External check

2022-03-02 Thread Security Tracker
CVE-2014-3634: missing from list CVE-2014-3640: missing from list CVE-2022-0552: RESERVED CVE-2022-24720: TODO: check -- The output might be a bit terse, but the above ids are known elsewhere, check the references in the tracker. The second part indicates the status of that id in the tracker

Re: Compiled list (STIG for Debian)

2022-03-02 Thread Stephanie Hall
Thank you everyone! We found a SCAP Security Guide (SSG) for each of the 3 versions we were looking at. 9-11. It's not a STIG, but SCAP is a DoD industry standard so they should look favorably on it. All three had the same line items. We broke it out into an excel spreadsheet that I wanted to

Re: Compiled list (STIG for Debian)

2022-03-02 Thread Stephen Dowdy
On 3/2/22 10:54, Jeremiah C. Foster wrote: Cannot speak for it's provenance, but there's this; https://github.com/hardenedlinux/STIG-4-Debian Jeremiah, Thanks, that actually looks like more of an SRR (System Readiness Review[0]) evaluation checker for applicable STIGs. As it states, it

Re: Compiled list (STIG for Debian)

2022-03-02 Thread Jeremiah C. Foster
On 3/2/22 12:50, Stephen Dowdy wrote: On 3/2/22 07:43, Paul Tagliamonte wrote: STIGs are maintained by DISA, not by Debian    Paul On Wed, Mar 2, 2022 at 9:42 AM Stephanie Hall > wrote:     Good morning,     Do you have an excel version of a STIG for Debian 9 &

Re: Compiled list

2022-03-02 Thread Stephen Dowdy
On 3/2/22 07:43, Paul Tagliamonte wrote: STIGs are maintained by DISA, not by Debian   Paul On Wed, Mar 2, 2022 at 9:42 AM Stephanie Hall mailto:sh...@oteemo.com>> wrote: Good morning, Do you have an excel version of a STIG for Debian 9 & 10 that you would be willing to share?

Re: Compiled list

2022-03-02 Thread Paul Tagliamonte
STIGs are maintained by DISA, not by Debian Paul On Wed, Mar 2, 2022 at 9:42 AM Stephanie Hall wrote: > Good morning, > > Do you have an excel version of a STIG for Debian 9 & 10 that you would be > willing to share? > > Thank you in advance! > > -- > > Stephanie Hall > > Oteemo, Inc.

Compiled list

2022-03-02 Thread Stephanie Hall
Good morning, Do you have an excel version of a STIG for Debian 9 & 10 that you would be willing to share? Thank you in advance! -- Stephanie Hall Oteemo, Inc. Sr. Consultant, Cybersecurity m: (315)-723-9951 e: sh...@oteemo.com