Skip to content

Releases: aquasecurity/kube-bench

v0.9.4

16 Dec 06:25
df48da4
Compare
Choose a tag to compare

Changelog

  • 2fa813e build(deps): bump alpine from 3.20.3 to 3.21.0 (#1751)
  • cce6b9d build(deps): bump github.com/magiconair/properties from 1.8.7 to 1.8.9 (#1750)
  • 84fb69d build(deps): bump golang from 1.23.3 to 1.23.4 (#1752)
  • e26eff0 build(deps): bump golang.org/x/crypto from 0.24.0 to 0.31.0 (#1754)
  • f0f89b2 fix: change the folder name for certificate files in rke-1.23 and rke-1.24, fixes #1747 (#1749)
  • fbb674c fix: check_files_owner_in_dir.sh script not found error, fixes #1746 (#1755)

v0.9.3

09 Dec 09:05
b6687c1
Compare
Choose a tag to compare

Changelog

  • 39dfe93 Ensure 127.0.0.1 for the --bind-address parameter (#1723)
  • 0eae00c build(deps): bump codecov/codecov-action from 4 to 5 (#1733)
  • 3ee8299 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1743)
  • 6aa242e build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1745)
  • 09aa59e build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#1736)
  • 6da5ff4 build(deps): bump gorm.io/driver/postgres from 1.5.9 to 1.5.11 (#1742)
  • 2500cee build(deps): bump k8s.io/client-go from 0.31.2 to 0.31.3 (#1738)
  • 20604a5 fix: change the folder name for certificate files in rke-cis-1.7
  • 64bc053 fix: k3s-cis-*- CHECK 4.2.1-4.2.3 (#1739)

v0.9.2

16 Nov 10:21
4de7b20
Compare
Choose a tag to compare

Changelog

  • 5eccb49 FIX| RKE-CIS-1.24- CHECK 1.1.19 (#1722)
  • d5ba5ed build(deps): bump actions/setup-python from 4 to 5 (#1536)
  • 0e3dbfa build(deps): bump docker/build-push-action from 5 to 6 (#1631)
  • ea24d0e build(deps): bump engineerd/setup-kind from 0.5.0 to 0.6.2 (#1721)
  • 7ce327f build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1728)
  • 74f5c8b build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1716)
  • 9f0f556 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1724)
  • 5fac7f6 build(deps): bump github.com/fatih/color from 1.16.0 to 1.18.0 (#1719)
  • 8656945 build(deps): bump github.com/golang/glog from 1.2.2 to 1.2.3 (#1726)
  • e2a97f4 build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#1718)
  • 702107d build(deps): bump github.com/spf13/viper from 1.18.2 to 1.19.0 (#1720)
  • 86c6a27 build(deps): bump golang from 1.22.7 to 1.23.2 (#1697)
  • 27a1942 build(deps): bump golang from 1.23.2 to 1.23.3 (#1727)
  • e9ea1db build(deps): bump golangci/golangci-lint-action from 4 to 5 (#1604)
  • e48c3dd build(deps): bump golangci/golangci-lint-action from 5 to 6 (#1707)
  • b4000f6 build(deps): bump gorm.io/gorm from 1.25.10 to 1.25.12 (#1714)
  • ddb586d build(deps): bump k8s.io/apimachinery from 0.29.3 to 0.31.1 (#1681)
  • 8a695eb build(deps): bump k8s.io/client-go from 0.29.3 to 0.31.2 (#1712)
  • 5568895 chore: add go toolchain version (#1710)

v0.9.1

16 Oct 14:08
c5dc28e
Compare
Choose a tag to compare

Changelog

  • 1d8f80e build(deps): bump github.com/golang/glog from 1.2.0 to 1.2.2 (#1702)
  • fa478ce fix: correct TLSCipherSuites to tlsCipherSuites (#1703)

v0.9.0

11 Oct 11:11
a15e8ac
Compare
Choose a tag to compare

Changelog

  • a15e8ac Add GKE 1.6 CIS benchmark for GCP environment (#1672)
  • e8562f2 Extend default kubelet configlist to fit AWS EKS (#1637)
  • c533d68 FIXING RKE-2-CIS-1.24 Checks (#1688)
  • b85ec78 Fix CIS-1.9 policies 5.1.1/5.1.5 typos (#1658)
  • 2751f87 Fix audit and remediation for CIS-1.9 master 1.1.13/1.1.14 (#1649)
  • f6877e3 Fix issue 1595: failed to output to ASFF (#1691)
  • 4b4c1ce Modify 1.2.3 Ensure that the DenyServiceExternalIPs is set in CIS-1.7/1.8 (#1607)
  • a9422a6 Overhaul of K3s scans (#1659)
  • 674d8e8 Update command to build docker to run in EKS cluster (#1648)
  • e75cd6b Updated KUBECTL_VERSION to 1.31.0 for fixing vulnerabilities (#1690)
  • d8f041a build(deps): bump alpine from 3.20.0 to 3.20.3 (#1676)
  • c683e93 build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub (#1696)
  • 5a3fd1d build(deps): bump golang from 1.22.2 to 1.22.4 (#1629)
  • e477252 build(deps): bump gorm.io/driver/postgres from 1.5.6 to 1.5.9 (#1698)
  • f8b6f2f chore: fixed vulns - bump Go version (#1687)
  • 3a0ccc4 fix: rh-1.0 check 4.1.3 typo (#1652)
  • 7ea1d59 update audit script for cis-1.9 kubernetes policies id 5.1.6 (#1655)
  • 89842dc update dockerfile to add package findutils (#1657)

