Releases: aquasecurity/kube-bench
Releases · aquasecurity/kube-bench
v0.9.4
Changelog
- 2fa813e build(deps): bump alpine from 3.20.3 to 3.21.0 (#1751)
- cce6b9d build(deps): bump github.com/magiconair/properties from 1.8.7 to 1.8.9 (#1750)
- 84fb69d build(deps): bump golang from 1.23.3 to 1.23.4 (#1752)
- e26eff0 build(deps): bump golang.org/x/crypto from 0.24.0 to 0.31.0 (#1754)
- f0f89b2 fix: change the folder name for certificate files in rke-1.23 and rke-1.24, fixes #1747 (#1749)
- fbb674c fix: check_files_owner_in_dir.sh script not found error, fixes #1746 (#1755)
v0.9.3
Changelog
- 39dfe93 Ensure 127.0.0.1 for the --bind-address parameter (#1723)
- 0eae00c build(deps): bump codecov/codecov-action from 4 to 5 (#1733)
- 3ee8299 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1743)
- 6aa242e build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1745)
- 09aa59e build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#1736)
- 6da5ff4 build(deps): bump gorm.io/driver/postgres from 1.5.9 to 1.5.11 (#1742)
- 2500cee build(deps): bump k8s.io/client-go from 0.31.2 to 0.31.3 (#1738)
- 20604a5 fix: change the folder name for certificate files in rke-cis-1.7
- 64bc053 fix: k3s-cis-*- CHECK 4.2.1-4.2.3 (#1739)
v0.9.2
Changelog
- 5eccb49 FIX| RKE-CIS-1.24- CHECK 1.1.19 (#1722)
- d5ba5ed build(deps): bump actions/setup-python from 4 to 5 (#1536)
- 0e3dbfa build(deps): bump docker/build-push-action from 5 to 6 (#1631)
- ea24d0e build(deps): bump engineerd/setup-kind from 0.5.0 to 0.6.2 (#1721)
- 7ce327f build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1728)
- 74f5c8b build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1716)
- 9f0f556 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1724)
- 5fac7f6 build(deps): bump github.com/fatih/color from 1.16.0 to 1.18.0 (#1719)
- 8656945 build(deps): bump github.com/golang/glog from 1.2.2 to 1.2.3 (#1726)
- e2a97f4 build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#1718)
- 702107d build(deps): bump github.com/spf13/viper from 1.18.2 to 1.19.0 (#1720)
- 86c6a27 build(deps): bump golang from 1.22.7 to 1.23.2 (#1697)
- 27a1942 build(deps): bump golang from 1.23.2 to 1.23.3 (#1727)
- e9ea1db build(deps): bump golangci/golangci-lint-action from 4 to 5 (#1604)
- e48c3dd build(deps): bump golangci/golangci-lint-action from 5 to 6 (#1707)
- b4000f6 build(deps): bump gorm.io/gorm from 1.25.10 to 1.25.12 (#1714)
- ddb586d build(deps): bump k8s.io/apimachinery from 0.29.3 to 0.31.1 (#1681)
- 8a695eb build(deps): bump k8s.io/client-go from 0.29.3 to 0.31.2 (#1712)
- 5568895 chore: add go toolchain version (#1710)
v0.9.1
v0.9.0
Changelog
- a15e8ac Add GKE 1.6 CIS benchmark for GCP environment (#1672)
- e8562f2 Extend default kubelet configlist to fit AWS EKS (#1637)
- c533d68 FIXING RKE-2-CIS-1.24 Checks (#1688)
- b85ec78 Fix CIS-1.9 policies 5.1.1/5.1.5 typos (#1658)
- 2751f87 Fix audit and remediation for CIS-1.9 master 1.1.13/1.1.14 (#1649)
- f6877e3 Fix issue 1595: failed to output to ASFF (#1691)
- 4b4c1ce Modify
1.2.3 Ensure that the DenyServiceExternalIPs is set
in CIS-1.7/1.8 (#1607) - a9422a6 Overhaul of K3s scans (#1659)
- 674d8e8 Update command to build docker to run in EKS cluster (#1648)
- e75cd6b Updated KUBECTL_VERSION to 1.31.0 for fixing vulnerabilities (#1690)
- d8f041a build(deps): bump alpine from 3.20.0 to 3.20.3 (#1676)
- c683e93 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1696)
- 5a3fd1d build(deps): bump golang from 1.22.2 to 1.22.4 (#1629)
- e477252 build(deps): bump gorm.io/driver/postgres from 1.5.6 to 1.5.9 (#1698)
- f8b6f2f chore: fixed vulns - bump Go version (#1687)
- 3a0ccc4 fix: rh-1.0 check 4.1.3 typo (#1652)
- 7ea1d59 update audit script for cis-1.9 kubernetes policies id 5.1.6 (#1655)
- 89842dc update dockerfile to add package findutils (#1657)
v0.8.0
Changelog
- 7027b6b Add CIS kubernetes CIS-1.9 for k8s v1.27 - v1.29 (#1617)
