Sep 15, 2023 Functional Update- UBTU-20-010013 - The Ubuntu operating system must automatically terminate a user session after inactivity timeouts have expired.
- UBTU-20-010072 - The Ubuntu operating system must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made.
- UBTU-20-010100 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
- UBTU-20-010101 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
- UBTU-20-010102 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
- UBTU-20-010103 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
- UBTU-20-010104 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.
- UBTU-20-010136 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the su command.
- UBTU-20-010137 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chfn command.
- UBTU-20-010138 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the mount command.
- UBTU-20-010139 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the umount command.
- UBTU-20-010140 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-agent command.
- UBTU-20-010141 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-keysign command.
- UBTU-20-010148 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls - b32
- UBTU-20-010148 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls - b64
- UBTU-20-010152 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls - b32
- UBTU-20-010152 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls - b64
- UBTU-20-010161 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudo command.
- UBTU-20-010162 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the sudoedit command.
- UBTU-20-010163 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chsh command.
- UBTU-20-010164 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the newgrp command.
- UBTU-20-010165 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chcon command.
- UBTU-20-010166 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the apparmor_parser command.
- UBTU-20-010167 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the setfacl command.
- UBTU-20-010168 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chacl command.
- UBTU-20-010172 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the passwd command.
- UBTU-20-010173 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the unix_update command.
- UBTU-20-010174 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the gpasswd command.
- UBTU-20-010175 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chage command.
- UBTU-20-010176 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the usermod command.
- UBTU-20-010177 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the crontab command.
- UBTU-20-010178 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the pam_timestamp_check command.
- UBTU-20-010179 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the init_module and finit_module syscalls - b32
- UBTU-20-010179 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the init_module and finit_module syscalls - b64
- UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - audispd
- UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditctl
- UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditd
- UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - augenrules
- UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - aureport
- UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - ausearch
- UBTU-20-010205 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - autrace
- UBTU-20-010244 - The Ubuntu operating system must generate audit records for privileged activities, nonlocal maintenance, diagnostic sessions and other system-level access.
- UBTU-20-010277 - The Ubuntu operating system must generate audit records for the /var/log/wtmp file.
- UBTU-20-010278 - The Ubuntu operating system must generate audit records for the /var/run/utmp file.
- UBTU-20-010279 - The Ubuntu operating system must generate audit records for the /var/log/btmp file.
- UBTU-20-010298 - The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use the fdisk command.
Miscellaneous- Metadata updated.
- References updated.
Added- UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls
- UBTU-20-010267 - The Ubuntu operating system must generate audit records for any successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls
Removed- UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls - b32 EACCES
- UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls - b32 EPERM
- UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls - b64 EACCES
- UBTU-20-010155 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls - b64 EPERM
- UBTU-20-010267 - The Ubuntu operating system must generate audit records for any successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls - b32
- UBTU-20-010267 - The Ubuntu operating system must generate audit records for any successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls - b64
|
Sep 6, 2023 Functional Update- UBTU-20-010033 - The Ubuntu operating system must implement smart card logins for multifactor authentication for local and network access to privileged and non-privileged accounts - PubkeyAuthentication
|
Jul 5, 2023 Functional Update- UBTU-20-010217 - The Ubuntu operating system must immediately notify the SA and ISSO (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity - action_mail_acct
|
May 16, 2023 Added- UBTU-20-010142 - The Ubuntu operating system must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls
Removed- UBTU-20-010142 - The Ubuntu operating system must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls - b32 auid=0
- UBTU-20-010142 - The Ubuntu operating system must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls - b32 auid>=1000
- UBTU-20-010142 - The Ubuntu operating system must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls - b64 auid=0
- UBTU-20-010142 - The Ubuntu operating system must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls - b64 auid>=1000
|