CyberSecurityBoard
Sponsor Register Login

Red Hat Enterprise Linux 7: End of compliance content on June 30, 2024

As of Jun 30, 2024, the Red Hat Enterprise Linux 7 maintenance support 2 phase ends and Red Hat will no longer update compliance content for RHEL 7.
Many policy providers, such as CIS and DISA, will no longer update their policies once maintenance ends.
The RHEL 7 scap-security-guide package will no longer be updated.
You can continue to use the content provided after Jun 30, 2024.
The content is mature, stable, and still suitable for use by Extended Update Support customers after the end of maintenance, however as mentioned before there are no updates planned.
The Center for Internet Security and Defense Information Systems Agency will no longer publish updates to their RHEL 7 profiles.
CIS stated that version 4.0.0 will be the final release of their RHEL 7 benchmark.
DISA typically ends support of a STIG after the maintenance phase ends, which can be expected in the case of the RHEL 7 STIG. If you plan on upgrading as a result of the end of this support phase, RHEL 8 and RHEL 9 each have a STIG, with automation available for both.
This automation can be run with Red Hat Insights, Ansible, Satellite, all of this automation is powered by OpenSCAP. Red Hat has the resources, tools, and consulting offerings you need to keep your systems running and keep up with the latest benefits that Red Hat Enterprise Linux has to offer.
The Red Hat Enterprise Linux upgrade page has those upgrade resources and more.


This Cyber News was published on www.redhat.com. Publication date: Sun, 14 Apr 2024 06:13:05 +0000


Cyber News related to Red Hat Enterprise Linux 7: End of compliance content on June 30, 2024

Achieving Continuous Compliance - If you've ever explored regulatory compliance and cybersecurity, you'll understand the importance of continuous compliance in the digital age, where evolving technology and regulations require constant vigilance. This article will cover the ...
1 year ago Feeds.dzone.com
CVE-2020-8023 - A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of ...
4 years ago
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
7 months ago
Red Hat Enterprise Linux 7: End of compliance content on June 30, 2024 - As of Jun 30, 2024, the Red Hat Enterprise Linux 7 maintenance support 2 phase ends and Red Hat will no longer update compliance content for RHEL 7. Many policy providers, such as CIS and DISA, will no longer update their policies once maintenance ...
9 months ago Redhat.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
10 months ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
10 months ago Cisa.gov
Leveraging Automation for Risk Compliance in IT - Organizations often encounter the challenge of managing complex technology ecosystems while ensuring data security, compliance, and risk management. One crucial aspect of this challenge is risk compliance in IT environments, specifically Linux ...
1 year ago Securityboulevard.com
Red Hat OpenShift Service on AWS obtains FedRAMP "Ready" designation - This means that Red Hat is now listed on the FedRAMP Marketplace as actively pursuing JAB authorization, with additional updates showing our progress and achievements across the two paths for authorization: The existing Agency Authority to Operate ...
10 months ago Redhat.com
Achieving Automated TISAX Compliance - In its 2024 Automotive Cybersecurity Report, Upstream found that 50% of all automotive cyber incidents in 2023 had a high or massive impact. International institutions are taking steps to help automotive organizations defend themselves against black ...
8 months ago Tripwire.com
CVE-2020-8022 - A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise ...
3 years ago
How to Get PCI Compliance Certification? Steps to Obtain it - To mitigate the risk of such breaches, PCI compliance establishes stringent security protocols. In this blog let's understand how to get PCI Compliance certification. PCI DSS is a security standard for card transactions, which includes detailed ...
8 months ago Securityboulevard.com
Black Hat Europe 2023 Closes on Record-Breaking Event in London - PRESS RELEASE. LONDON, Dec. 20, 2023 - Black Hat, the cybersecurity industry's most established and in-depth security event series, today announced the successful completion of the in-person component of Black Hat Europe 2023. The event welcomed more ...
1 year ago Darkreading.com
CVE-2008-3844 - Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. ...
7 years ago
CVE-2019-3696 - A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module ...
4 years ago
Coming March 2024: How to Prepare for PCI DSS Version 4.0 Compliance - A 2022 Verizon report claims that only 43% of assessed organizations maintained full compliance in 2020. With the March 2024 deadline fast approaching, businesses that process and store card data are racing to implement the 13 new requirements in ...
1 year ago Securityboulevard.com
CVE-2019-3695 - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools ...
4 years ago
What's next on the horizon for telecommunications service providers? A look at 2024 with Red Hat. - In 2023, Red Hat met with so many customers and partners - from industry event interactions and individual meeting rooms to cross country visits and late-night service calls, we've learned so much from our trusted ecosystem. Now, service providers ...
1 year ago Redhat.com
CVE-2013-2165 - ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise Application Platform through 4.3.0 CP10 and 5.x through ...
1 year ago
Legal and Compliance Considerations in Cloud Computing - This paradigm change has faced challenges, primarily legal and compliance issues. This can present severe legal issues, particularly regarding data ownership. According to S. Krishnan, the transforming nature of computing has created legal ...
1 year ago Feeds.dzone.com
Linux Distros Hit by RCE Vulnerability in Shim Bootloader - Linux shim, a small piece of code that many major Linux distros use during the secure boot process, has a remote code execution vulnerability in it that gives attackers a way to take complete control of affected systems. All Linux distributions that ...
11 months ago Darkreading.com
CVE-2021-20325 - Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates ...
1 year ago
CVE-2012-5626 - EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores ...
4 years ago
Optimize Control Health Management Across Business Levels: Introducing Scopes - Managing controls across multiple business units becomes increasingly challenging and costly as operational requirements evolve. To help compliance leaders efficiently view and manage control health across product lines, geographies and business ...
1 year ago Securityboulevard.com
Enhancing PCI DSS Compliance: The Urgent Need for Risk-Based Prioritization - Keeping U.S. commercial critical national infrastructure organizations safe is vital to national security, and it's never been more top of mind as international conflicts and cyberattacks increase and create tensions for businesses, governments, and ...
11 months ago Cyberdefensemagazine.com
CVE-2012-6544 - The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)