v0.8.0

02 Jul 07:46
366e79d
Compare
Choose a tag to compare

Changelog

  • 7027b6b Add CIS kubernetes CIS-1.9 for k8s v1.27 - v1.29 (#1617)
  • ed51191 Replace custom k3s etcd script checks with vanilla grep checks (#1601)
  • 0f8dfaf Statically link binaries and remove debug information (#1615)
  • d8fc376 build(deps): bump alpine from 3.19.1 to 3.20.0 (#1621)
  • 2a8615b build(deps): bump golang from 1.22.1 to 1.22.2 (#1596)
  • 8710274 build(deps): bump goreleaser/goreleaser-action from 5 to 6 (#1628)

v0.7.3

18 Apr 07:10
ff9341a
Compare
Choose a tag to compare

Changelog

  • d2d3e72 Currently, certain commands involve retrieving all node names or pods and then executing additional commands in a loop, resulting in a time complexity linearly proportional to the number of nodes. (#1597)
  • dc8f4d3 build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.25.2 to 1.26.0 (#1589)
  • 45afbd7 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1577)
  • 73e1377 build(deps): bump github.com/jackc/pgx/v5 from 5.4.3 to 5.5.4 (#1586)
  • dc74416 build(deps): bump golang from 1.22.0 to 1.22.1 (#1583)
  • 65c484e build(deps): bump k8s.io/client-go from 0.29.1 to 0.29.3 (#1587)

v0.7.2

29 Feb 11:48
abfa7d9
Compare
Choose a tag to compare

Changelog

  • 2374e7b Rancher checks correction (#1563)
  • 72eee4b build(deps): bump alpine from 3.19.0 to 3.19.1 (#1557)
  • 66a2151 build(deps): bump codecov/codecov-action from 3 to 4 (#1561)
  • 3021706 build(deps): bump github.com/aws/aws-sdk-go-v2/config (#1554)
  • f297da6 build(deps): bump golang from 1.21.6 to 1.22.0 (#1569)
  • 3db3f73 build(deps): bump golangci/golangci-lint-action from 3 to 4 (#1568)
  • 57132a6 build(deps): bump gorm.io/driver/postgres from 1.5.4 to 1.5.6 (#1567)
  • faeceb5 job.yaml: Adding /var/lib/cni mounts for proper CIS 1.1.9 and 1.1.0 checking (#1547)
  • ee5e4af update rke-cis-1.24 benchmarks: corrected errors and tests (#1570)

v0.7.1

31 Jan 10:10
445c116
Compare
Choose a tag to compare

Changelog

  • 13da372 Updating the rh-1.0 OCP checks (#1548)
  • faa1b4b build(deps): bump actions/cache from 3 to 4 (#1551)
  • 221ff4f build(deps): bump actions/setup-go from 4 to 5 (#1537)
  • 39c29fb build(deps): bump alpine from 3.18.3 to 3.19.0 (#1535)
  • 3894987 build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.18.0 to 1.24.1 (#1550)
  • 8c47d59 build(deps): bump github.com/spf13/viper from 1.14.0 to 1.18.2 (#1541)
  • 628999c build(deps): bump golang from 1.21.5 to 1.21.6 (#1549)
  • 151efc3 build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#1542)
  • cc6c091 build(deps): bump gorm.io/driver/postgres from 1.4.6 to 1.5.4 (#1514)
  • b17aa70 build(deps): bump k8s.io/apimachinery from 0.29.0 to 0.29.1 (#1553)
  • 7efba2b build(deps): bump k8s.io/client-go from 0.26.0 to 0.29.0 (#1540)
  • a93b19f build(deps): bump k8s.io/client-go from 0.29.0 to 0.29.1 (#1552)
  • 57fba22 chore: update base image to ubi9 (#1556)
  • a4b46f5 chore: update go version to 1.21 (#1546)

v0.7.0

19 Dec 07:19
58a49da
Compare
Choose a tag to compare

Changelog

  • f8fe5ee Add CIS Benchmarks support to Rancher Distributions RKE/RKE2/K3s (#1523)
  • 7a55d5d Issue: The initial command produces "root:root" as its output only when the file is present. However, if the file is missing, the command will still run successfully, though the desired output of "root:root" won't be obtained. (#1538)
  • 292678a build(deps): bump actions/checkout from 3 to 4 (#1492)
  • 64c0492 build(deps): bump docker/login-action from 2 to 3 (#1500)
  • 1393449 build(deps): bump docker/setup-buildx-action from 2 to 3 (#1497)
  • 2b466ab build(deps): bump docker/setup-qemu-action from 2 to 3 (#1503)
  • 63055a7 build(deps): bump github.com/fatih/color from 1.14.1 to 1.16.0 (#1520)
  • 0918b41 build(deps): bump github.com/golang/glog from 1.0.0 to 1.1.2 (#1489)
  • 875fbc7 build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.8.0 (#1530)
  • dc0580c build(deps): bump golang from 1.21.1 to 1.21.3 (#1507)
  • f353bc4 build(deps): bump golang from 1.21.3 to 1.21.5 (#1534)
  • ade7cef build(deps): bump gorm.io/gorm from 1.25.1 to 1.25.5 (#1516)
  • c3e3c4c chore: remove refs to deprecated io/ioutil (#1504)
  • fac90f7 feat(cis-1.24-microk8s): Add support to CIS-1.24 for microk8s distro (#1510)
  • 0c553cd fix wrong use of flag in test_items found in 4.13 and 4.14 (#1528)
  • 92a18e7 support CIS Kubernetes Benchmark v1.8.0 (#1527)