Call: +44 (0)7759 277220 Call
PeteFinnigan.com Limited Products, Services, Training and Information
version 1.3.9.1221
Home/version 1.3.9.1221

Release notes for version 1.3.9.1221

No	Type	Description
---	-----	----------------------------------

1	CODE	The Manage Check screen has been modified to prevent free text intput
		in the code, encrypted, main and check drop down boxes.
2	CHECK	Audit Information policy ammended to work with 9.2 for a customer for
		platform checks
3	CHECK	Audit Information policy ammended to work with 9.2 for a customer for
		architecture checks
4	CHECK	Audit Information policy ammended to work with 9.2 for a customer for
		license details check
5	CHECK	Audit Pre-Emp policy modified to work with 9.2 for a customer for
		registered components
6	CHECK	Audit Pre-Emp policy modified to work with 9.2 for a customer for
		license maximums
7	CHECK	Audit Pre-Emp policy modified to work with 9.2 for a customer for
		feature usage statistics
8	CHECK	Audit Pre-Emp policy modified to work with 9.2 for a customer for
		high watermark statistics
9	CHECK	Library check check_parameter fixed for date comparison which was >=
		and should be <=
10	CHECK	Programing policy fixed for plsql_92_wrap_format to specify minimum
		version of 11 for availability
11	CODE	Manage Check screen changed to provide a full screen editor for the
		developer notes field which is used in the development of libraries
12	CHECK	The parameter library check has been updated to clarify the use of
		the date parameter.
13	CHECK	Parameter policy; the version range clarified for serializable to work
		for 10 - 12c
14	CHECK	Parameter policy; the version range clarified for row_locking to work
		for 10 - 12c
15	CHECK	Parameter policy; the version range clarified for case sensitive passwords
		to work for versions below 11g
16	CHECK	Parameter policy; the version range clarified for global failed logins
		to work for versions below 11g
17	CHECK	Parameter policy; the version range clarified for bad packet action
		to work for versions below 11g
18	CHECK	Parameter policy; the version range clarified for network trace action
		to work for versions below 11g
19	CHECK	Parameter policy; the version range clarified for server release banner
		to work for versions below 11g
20	CHECK	Parameter policy; the version range clarified for diagnostic destination
		to work for versions below 11g
21	CHECK	Backup policy; the version range clarified for transaction audit values
		to work for versions above 9.2
22	CHECK	Network policy; xml http listener check changed to work for 9.2 for
		a customer
23	CHECK	Network policy; xml ftp listener check changed to work for 9.2 for
		a customer
24	INSTALL	CPU {n} figure added to the PFCL.config file to make the {n} figure
		configurable by the customer rather than hard coded.
25	CHECK	Versions and patches policy; The existing patch check has been modified
		to work with 9.2 for a customer where there is no dba_registry_history
		table.
26	CHECK	Versions and patches policy; new n-d check added controlled by the PFCL.config
		file where the customer can specify the period of {n} now.
27	CHECK	Audit Information policy; New check added to calculate the ORACLE_HOME or
		to substitute the value from PFCL.config if it was specified.
28	INSTALL	The AuditLinux project template has been updated to include the latest
		database checks as well as the latest OS checks
29	DOC	Product documentation updated to include details of privileges required
		for 12c scanner users
30	CHECK	Password Cracker policy; New check added to test if SYS account is open
31	CHECK	Password Cracker Policy; New check added to test if SYSTEM account is open
32	CODE	New variable added {{diffplusone}} to the "repo" report tool to allow a
		customer to count errors (failed checks) at their check report level when
		a their check may use multiple PFCLScan checks
33	CODE	Documented new repo variable {{diffplusone}}
34	CHECK	Passwords and data policy; title clarified for 10g export links
35	CODE	Two new short cut variables added for "repo" for {{assign}} and {{varoff}}.
		These are template variables and classed as undocumented.
36	CODE	Two new shortcut variables added for "repo" for {{loop}} and {{endloop}}. These
		are template variables and undocumented.
37	CODE	One new shortcut variable added for "repo" for {{check:}}. This is a template
		variable and is classed as undocumented
