Embed Size (px)
Citation preview
JANUARY 2019 MAINTENANCE RELEASE: STIGS TO BE RELEASED
Active Directory Domain STIG, Version 2, Release 12V-36436
Removed requirement, addressed by PAW STIG.
V-78131Updated to clarify this applies to personnel user accounts, not service accounts.
Apache 2.2 Server for UNIX STIG, Version 1, Release 11V-2259
Changed to include a requirement to document any directories other than the cgi-bin that house CGI scripts.
V-13731Changed to specify that when grepping "Options /usr/local/apache2/httpd.conf", to ensure every "Options" section includes an -ExecCGI.
V-26299Changed requirement to reflect that if the server is ONLY performing as a proxy server, this check is Not Applicable.
V-26396Added caveat that if HTTP commands (GET, PUT, POST, DELETE) are not being used and server is configured as a proxy only, this is Not Applicable.
Apache 2.2 Server for Windows STIG, Version 1, Release 13V-2259
Changed to include a requirement to document any directories other than the cgi-bin that house CGI scripts.
V-26299Change requirement to reflect that if the server is ONLY performing as a proxy server, this Check content is Not Applicable.
V-26396
Release Date: January 25, 2019
Added caveat that if HTTP commands (GET, PUT, POST, DELETE) are not being used and server is configured as a proxy only, this is Not Applicable.
Apache 2.2 Site for UNIX STIG, Version 1, Release 11V-2258
Clarified allowed permissions and provide "chmod" command settings.
Apple iOS 12 STIG, Version 1, Release 2Documentation Update
Updated STIG Configuration Tables document: included Configuration Profile Key for each required control. Added Revision History document to the STIG package.
Apple OS X 10.12 STIG, Version 1, Release 4V-75947
Added single quotes to command in Check content.
Application Security Development STIG , Version 4, Release 9V-69371
Reference to logging session ID's was removed from the discussion.
V-69381Changed requirement to "grant privileges" instead of "access privileges".
V-69417Removed the requirement from the STIG.
V-70345Updated discussion regarding CCB. Removed "can be tracked" and replaced with "can't be tracked".
Application Server SRG, Version 2, Release 5V-35150
Removed the requirement from the SRG.
V-35167The reference to session identifiers was removed from the Vulnerability discussion and Check content.
V-57549Modified Check content, added details regarding session configuration.
Arista Multilayer Switch DCS-7000 Series L2S STIG, Version 1, Release 3V-60827
Remove AMLS-L2-000140.
V-60829Remove AMLS-L2-000150.
BIND 9.x STIG, Version 1, Release 5V-72421
Modified Check content verbiage to include caveat that if the caching server is ONLY forwarding to the DISA ERS for query resolution and if they are not authoritative for ANY zones, DNSSEC awareness is not required since the ERS will do that checking.
V-72429Modified Check content verbiage to be a NA for BIND servers acting as a recursive server role only.
V-72453Removed any ZSK private keys existing on the server other than the one corresponding to the active ZSK pair.
V-72475Modified Check content to include "If the server is in a classified network, this is Not Applicable."
V-72501Modified Check content to include "If the server is in a classified network, this is Not Applicable."
V-72503Modified Check content to include "If the server is in a classified network, this is Not Applicable."
BlackBerry Enterprise Mobility Server 2.x STIG, Version 1, Release 2V-79015
Revised Check content to clarify requirement. Added Revision History document to STIG package.
Cisco IOS XE Release 3 NDM STIG, Version 1, Release 5V-73973
Updated Check content and Fix text: removed command ip ssh authentication retries.
V-74007Updated Check content and Fix text: added additional services to be disabled.
V-74077Updated Check content and Fix text: enabled logging and set to a severity level.
Cisco IOS XE Release 3 Router STIG, Version 1, Release 4V-74125
Updated Check content and Fix text: added additional services to be disabled.
Firewall SRG, Version 1, Release 3V-79473
Updated the Vulnerability Discussion to clarify definition of term loopback address.
