, which defaults to 600 seconds.
  • CIS Centos 7 benchmark v2.2.0 is now supported
  • CIS Windows Server 2012 R2 benchmark v2.3.0 is now supported
  • CIS Cisco IOS 12 benchmark v4.0.0 and CIS Cisco IOS 15 benchmark v4.0.0 are now supported
  • Most supported profiles now include supports metadata in inspec.yml

Resolved Issues

  • Resolved an issue with Workflow jobs becoming stuck
  • Fixed an issue with a number of profiles where the profile had incorrect release metadata, causing the profile to be considered incompatible with a target host.

Compliace Profile Updates

CIS CentOS

  • Fixed a number of controls in CIS Centos 7 v2.2.0 to be more accurate to the CIS benchmark.

CIS Windows

  • Fixed logic for control 18.9.24.3
  • Fixed logic for control 18.9.24.4
  • Fixed logic for control 18.9.24.5
  • Fixed logic for control 19.1.3.2
  • Fixed control 1.2.3 to correctly expect 900 seconds for ResetLockoutCount

CIS Redhat

  • Fixed invalid Inspec syntax in control 1.1.1.1
  • Fixed logic for control 2.2.1.2
  • Updated control 4.2.2.4 to be conditional on syslog-ng being installed
  • Added missing xdev option to control 6.1.10
  • Replaced only_if with describe.one conditions in a number of controls, so they yield a pass result instead of a skip

CIS Redhat 6

  • Fixed a number of controls that included an invalid should be_disabled matcher for service resources.
  • Fixed an issue in CIS RHEL6 where some controls were assigned 0.0 impact without reason.
  • Fixed logic for control 2.1.11
  • Fixed logic for Workstation runlevel controls
  • Fixed logic for control 1.2.2

CIS Redhat 7

  • Fixed logic for control 1.2.2
  • Numerous fixes to RHEL 7 v2.1.1 have been ported to RHEL 7 v2.2.0

Profiles released

cis-docker-benchmark-2.1.0
cis-ciscoios12-level1-4.0.0
cis-ciscoios12-level2-4.0.0
cis-ciscoios15-level1-4.0.0
cis-ciscoios15-level2-4.0.0
cis-rhel6-level1-server-2.0.2-12
cis-rhel6-level1-workstation-2.0.2-3
cis-rhel6-level2-server-2.0.2-13
cis-rhel6-level2-workstation-2.0.2-3
cis-rhel7-level1-server-2.1.1-23
cis-rhel7-level1-server-2.2.0-3
cis-rhel7-level2-server-2.1.1-23
cis-rhel7-level2-server-2.2.0-3
cis-rhel7-level1-workstation-2.2.0-2
cis-rhel7-level2-workstation-2.2.0-2
cis-centos7-level1-server-2.2.0-1
cis-centos7-level1-workstation-2.2.0-1
cis-centos7-level2-server-2.2.0-1
cis-centos7-level2-workstation-2.2.0-1
cis-windows2012r2-level1-domaincontroller-2.3.0-1
cis-windows2012r2-level1-memberserver-2.3.0-1
cis-windows2012r2-level2-domaincontroller-2.3.0-1
cis-windows2012r2-level2-memberserver-2.3.0-1
cis-windows2012-level1-domaincontroller-2.0.1-11
cis-windows2012-level1-memberserver-2.0.1-11
cis-windows2012-level2-domaincontroller-2.0.1-11
cis-windows2012-level2-memberserver-2.0.1-11
cis-windows2012r2-level1-domaincontroller-2.2.1-10
cis-windows2012r2-level1-memberserver-2.2.1-10
cis-windows2012r2-level2-domaincontroller-2.2.1-10
cis-windows2012r2-level2-memberserver-2.2.1-10
cis-windows2016rtm-release1607-level1-domaincontroller-1.0.0-10
cis-windows2016rtm-release1607-level1-memberserver-1.0.0-9
cis-windows2016rtm-release1607-level2-domaincontroller-1.0.0-10
cis-windows2016rtm-release1607-level2-memberserver-1.0.0-9
linux-baseline-2.2.2
mysql-baseline-3.0.0
nginx-baseline-2.2.0

We encourage you to upgrade often. As always, we welcome your feedback and invite you to contact us directly or share your feedback online. Thanks for using Chef Automate!