- ed51191 Replace custom k3s etcd script checks with vanilla grep checks (#1601)
- 0f8dfaf Statically link binaries and remove debug information (#1615)
- d8fc376 build(deps): bump alpine from 3.19.1 to 3.20.0 (#1621)
- 2a8615b build(deps): bump golang from 1.22.1 to 1.22.2 (#1596)
- 8710274 build(deps): bump goreleaser/goreleaser-action from 5 to 6 (#1628)
v0.7.3
Changelog
- d2d3e72 Currently, certain commands involve retrieving all node names or pods and then executing additional commands in a loop, resulting in a time complexity linearly proportional to the number of nodes. (#1597)
- dc8f4d3 build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.25.2 to 1.26.0 (#1589)
- 45afbd7 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1577)
- 73e1377 build(deps): bump github.com/jackc/pgx/v5 from 5.4.3 to 5.5.4 (#1586)
- dc74416 build(deps): bump golang from 1.22.0 to 1.22.1 (#1583)
- 65c484e build(deps): bump k8s.io/client-go from 0.29.1 to 0.29.3 (#1587)
v0.7.2
Changelog
- 2374e7b Rancher checks correction (#1563)
- 72eee4b build(deps): bump alpine from 3.19.0 to 3.19.1 (#1557)
- 66a2151 build(deps): bump codecov/codecov-action from 3 to 4 (#1561)
- 3021706 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1554)
- f297da6 build(deps): bump golang from 1.21.6 to 1.22.0 (#1569)
- 3db3f73 build(deps): bump golangci/golangci-lint-action from 3 to 4 (#1568)
- 57132a6 build(deps): bump gorm.io/driver/postgres from 1.5.4 to 1.5.6 (#1567)
- faeceb5 job.yaml: Adding /var/lib/cni mounts for proper CIS 1.1.9 and 1.1.0 checking (#1547)
- ee5e4af update rke-cis-1.24 benchmarks: corrected errors and tests (#1570)
v0.7.1
Changelog
- 13da372 Updating the rh-1.0 OCP checks (#1548)
- faa1b4b build(deps): bump actions/cache from 3 to 4 (#1551)
- 221ff4f build(deps): bump actions/setup-go from 4 to 5 (#1537)
- 39c29fb build(deps): bump alpine from 3.18.3 to 3.19.0 (#1535)
- 3894987 build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.18.0 to 1.24.1 (#1550)
- 8c47d59 build(deps): bump github.com/spf13/viper from 1.14.0 to 1.18.2 (#1541)
- 628999c build(deps): bump golang from 1.21.5 to 1.21.6 (#1549)
- 151efc3 build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#1542)
- cc6c091 build(deps): bump gorm.io/driver/postgres from 1.4.6 to 1.5.4 (#1514)
- b17aa70 build(deps): bump k8s.io/apimachinery from 0.29.0 to 0.29.1 (#1553)
- 7efba2b build(deps): bump k8s.io/client-go from 0.26.0 to 0.29.0 (#1540)
- a93b19f build(deps): bump k8s.io/client-go from 0.29.0 to 0.29.1 (#1552)
- 57fba22 chore: update base image to ubi9 (#1556)
- a4b46f5 chore: update go version to 1.21 (#1546)
v0.7.0
Changelog
- f8fe5ee Add CIS Benchmarks support to Rancher Distributions RKE/RKE2/K3s (#1523)
- 7a55d5d Issue: The initial command produces "root:root" as its output only when the file is present. However, if the file is missing, the command will still run successfully, though the desired output of "root:root" won't be obtained. (#1538)
- 292678a build(deps): bump actions/checkout from 3 to 4 (#1492)
- 64c0492 build(deps): bump docker/login-action from 2 to 3 (#1500)
- 1393449 build(deps): bump docker/setup-buildx-action from 2 to 3 (#1497)
- 2b466ab build(deps): bump docker/setup-qemu-action from 2 to 3 (#1503)
- 63055a7 build(deps): bump github.com/fatih/color from 1.14.1 to 1.16.0 (#1520)
- 0918b41 build(deps): bump github.com/golang/glog from 1.0.0 to 1.1.2 (#1489)
- 875fbc7 build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.8.0 (#1530)
- dc0580c build(deps): bump golang from 1.21.1 to 1.21.3 (#1507)
- f353bc4 build(deps): bump golang from 1.21.3 to 1.21.5 (#1534)
- ade7cef build(deps): bump gorm.io/gorm from 1.25.1 to 1.25.5 (#1516)
- c3e3c4c chore: remove refs to deprecated io/ioutil (#1504)
- fac90f7 feat(cis-1.24-microk8s): Add support to CIS-1.24 for microk8s distro (#1510)
- 0c553cd fix wrong use of flag in test_items found in 4.13 and 4.14 (#1528)
- 92a18e7 support CIS Kubernetes Benchmark v1.8.0 (#1527)