General Purpose OS SRG, Version 1, Release 5V-56599
Updated content to address offload of audit data.
Google Chrome Browser STIG, Version 1, Release 15V-44763
Removed Disable Autofill requirements.
V-44769Updated V-44769 to disable Network Prediction.
V-79933Removed Disable Autofill requirements.
V-81583Updated policy path in V-81583.
V-81595Removed Disable Developer Tools requirement.
V-91203Added TBD to disable "UrlKeyedAnonymizedDataCollectionEnabled".
V-91205Added TBD to set "WebRtcEventLogCollectionAllowed=False".
Google Chrome for Windows STIG Benchmark, Version 1, Release 10V-44763
Removed Disable Autofill for Addresses requirement.
V-44769Updated OVAL to verify "Network Prediction" is disabled.
V-44775Updated OVAL to use correct definition for the "ImportSavedPasswords" registry check.
V-79933Removed Disable Autofill for Credit Cards requirement.
V-81595Removed Disable Developer Toosl requirement.
V-91203
Added OVAL to verify "UrlKeyedAnonymizedDataCollectionEnabled" is disabled.
V-91205Added OVAL to verify "WebRtcEventLogCollectionAllowed" is set to "False".
HBSS ePO 5.3-5.9 STIG, Version 1, Release 16V-14484
Changed Check content verbiage from "If there are no connections from outside the ePO enclave, this check should be considered Not Applicable."To"If there are no connections from outside the ePO enclave or ePO security boundary, this check should be considered NA."
V-14505Added Note: If distributed repositories are not being used, this check is Not Applicable.
V-14506Added Note: If distributed repositories are not being used, this check is Not Applicable.
V-14507Modified to allow for connection to vCenter to access VM which only has access to ePO server.
V-14538Re-introduced verbiage for scenarios where HIPs is being used rather than ENS.
V-14548Re-introduced verbiage for scenarios where HIPs is being used rather than ENS.
V-14560Re-introduced verbiage for scenarios where HIPs is being used rather than ENS.
V-14561Re-introduced verbiage for scenarios where HIPs is being used rather than ENS.
V-14562Re-introduced verbiage for scenarios where HIPs is being used rather than ENS.
V-24165Corrected Check content to match HBSS configuration guide.
V-31358Changed eposql2 to eposql.
Documentation UpdateUpdated Revision History with detail of changes on R15.
HBSS McAfee Agent STIG, Version 1, Release 17V-14521
Modified the allowed time period between policy enforcements to be up to 2 hours.
HBSS Remote Console STIG, Version 4, Release 16V-14513
Added verbiage to clarify remote access in VM environment.
V-14514Added verbiage to clarify remote access in VM environment.
HP FlexFabric Switch L2S STIG, Version 1, Release 2V-66055
Remove HFFS-L2-000004.
HPUX 11.31 STIG, Version 1, Release 19Documentation Update
STIG is being placed onto the SUNSET list and will no longer be updated.
JBoss Enterprise Application Platform 6.3 STIG, Version 1, Release 3V-62309
Added instructions in the Fix text on how to add a syslog handler.
McAfee ENS 10-x STIG, Version 1, Release 2V-79955
Removed verbiage from check content regarding Exploit Prevention logging.
V-80055De-activated ENS FW STIG IDs until ENS FW is mandated.
V-80057De-activated ENS FW STIG IDs until ENS FW is mandated.
V-80059De-activated ENS FW STIG IDs until ENS FW is mandated.
V-80061De-activated ENS FW STIG IDs until ENS FW is mandated.
V-80063De-activated ENS FW STIG IDs until ENS FW is mandated.
V-80065De-activated ENS FW STIG IDs until ENS FW is mandated.
V-80067De-activated ENS FW STIG IDs until ENS FW is mandated.
V-80069De-activated ENS FW STIG IDs until ENS FW is mandated.
