Release notes for version 1.3.7.1946

No	Type	Description
---	-----	----------------------------------


1	CHECK	Progamming policy; Added new check to test for ALTER USER syntax used in PL/SQL 
		in dba_source
2	CHECK	Programming policy; Added a new check that detects the use of the IDENTIFIED BY
		syntax in PL/SQL in dba_source
3	CHECK	Code library; the code check against dba_source has been modified to translate | to
		^ to avoid output being mis-interpreted.
4	CHECK	Progamming policy; new check added to test for CREATE USER DDL syntax in PL/SQL
		in dba_source
5	CHECK	Programming policy; new check added to test for DROP USER DDL syntax in PL/SQL
		in dba_source
6	CHECK	Programming policy; new check added to test for the use of KUPP$PROC in PL/SQL
		in dba_source
7	CHECK	Programming policy; new check added to test for use of the GRANT TO DDL syntax
		in PL/SQL stored in dba_source
8	CHECK	Programing polcy; new check added that tests for use of the execute immediate
		syntax with concatenation in PL/SQL in dba_source
9	CHECK	Programming policy; Added new check that tests for a second use of execute 
		immediate with concatenation in PL/SQL in dba_source
10	CHECK	Programming policy; new check added that tests for the use of DBMS_SQL in PL/SQL
		found in dba_source
11	CHECK	Programming policy; new check added that tests for the use of DBMS_SYS_SQL in PL/SQL
		found in dba_source
12	CHECK	Programming polcicy; new check added that tests for use of OPEN FOR in PL/SQL
		found in dba_source
13	CHECK	Programming policy; new check added thst looks for concatenation of statements 
		in PL/SQL in dba_source - type 1
14	CHECK	Programming policy; new check added thst looks for concatenation of statements 
		in PL/SQL in dba_source - type 2
15	CHECK	Programming policy; new check added thst looks for concatenation of statements 
		in PL/SQL in dba_source - type 3
16	CHECK	Programming policy; New check added to test for the use of DBMS_OBFUSCATION_TOOLKIT
		in PL/SQL in dba_source
17	CHECK	Programming policy; new check added to test for the use of DBMS_CRYPTO in PL/SQL
		in dba_source
18	CHECK	Programming policy; new check added to test for possible keys in PL/SQL in
		dba_source
19	CHECK	Programming policy; new check added to test for possible passwords in PL/SQL
		in dba_source
20	CHECK	Programming policy; new check added to test for possible passwords in PL/SQL
		in dba_source
21	CHECK	Programming policy; new check added to test for possible certificates hard coded
		in PL/SQL in dba_source
22	INSTALL	PFCL.config modified to add number of schema accounts
23	CHECK	Audit Information Policy; Added a check to list out all proxy users
24	CHECK	Audit user privilege policy; new check added to test for existance or not of proxy
		users
25	CHECK	Audit user privilege policy; new check added that tests if schemas have a 
		corresponding proxy access account
26	CHECK	Audit user privilege policy; new check added that lists schemas either derived
		from the database or from PFCL.config if they exist
27	CHECK	Audit user privilege; text updated for ANY privileges to define scope
28	CHECK	Audit privilege access policy; default number of customer DBA roles set to zero
		by default not one.
29	CHECK	Audit user privilege policy; Modified the check for users with %ANY% privileges
		to also now take into account PFCL.config defined DBA users
30	CHECK	Password strength and users policy; a new check has been added to test whether any 
		Oracle default accounts have a status that is not EXPIRED & LOCKED
31	CHECK	Deep analysis 1 policy; new check added to test for existance of custom system
		triggers
32	CHECK	Audit configuration policy; All audit trail settings changed to exclude proxy so
		that proxy will be added seperately
33	CHECK	Audit configuration policy; A new check has been added to test whether audit for
		alter user is enabled for all users
34	CHECK	Audit configuration policy; A new check added to test whether audit is enabled
		for the become user privilege for all users.
35	CHECK	Audit configuration policy; A new check added to test whether audit is enabled
		for the create user privilege for all users
36	CHECK	Audit configuration policy; A new check added to test whether audit is enabled
		for the drop user privilege for all users
37	CHECK	Audit configuration policy; A new check added to test whether audit is enabled
		for audit system for all users
38	CHECK	Audit configuration policy; A new check added to test whether audit is enabled
		for audit any for all users
39	CHECK	audit configuration; new check added to test if audit on read, update, delete
		and audit is enabled for all users on AUD$
40	CHECK	audit configuration; new check added to test if audit on read, update, delete,
		insert and audit is enabled for all users on AUDIT$
41	CHECK	Audit configuration policy; A new check added to test if audit on execute and 
		audit is enabled for all users on DBMS_AUDIT_MGMT
42	CHECK	Audit configuration policy; new check added to test if audit on system audit
		is enabled for all users.