38	CHECK	Password Cracking policy; the check for global failed logins now takes into
		account the PFCL.config value provided by the customer
39	CHECK	Object policy; Added new check for access to DBA_JOBS
40	CHECK	Object policy; Added new check for access to DBA_SCHEDULER_JOBS
41	CHECK	Audit Information policy; text ammended for links check
42	CHECK	Network policy; the test for PUBLIC database links has been redefined
43	CHECK	Network policy; new test added to look for links, private and public that
		connect to Oracle users
44	CHECK	Audit Privileges policy; The check for SYSDBA has been changed to only report
		on SYSDBA where it is granted to a non-SYS user
45	CHECK	Audit privileges policy; new seperate check added for SYSOPER rather than
		the previous joint check.
46	CHECK	Pre-Emptive Policy; Added new check to establish existing default directory
		objects in the database
47	CHECK	File system policy; default DIRECTORY object check changed to use a pre-defined
		check rather than a hard coded list.
48	CHECK	File system policy; customer installed DIRECTORY object check changed to use
		a pre-defined check rather than a hard coded list
49	CHECK	File system policy; the check for default DIRECTORY objects is made a PRE
		status check not a normal for error check
50	CHECK	Audit Information policy; A new check has been added to obtain the ORACLE_BASE
		directory from the database.
51	DOC	Documentation updated to clarify the use of single row variables in multi row
		results in pre-conditions. This is added to the notes section
52	CHECK	File system policy; new check added that tests for access to directory objects
		that allow access to the Oracle software
53	CHECK	Audit configuration; new check added to test if the audit_file_dest is within
		the ORACLE_HOME or ORACLE_BASE
54	CHECK	Audit configuration policy; Added new check to test that audit of CREATE SESSION
		is enabled for all users.
55	CHECK	Audit configuration policy; Added new check to test if audit of GRANT ANY ROLE
		is enabled for all users.
56	CHECK	Audit configuration policy; added new check to test if audit of GRANT ANY
		PRIVILEGE is enabled for all users.
57	CHECK	Audit configuration policy; Added new check to test if audit of GRANT ANY
		OBJECT privilege is enabled for all users
58	CHECK	Audit configuration policy; Added new check to test for audit USER enabled for
		all users.
59	INSTALL	Additional policy added for AuditLinux template set to allow different Unix's
		to be processed by the same polcy sets via a mapping mechanism
60	INSTALL	New policy osprocess added to the installation
61	CHECK	Initialisation check added to the OS Process policy
62	DOC	Added specification for the required Unix user privileges when executing a
		Oracle/Linux policy set audit
63	CHECK	Audit parameters policy; Added a check for 12c to show the threaded model used.
64	CHECK	Audit User privileges; External user check defined to test both external users
		where external authentication is defined and also external users who have dual
		authentication
65	CHECK	Audit User Privileges; Added a check to test the number of customers roles for
		granularity against a PFCL.config input value
66	CHECK	Audit User Privileges; The check for the grant of "all privileges" has been
		redefined.
67	INSTALL	Changed config file to include a count of customer DBA roles.
68	CHECK	Audit privilege access policy; new check added for existance of customer defined
		DBA role specified in the PFCL.config file
69	INSTALL	Changed config file to include count of custom DBA users
70	CHECK	Audit privilege access policy; new check added to test that customer DBA users
		defined in the PFCL.config have been created in the database.
71	CHECK	Deep Analysis 1 policy; added check to test if the customer defined DBA users
		have been granted the DBA role
72	CHECK	Audit Privilege access policy; Added a new check to locate all users granted the
		custom DBA roles defined in the PFCL.config file
73	CHECK	Deep Analysis 1 policy; Added new check that locates any non customer DBA who
		has been granted the customer DBA account
74	CHECK	Audit access privileges policy; Custom DBA user and custom DBA role modified to
		correct case sensitivity
75	INSTALL	New code library policy added to allow template based checks for code vulnerabilities
		to be tested.
76	CHECK	code library; library check added to allow queries against dba_source to be
		templated.