McAfee VSEL 1.9/2.0 Local Client STIG, Version 1, Release 3V-63095
V-63095 through V-63105, corrected syntax in "grep" command.
V-63097V-63095 through V-63105, corrected syntax in "grep" command.
V-63099V-63095 through V-63105, corrected syntax in "grep" command.
V-63101V-63095 through V-63105, corrected syntax in "grep" command.
V-63103V-63095 through V-63105, corrected syntax in "grep" command.
V-63105V-63095 through V-63105, corrected syntax in "grep" command.
Microsoft Exchange 2010 Edge Transport Server STIG, Version 1, Release 14V-33624
This requirement will be removed.
V-33630This requirement will be removed.
Microsoft Exchange 2013 Client Access Server STIG, Version 1, Release 2V-69719
Updated Rule Title.
V-69781Updated Check content and Fix text by including additional ports.
Microsoft Exchange 2013 Edge Transport Server STIG, Version 1, Release 4V-69789
This requirement will be removed.
V-69825This requirement will be removed.
V-69879Updated Check content to include SIPR content.
V-69883This requirement will be removed.
V-69885This requirement will be removed.
V-69887This requirement will be removed.
V-69909This requirement will be removed.
V-69923This requirement will be removed.
V-69925This requirement will be removed.
Microsoft Exchange 2013 Mailbox Server STIG, Version 1, Release 3V-69955
Updated Check content by updating "MessageTrackingLogSubjectLoggingEnabled" statement.
Microsoft Exchange 2016 Mailbox Server STIG, Version 1, Release 2V-80637
Updated Fix text to "MessageTrackingLogSubjectLoggingEnabled $False".
Microsoft IIS 8.5 Server STIG, Version 1, Release 6V-76687
Corrected syntax in Fix text for V-76687.
V-76689Corrected syntax in Fix text for V-76689.Updated load balancer verbiage in V-76689.
V-76695Changed permissions in V-76695.
V-76715Updated Finding statement in V-76715.
V-76725Added NA statement for V-76725.
V-76727Added NA statement for V-76727.
V-91207Added to disallow sharing of public web server resources with private assets.
Microsoft IIS 8.5 Site STIG, Version 1, Release 6V-76777
Added NA statement for V-76777.
V-76779Updated load balancer verbiage in V-76779.
V-76789Corrected syntax in Fix text for V-76789.
V-76791Corrected syntax in Fix text for V-76791.
V-76795Changed permissions in V-76795.
V-76851Updated load balancer verbiage in V-76851.
V-76861Updated load balancer verbiage in V-76861.
Microsoft SharePoint 2010 STIG, Version 1, Release 9V-28252
Updated banner text in V-28252.
Microsoft SharePoint 2013 STIG, Version 1, Release 6V-59949
Updated banner text in V-59949.
Microsoft SQL Server 2012 Database STIG, Version 1, Release 18V-41409
Updated features or components text within Check content.
Microsoft SQL Server 2016 Instance STIG, Version 1, Release 4V-79131
Updated Check content to cleanup "ObjectCategory" statement.
V-79191Updated Check content to better reflect password expiration.
V-79195Updated Check content and Fix text to reflect clusters.
V-79213Updated path in Check content.
V-79239Updated SQL statement in Check content.
V-79255Updated SQL statement in Check content.
V-79317Removed erroneous text from Check content.
V-79329Updated FileStream enable/disable in the Check content.
V-79331This requirement will be removed.
Microsoft Windows 10 STIG, Version 1, Release 16V-63337
Updated Full Disk encryption requirement to direct sites to use BitLocker on all Windows 10 information systems (including SIPRNET).
Microsoft Windows 2008 Server Domain Name System STIG, Version 1, Release 5V-58627
Added alternative method for disabling IPv6, consistent with vendor documentation.
Microsoft Windows 2012 Server Domain Name System STIG, Version 1, Release 11V-58611
Provided clarification regarding delegation of administration of DNS zones.
