Changelog
harden-doc (3.11) unstable; urgency=high
* Added an emtpy binary-arch target, following Policy requirements and
and the Etch release standards (Closes: #395608)
* Added a dhelp file (for the english document only) although the doc-base
files should be sufficient (Closes: #344879)
* Updated to the latest CVS release, this release includes many changes
to make the document more current and up-to-date:
- Remove most references to the woody release as it is no longer available
(in the archived) and security support for it is no longer available.
(Closes: #385420)
- Describe how to restrict users so that they can only do file transfers
(Closes: #385431)
- Added a note regarding the debian-private declasiffication decission
(Closes: #401234)
- Updated link of incident handling guides (Closes: #395385)
- Added a note saying that development tools (compilers, etc.) are not
installed now in the default 'etch' installation.
- Fix references to the master security server (Closes: #398656)
- Add pointers to additional APT-secure documentation
- Improve the description of APT signatures
- Comment out some things which are not yet final related to the mirror's
official public keys.
- Fixed name of the Debian Testing Security Team (Closes: #393986)
- Remove reference to sarge in an example (Closes: #393760)
- Update the antivirus section, clamav is now available on the release.
Also mention the f-prot installer (Closes: #392822)
- Removes all references to freeswan as it is obsolete
- Describe issues related to ruleset changes to the firewall if done
remotely and provide some tips (in footnotes) (Closes: #383404)
- Update the information related to the IDS installation (Closes: #402637)
- Rewrite the "running bind as a non-root user" section as this no longer
applies to Bind9. Also remove the reference to the init.d script since
the changes need to be done through /etc/default (Closes: #402966)
- Remove the obsolete way to setup iptables rulesets as woody is no longer
supported.
- Revert the advice regarding LOG_UNKFAIL_ENAB it should be set to
'no' (as per default) (Closes: #385422)
- Added more information related to updating the system with desktop
tools (including update-notifier) and describe aptitude usage to update
the system. Also note that dselect is deprecated (Closes: #394151)
- Updated the contents of the FAQ and removed redundant paragraphs
(Closes: #355765, #400938)
- Review and update the section related to forensic analysis of
malware (Closes: #396271)
- Remove or fix some dead links (Closes: #399943, #401602, #404225, #403829, #396387)
- Fix many typos and gramatical errors reported by Francesco Poli
(Closes: #397376, #398674, #400126, #401235, #401752, #401926, #402966, #403950, #403951, #404126, #404224, #392700, #393759, #393761, #397377, #397990, #399942, #394157)
* Use debhelper compatibility version 4
-- Michael Bienia <email address hidden> Fri, 26 Jan 2007 14:22:46 +0000
