Release notes for version 1.3.7.1946
No Type Description
--- ----- ----------------------------------
1 CHECK Progamming policy; Added new check to test for ALTER USER syntax used in PL/SQL
in dba_source
2 CHECK Programming policy; Added a new check that detects the use of the IDENTIFIED BY
syntax in PL/SQL in dba_source
3 CHECK Code library; the code check against dba_source has been modified to translate | to
^ to avoid output being mis-interpreted.
4 CHECK Progamming policy; new check added to test for CREATE USER DDL syntax in PL/SQL
in dba_source
5 CHECK Programming policy; new check added to test for DROP USER DDL syntax in PL/SQL
in dba_source
6 CHECK Programming policy; new check added to test for the use of KUPP$PROC in PL/SQL
in dba_source
7 CHECK Programming policy; new check added to test for use of the GRANT TO DDL syntax
in PL/SQL stored in dba_source
8 CHECK Programing polcy; new check added that tests for use of the execute immediate
syntax with concatenation in PL/SQL in dba_source
9 CHECK Programming policy; Added new check that tests for a second use of execute
immediate with concatenation in PL/SQL in dba_source
10 CHECK Programming policy; new check added that tests for the use of DBMS_SQL in PL/SQL
found in dba_source
11 CHECK Programming policy; new check added that tests for the use of DBMS_SYS_SQL in PL/SQL
found in dba_source
12 CHECK Programming polcicy; new check added that tests for use of OPEN FOR in PL/SQL
found in dba_source
13 CHECK Programming policy; new check added thst looks for concatenation of statements
in PL/SQL in dba_source - type 1
14 CHECK Programming policy; new check added thst looks for concatenation of statements
in PL/SQL in dba_source - type 2
15 CHECK Programming policy; new check added thst looks for concatenation of statements
in PL/SQL in dba_source - type 3
16 CHECK Programming policy; New check added to test for the use of DBMS_OBFUSCATION_TOOLKIT
in PL/SQL in dba_source
17 CHECK Programming policy; new check added to test for the use of DBMS_CRYPTO in PL/SQL
in dba_source
18 CHECK Programming policy; new check added to test for possible keys in PL/SQL in
dba_source
19 CHECK Programming policy; new check added to test for possible passwords in PL/SQL
in dba_source
20 CHECK Programming policy; new check added to test for possible passwords in PL/SQL
in dba_source
21 CHECK Programming policy; new check added to test for possible certificates hard coded
in PL/SQL in dba_source
22 INSTALL PFCL.config modified to add number of schema accounts
23 CHECK Audit Information Policy; Added a check to list out all proxy users
24 CHECK Audit user privilege policy; new check added to test for existance or not of proxy
users
25 CHECK Audit user privilege policy; new check added that tests if schemas have a
corresponding proxy access account
26 CHECK Audit user privilege policy; new check added that lists schemas either derived
from the database or from PFCL.config if they exist
27 CHECK Audit user privilege; text updated for ANY privileges to define scope
28 CHECK Audit privilege access policy; default number of customer DBA roles set to zero
by default not one.
29 CHECK Audit user privilege policy; Modified the check for users with %ANY% privileges
to also now take into account PFCL.config defined DBA users
30 CHECK Password strength and users policy; a new check has been added to test whether any
Oracle default accounts have a status that is not EXPIRED & LOCKED
31 CHECK Deep analysis 1 policy; new check added to test for existance of custom system
triggers
32 CHECK Audit configuration policy; All audit trail settings changed to exclude proxy so
that proxy will be added seperately
33 CHECK Audit configuration policy; A new check has been added to test whether audit for
alter user is enabled for all users
34 CHECK Audit configuration policy; A new check added to test whether audit is enabled
for the become user privilege for all users.
35 CHECK Audit configuration policy; A new check added to test whether audit is enabled
for the create user privilege for all users
36 CHECK Audit configuration policy; A new check added to test whether audit is enabled
for the drop user privilege for all users
37 CHECK Audit configuration policy; A new check added to test whether audit is enabled
for audit system for all users
38 CHECK Audit configuration policy; A new check added to test whether audit is enabled
for audit any for all users
39 CHECK audit configuration; new check added to test if audit on read, update, delete
and audit is enabled for all users on AUD$
40 CHECK audit configuration; new check added to test if audit on read, update, delete,
insert and audit is enabled for all users on AUDIT$
41 CHECK Audit configuration policy; A new check added to test if audit on execute and
audit is enabled for all users on DBMS_AUDIT_MGMT
42 CHECK Audit configuration policy; new check added to test if audit on system audit
is enabled for all users.