V-58627Added alternative method for disabling IPv6, consistent with vendor documentation.
V-58629Corrected Check content verbiage for UDP port.
Mozilla FireFox STIG, Version 4, Release 24V-15772
Updated V-15772 to use "plugin.default_plugin_disabled".
V-15775Updated V-15775 to replace "signon.prefillforms" with "signon.autofillForms".
V-15777Removed depreciated requirement V-15777.
V-15988Removed duplicate requirement V-15988.
V-19743Updated syntax in V-19743.
V-79053Updated V-79053 to include blocking of health data submission.
Multifunction Device and Network Printers STIG, Version 2, Release 13V-6777
Updated MFD01.001 (V-6777) to state "call-home" feature is disallowed.
V-6779Updated MFD01.003 (V-6779) to state "call-home" feature is disallowed.
V-6780Updated MFD02.004 (V-6780) to state "call-home" feature is disallowed.
V-6782Updated MFD02.002 (V-6782) to state "call-home" feature is disallowed.
Network Devices STIG, Version 8, Release 23V-3013
Updated banner (insert spaces between statements).
Network Infrastructure Router L3 Switch STIG - Cisco , Version 8, Release 29V-3013
Updated banner (insert spaces between statements).
Network Infrastructure Router L3 Switch STIG - Cisco, Version 8, Release 29V-3013
Updated banner (insert spaces between statements).
V-5624Remove NET-NAC-012.
V-5626Updated Check content and Fix text: made Note to ensure force-authorized is not configured.
Network Infrastructure Router L3 Switch STIG - Juniper, Version 8, Release 29V-3013
Updated banner (insert spaces between statements).
Network Infrastructure Router L3 Switch STIG, Version 8, Release 29V-3013
Updated banner (insert spaces between statements).
V-5624Remove NET-NAC-012.
Network IPSec VPN Gateway STIG, Version 1, Release 16
V-3013Updated banner (insert spaces between statements).
Network Layer 2 Switch SRG, Version 1, Release 3V-62159
Removed SRG-NET-000151-L2S-000018.
Network Layer 2 Switch STIG - Cisco, Version 8, Release 27V-3013
Updated banner (insert spaces between statements).
V-5624Removed NET-NAC-012.
V-5626Updated Check content and Fix text: make Note to ensure force-authorized is not configured.
Network Layer 2 Switch STIG, Version 8, Release 27V-3013
Updated banner (insert spaces between statements).
V-5624Removed NET-NAC-012.
Network Perimeter Router L3 Switch STIG - Cisco, Version 8, Release 32V-3013
Updated banner (insert spaces between statements).
V-5624Removed NET-NAC-012.
V-5626Updated Check content and Fix text: make Note to ensure "force-authorized" is not configured.
Network Perimeter Router L3 Switch STIG - Juniper, Version 8, Release 32V-3013
Updated banner (insert spaces between statements).
Network Perimeter Router L3 Switch STIG, Version 8, Release 32V-3013
Updated banner (insert spaces between statements).
V-5624Removed NET-NAC-012.
Oracle Database 12c STIG, Version 1, Release 12V-61739
Removed SRG reference from Check content and Fix text.
Oracle HTTP Server 12.1.3 STIG, Version 1, Release 5V-64341
Corrected typo for V-64341.
V-64485Altered Check content to match fix for V-64485.Corrected typo for V-64485.
Oracle Linux 6 STIG, Version 1, Release 14V-50567
Updated the finding statement to allow for ISSO/ISSM documentation of package installation/usage.
V-50641Added a "Not Applicable" statement for systems that do not have the package installed.
V-50739Added a "Not Applicable" statement for systems that do not have the package installed.
V-50751Added a "Not Applicable" statement for systems that do not have the package installed.
V-50995Updated the Finding statement to reflect the correct conditions for non-compliance.
Palo Alto Application Layer Gateway (ALG) STIG, Version 1, Release 4V-62571
Updated the Vulnerability Discussion, Check content, and Fix text removed incorrect steps with steps to add anti-spoofing for IP to each zone policy.
