Maybe they thought they were writing a fedora STIG? ;-) Sent from my iPhone
On Sep 22, 2017, at 8:12 AM, Arnold, Paul C CTR USARMY PEO STRI (US) <[email protected]<mailto:[email protected]>> wrote: It says V1R1, but portions of it are still very draft-like: "Install the Ubuntu operating system patches or updated packages available from Red Hat within 30 days or sooner as local policy dictates." Help, I can't find the unstable yum repo! -- Paul Arnold, CISSP Cole Engineering Services, Inc. ________________________________ From: Sean [[email protected]<mailto:[email protected]>] Sent: Thursday, September 21, 2017 02:56 PM To: SCAP Security Guide Subject: [Non-DoD Source] DISA STIG for Ubuntu Released... All active links contained in this email were disabled. Please verify the identity of the sender, and confirm the authenticity of all links contained within the message prior to copying and pasting the address to a Web browser. ________________________________ Hi All, I recall recently someone had asked about SSG for Ubuntu, and there was a long thread following about the STIG process. I was surprised today when someone asked me if I could look at the Ubuntu STIG because just last week I had been on the STIG website and no such thing had existed. Anyway, Caution-https://iase.disa.mil/stigs/os/unix-linux/Pages/index.aspx < Caution-https://iase.disa.mil/stigs/os/unix-linux/Pages/index.aspx > has Ubuntu 16.04 STIG v1r1 available. Will there be any work in the SSG project to incorporate this? P.S. I wonder how Canonical got a STIG published with out going through any draft releases and less than 18 months after the OS version was published? --Sean _______________________________________________ scap-security-guide mailing list -- [email protected]<mailto:[email protected]> To unsubscribe send an email to [email protected]<mailto:[email protected]> _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