43	CHECK	Audit configuration policy; new check added to test if audit on system grants
		is enabled for all users
44	CHECK	Audit configuration policy; A new check is added to test for audit of role
		statements by all users
45	CHECK	Audit configuration policy; a new check is added to test for audit of creation
		of a role by all users
46	CHECK	Audit configuration policy; a new check is added to test for audit of dropping
		any role by all users
47	CHECK	Audit configuration policy; a new check is added to test for audit of altering
		any role by all users
48	CHECK	Audit configuration policy; new check added to test for audit of database link
		statement for all users
49	CHECK	Audit configuration policy; new check added to test for audit of public database 
		link statement for all users
50	CHECK	Audit configuration policy; new check added to test for audit of create database
		system privilege for all users
51	CHECK	Audit configuration policy; new check added to test for audit of create public 
		database system privilege for all users
52	CHECK	Audit configuration policy; new check added to test for audit of drop public 
		database system privilege for all users
53	CHECK	Audit configuration policy; new check added to test for audit on dba_stmt_audit_opts
		for all users
54	CHECK	Audit configuration policy; new check added to test for audit on dba_priv_audit_opts
		for all users
55	CHECK	Audit configuration policy; new check added to test for audit on dba_obj_audit_opts
		for all users		
56	CHECK	Audit configuration policy; new check added to test for audit on dba_audit_trail
		for all users
57	CHECK	Audit configuration policy; new check added to test for audit on the directory
		statement audit for all users
58	CHECK	Audit configuration policy; new check added to test for audit on the grant directory
		statement audit for all users
59	CHECK	Audit configuration policy; new check added to test for audit on create any
		directory privilege for all users
60	CHECK	Audit configuration policy; new check added to test for audit on drop any
		directory privilege for all users
61	CHECK	Audit configuration policy; new check added to test for audit on alter system
		privilege for all users
62	CHECK	Audit configuration policy; new check added to test for audit on UTL_FILE
		for all users
63	CHECK	Operating system policy; sqlplus check updated to define the purpose
64	CHECK	Operating system policy; check added to test that Oracle software does not
		run as root
65	CHECK	Audit information policy; new check added to return the database instance name
		for use in oprating system checks.
66	CHECK	OS Process policy; A new check has been added to test for multiple Oracle
		installations sharing the same Unix account
67	CHECK	OS user policy; new check added to test that software owner is not name oracle
68	CHECK	OS User policy; new check added to test that the software owner is not
		in the root group.
69	CHECK	OS Process Policy; a new check is added to test for binaries in the ORACLE_HOME/bin
		directory not owned by the software owner.
70	CHECK	OS User polcicy; new check added to return the oracle software owner name
71	CHECK	OS Process Policy; new check added to test the Unix permissions for the 
		audit_file_dest location
72	CHECK	OS Process policy; new check added to test if the Oracle software owner account
		is accessible interactively
73	CHECK	OS Process policy; New check added that counts group membership for the Oracle
		software owner account
74	CHECK	OS Analysis Policy; New check added to test for OSOPER Unix group
75	CHECK	OS Analysis policy; new check added to test for OINSTALL unix group
76	CHECK	OS Process policy; New check added to test ORACLE_HOME/bin permissions
77	CHECK	OS Process policy; New check added to test ORACLE_HOME permissions
78	CHECK	Deep Analysis 1 policy; New check added to test if schema accounts are open
79	CHECK	Deep Analysis 2 policy; New check added to look for Non DBA users with DBA
		like privileges.
80	CHECK	Audit information Policy; Added a new check to list out the service name
81	CHECK	Network Policy; new check added to test the length of the database SID
82	CHECK	OS Process Policy; New check added to extract the listener port string
83	CHECK	OS Analysis policy; new check added to test the listener port range
84	INSTALL	PFCL.config, new parameter for listener port range added
85	CHECK	OS process policy; new check added to extract extproc service
86	CHECK	OS Process policy; new check added to test the extproc binary permissions
87	INSTALL	PFCL.config; new parameter added to show if extproc is used or not
88	CHECK	OS Analysis policy; new check added to test if enabled extproc is needed
89	CHECK	OS Analysis policy; new check added to test if eeextproc binary permissions
		are 000 when extproc is not needed.
90	CHECK	Deep 3 policy; new check added to determine the listener base directory
91	CHECK	OS Process policy; new check added to test listener authentication
92	CHECK	Audit Linux project template; report templates rationalised
93	CHECK	OS Process policy; new check added to test the ADMIN_RESTRICTIONS on the listener
94	CHECK	OS Process policy; new check added to retrieve the listener log file name
95	CHECK	OS Analysis policy; new check added to test if listener logging not enabled
96	CHECK	Audit Privilege Access policy; New check added to test for the existance of the
		customer application support role
97	CHECK	Audit privilege access policy; new check added to test for existance of the 
		customer application support users
98	CHECK	Deep Analysis 2; new check added to show weak password management
99	CHECK	Audit Privilege Access policy; new check added to test if customer profiles exist
100	CHECK	Deep Analysis 2 policy; new check added to show profile issues