V-62579In the Check content and Fix text changed "block" to "drop". Block is not a selection on this screen.
V-62581In the Vulnerability Discussion, Check content, and Fix text changed "block" to "drop". Block is not a selection on this screen.
V-62585In the Rule, Vulnerability Discussion, Check content, and Fix text changed "block" to "drop". Block is not a selection on this screen.
V-62587In the Vulnerability Discussion, Check content, and Fix text changed "block" to "drop". Block is not a selection on this screen.
Palo Alto Intrusion Detection and Prevention System (IDPS) STIG, Version 1, Release 2V-62657
In the Rule, Vulnerability Discussion, Check content, and Fix text change "block" to "drop". Block is not a selection on this screen.
V-62661In the Rule, Vulnerability Discussion, Check content, and Fix text changed "block" to "drop". Block is not a selection on this screen.
Red Hat Enterprise Linux 6 STIG Benchmark, Version 1, Release 22V-38540
Added OVAL to check auditing of changes to system network configurations.
V-38566Added OVAL to check auditing of failed attempts to access files and directories.
V-38693Added OVAL to check "maxrepeat" setting.
Red Hat Enterprise Linux 6 STIG, Version 1, Release 21V-38599
Added a "Not Applicable" statement for systems that do not have the package installed.
V-38606Updated the finding statement to allow for ISSO/ISSM documentation of package installation/usage.
V-38693Updated the Finding statement to reflect the correct conditions for non-compliance.
V-38701Added a "Not Applicable" statement for systems that do not have the package installed.
V-38702Added a "Not Applicable" statement for systems that do not have the package installed.
Red Hat Enterprise Linux 7 STIG Benchmark, Version 2, Release 2V-71855
Updated OVAL to exclude "ghost" files from rpmverify md5 check.
V-71939Updated OVAL to use a different SSH server installation test when checking whether empty passwords will be accepted.
V-71953Updated OVAL content to allow for white spaces within the configuration file.
V-71955Updated OVAL content to allow for white spaces within the configuration file.
V-72011Created new OVAL content for RHEL 7 rule SV-86635.
V-72015Created new OVAL content for RHEL 7 rule SV-86639.
V-72095Updated OVAL content for RHEL 7 rule SV-86719.
V-72135Updated OVAL to make "-F perm" optional when auditing use of the "semanage" command.
V-72137Updated OVAL to make "-F perm" optional when auditing use of the "setsebool" command.
V-72139Updated OVAL to make "-F perm" optional when auditing use of the "chcon" command.
V-72141Updated OVAL to make "-F perm" optional when auditing use of the "setfiles" command.
V-72151Updated OVAL to make "-F perm" optional when auditing use of the "unix_chkpwd" command.
V-72159Updated OVAL to make "-F perm" optional when auditing use of the "su" command.
V-72161Updated OVAL to make "-F perm" optional when auditing use of the "sudo" command.
V-72165Updated OVAL to make "-F perm" optional when auditing use of the "newgrp" command.
V-72167Updated OVAL to make "-F perm" optional when auditing use of the "chsh" command.
V-72173Updated OVAL to make "-F perm" optional when auditing use of the "umount" command.
V-72175Updated OVAL to make "-F perm" optional when auditing use of the "postdrop" command.
V-72177Updated OVAL to make "-F perm" optional when auditing use of the "postqueue" command.
V-72179Updated OVAL to make "-F perm" optional when auditing use of the "ssh-keysign" command.
V-72183Updated OVAL to make "-F perm" optional when auditing use of the "crontab" command.
V-72185Updated OVAL to make "-F perm" optional when auditing use of the "pam_timestamp_check" command.
V-72221Updated OVAL to use a different SSH server installation test when checking which ciphers will be accepted.
V-72245Update OVAL content for RHEL 7 rule SV-86869.