43 CHECK Audit configuration policy; new check added to test if audit on system grants
is enabled for all users
44 CHECK Audit configuration policy; A new check is added to test for audit of role
statements by all users
45 CHECK Audit configuration policy; a new check is added to test for audit of creation
of a role by all users
46 CHECK Audit configuration policy; a new check is added to test for audit of dropping
any role by all users
47 CHECK Audit configuration policy; a new check is added to test for audit of altering
any role by all users
48 CHECK Audit configuration policy; new check added to test for audit of database link
statement for all users
49 CHECK Audit configuration policy; new check added to test for audit of public database
link statement for all users
50 CHECK Audit configuration policy; new check added to test for audit of create database
system privilege for all users
51 CHECK Audit configuration policy; new check added to test for audit of create public
database system privilege for all users
52 CHECK Audit configuration policy; new check added to test for audit of drop public
database system privilege for all users
53 CHECK Audit configuration policy; new check added to test for audit on dba_stmt_audit_opts
for all users
54 CHECK Audit configuration policy; new check added to test for audit on dba_priv_audit_opts
for all users
55 CHECK Audit configuration policy; new check added to test for audit on dba_obj_audit_opts
for all users
56 CHECK Audit configuration policy; new check added to test for audit on dba_audit_trail
for all users
57 CHECK Audit configuration policy; new check added to test for audit on the directory
statement audit for all users
58 CHECK Audit configuration policy; new check added to test for audit on the grant directory
statement audit for all users
59 CHECK Audit configuration policy; new check added to test for audit on create any
directory privilege for all users
60 CHECK Audit configuration policy; new check added to test for audit on drop any
directory privilege for all users
61 CHECK Audit configuration policy; new check added to test for audit on alter system
privilege for all users
62 CHECK Audit configuration policy; new check added to test for audit on UTL_FILE
for all users
63 CHECK Operating system policy; sqlplus check updated to define the purpose
64 CHECK Operating system policy; check added to test that Oracle software does not
run as root
65 CHECK Audit information policy; new check added to return the database instance name
for use in oprating system checks.
66 CHECK OS Process policy; A new check has been added to test for multiple Oracle
installations sharing the same Unix account
67 CHECK OS user policy; new check added to test that software owner is not name oracle
68 CHECK OS User policy; new check added to test that the software owner is not
in the root group.
69 CHECK OS Process Policy; a new check is added to test for binaries in the ORACLE_HOME/bin
directory not owned by the software owner.
70 CHECK OS User polcicy; new check added to return the oracle software owner name
71 CHECK OS Process Policy; new check added to test the Unix permissions for the
audit_file_dest location
72 CHECK OS Process policy; new check added to test if the Oracle software owner account
is accessible interactively
73 CHECK OS Process policy; New check added that counts group membership for the Oracle
software owner account
74 CHECK OS Analysis Policy; New check added to test for OSOPER Unix group
75 CHECK OS Analysis policy; new check added to test for OINSTALL unix group
76 CHECK OS Process policy; New check added to test ORACLE_HOME/bin permissions
77 CHECK OS Process policy; New check added to test ORACLE_HOME permissions
78 CHECK Deep Analysis 1 policy; New check added to test if schema accounts are open
79 CHECK Deep Analysis 2 policy; New check added to look for Non DBA users with DBA
like privileges.
80 CHECK Audit information Policy; Added a new check to list out the service name
81 CHECK Network Policy; new check added to test the length of the database SID
82 CHECK OS Process Policy; New check added to extract the listener port string
83 CHECK OS Analysis policy; new check added to test the listener port range
84 INSTALL PFCL.config, new parameter for listener port range added
85 CHECK OS process policy; new check added to extract extproc service
86 CHECK OS Process policy; new check added to test the extproc binary permissions
87 INSTALL PFCL.config; new parameter added to show if extproc is used or not
88 CHECK OS Analysis policy; new check added to test if enabled extproc is needed
89 CHECK OS Analysis policy; new check added to test if eeextproc binary permissions
are 000 when extproc is not needed.
90 CHECK Deep 3 policy; new check added to determine the listener base directory
91 CHECK OS Process policy; new check added to test listener authentication
92 CHECK Audit Linux project template; report templates rationalised
93 CHECK OS Process policy; new check added to test the ADMIN_RESTRICTIONS on the listener
94 CHECK OS Process policy; new check added to retrieve the listener log file name
95 CHECK OS Analysis policy; new check added to test if listener logging not enabled
96 CHECK Audit Privilege Access policy; New check added to test for the existance of the
customer application support role
97 CHECK Audit privilege access policy; new check added to test for existance of the
customer application support users
98 CHECK Deep Analysis 2; new check added to show weak password management
99 CHECK Audit Privilege Access policy; new check added to test if customer profiles exist
100 CHECK Deep Analysis 2 policy; new check added to show profile issues