V-72253Updated OVAL to use a different SSH server installation test when checking which MACs will be accepted.
V-72257
Updated OVAL to allow "0640" permissions on SSH private host key files.
V-72275Updated OVAL content for RHEL 7 rule SV-86899.
V-72303Updated OVAL to use a different SSH server installation test when checking whether remote X sessions will be encrypted.
V-72433Created new OVAL content for RHEL 7 rule SV-87057.
V-73163Created new OVAL content for RHEL 7 rule SV-87815.
V-77819Created new OVAL content for RHEL 7 rule SV-92515.
V-77823Created new OVAL content for RHEL 7 rule SV-92519.
V-77825Created new OVAL content for RHEL 7 rule SV-92521.
V-81015Added new OVAL content for "au-remote plugin" requirement.
V-81017Added new OVAL content for "au-remote plugin off-load" audit logs requirement.
V-81019Created new OVAL content for RHEL 7 rule SV-95731.
V-81021Created new OVAL content for RHEL 7 rule SV-95733.
Red Hat Enterprise Linux 7 STIG, Version 2, Release 2V-71931
Updated the Check content to produce the correct results.
V-71945Updated a grammatical mistake in both of the Finding statements.
V-71993Updated the Fix text to correct a mistake in the "[org/gnome/settings-daemon/plugins/media-keys]logout='' " command.
V-72089Updated the Finding statement to correct a grammatical error.
V-72191Updated the Fix text from "insmod" to "kmod".
V-72257Updated the example output in the Check content and a statement in the Fix text to reflect the proper permission set.
V-72269Updated the Check content and Fix text so that "maxpoll" is defined on a "server" line.
Samsung Android OS 7 with Knox 2.x STIG, Version 1, Release 4Documentation Update
Updated the STIG Supplemental document. Added guidance related to the DoD policy on the use of fitness tracking devices/apps in operational areas. Added guidance related to using Samsung Android devices in tactical environments.
Samsung Android OS 8 with Knox 3.x COBO STIG, Version 1, Release 2Documentation Update
Updated the STIG Supplemental document. Added guidance related to the DoD policy on the use of fitness tracking devices/apps in operational areas.
Updated the STIG Supplemental document. Added guidance related to using Samsung Android devices in tactical environments.
Updated STIG Configuration Tables document: included MDM API for each required control. Added Revision History document to the STIG package.
Samsung Android OS 8 with Knox 3.x COPE STIG, Version 1, Release 2Documentation Update
Updated the STIG Supplemental document. Added guidance related to the DoD policy on the use of fitness tracking devices/apps in operational areas.
Updated the STIG Supplemental document. Added guidance related to using Samsung Android devices in tactical environments.
Updated STIG Configuration Tables document: included MDM API for each required control. Add Revision History document to the STIG package.
Samsung Android OS 8 with Knox 3.x Overview, Version 1, Release 2Documentation Update
Updated release number and date.
Solaris 10 SPARC STIG, Version 1, Release 24V-12031
Updated mount command to use udfs.
Solaris 10 x86 STIG, Version 1, Release 24V-12031
Updated mount command to use udfs.
Solaris 10/SPARC STIG Benchmark, Version 1, Release 21Benchmark Update
Repackaged Solaris 10/SPARC benchmark with updated Rule IDs.
Solaris 10/X86 STIG Benchmark, Version 1, Release 22Benchmark Update
Repackaged Solaris 10/X86 benchmark with updated Rule IDs.
VMware vSphere 6.0 ESXi STIG, Version 1, Release 5V-63189
Updated acceptable encryption algorithms.
V-63243Added dcui to the list of acceptable users.
V-63245Added dcui to the list of acceptable users.
V-63247Added dcui to the list of acceptable users.
V-63249Added dcui to the list of acceptable users.
V-63465Updated CCI mapping.
V-63605Added dcui to the list of acceptable users.
V-63757Added dcui to the list of acceptable users.
V-63769Added dcui to the list of acceptable users.
V-63771
Added dcui to the list of acceptable users.
V-63893Added dcui to the list of acceptable users.
V-63895Added dcui to the list of acceptable users.
V-63897Added dcui to the list of acceptable users.
V-63899Added dcui to the list of acceptable users.
V-63907Added dcui to the list of acceptable users.
V-63909Added dcui to the list of acceptable users.
V-63911Added dcui to the list of acceptable users.
V-63913Added dcui to the list of acceptable users.
Voice Video Services Policy STIG, Version 3, Release 15V-8247
Updated VVoIP 1050 (V-8247) to clarify applicable SRGs/STIGs and that DSN has been sunsetted.
V-8253Updated VVoIP 1040 (V-8253) to clarify applicable SRGs/STIGs and that DSN has been sunsetted.
V-8254Updated VVoIP 1045 (V-8254) to clarify applicable SRGs/STIGs and that DSN has been sunsetted.
V-19652Updated VVoIP 5300 (V-19652) to remove term "port security" and clarify applicability.
z/OS ACF2 STIG, Version 6, Release 39V-4850
Updated the STIG addendum Authorized user Groups table and Cross ref to include and define "MCATBAT".
z/OS Automated PDI list spreadsheet, Version 6, Release 39V-17947
Added "DPCSAUDT" access to "$$REFNET" resource.
z/OS BMC CONTROL-M for ACF2 STIG, Version 6, Release 8V-17947
Changed STIG addendum to allow Decentralized Application Scheduling team access to "$$REFNET.*".
z/OS BMC CONTROL-M for RACF STIG, Version 6, Release 8V-17947
Changed STIG addendum to allow Decentralized Application Scheduling team access to "$$REFNET.*".
z/OS BMC CONTROL-M for TSS STIG, Version 6, Release 8V-17947
Changed STIG addendum to allow Decentralized Application Scheduling team access to "$$REFNET.*".
z/OS Cross Ref of SRRAUDIT spreadsheet, Version 6, Release 39V-4850
Added additional access requirements for user catalogs.
V-17982Changed access requirement for resource.Added "APPDAUDT" access to several resources.
z/OS IBM CICS Transaction Server for ACF2 STIG, Version 6, Release 4V-17982
Updated the STIG addendum: added Note to specify "CONTROL" in certain cases.
z/OS IBM CICS Transaction Server for RACF STIG, Version 6, Release 4V-17982
Updated the STIG addendum: added Note to specify "CONTROL" in certain cases.
z/OS IBM CICS Transaction Server for TSS STIG, Version 6, Release 4V-17982
Updated the STIG addendum: added Note to specify "CONTROL" in certain cases.
z/OS RACF STIG, Version 6, Release 39V-4850
Updated the STIG addendum "Authorized user Groups" table and Cross ref to include and define "MCATBAT".
z/OS SRR Scripts, Version 6, Release 39V-120
Changed to obtain additional dataset resources.
V-136Corrected error when processing "Not Reviewed" status.
V-3219Changed process to obtain generic profile in resource class.
V-6928Changed process to obtain generic profile in resource class.
V-6968Changed process to obtain generic profile in resource class.
V-6972Changed process to obtain generic profile in resource class.
V-7482Changed process to obtain additional resource profiles for specific resources.
V-17067Changed to ignore the group permission when user is directly permitted and permitted through a group.
V-17947Added "DPCSAUDT" access to "$$REFNET" resource.Changed process to obtain generic profile in resource class.Changed process to obtain additional resource profiles for specific resources.
V-17982Changed access requirement for resource.Added "APPDAUDT" access to several resources.
MultipleInitialized variable for comments and changed processing symbolic variables.
SRR Script UpdateCorrected error when processing new Subsystem Id for WebSphere MQ.
z/OS TSS STIG, Version 6, Release 39V-4850
Updated the STIG addendum "Authorized user Groups" table and Cross ref to include and define "MCATBAT".
