Release announcement: SCM 3.4.0 and 2.24.0

[Puppet Product Updates]

SCM 3.4.0 and 2.24.0 are available!

We’re excited to announce the release of Security Compliance Management (SCM) versions 3.4.0 and 2.24.0. In addition to bug and security fixes, both releases include the latest available version of the CIS-CAT Pro Assessor, so Puppet Enterprise customers can use SCM to monitor compliance with the latest operating system benchmarks published by the Center for Internet Security (CIS).

 

CIS-CAT Pro Assessor updates

SCM 3.4.0 and 2.24.0 include version 4.52.0 of the CIS-CAT Pro Assessor.

Updated benchmarks

• Apple macOS 12.0 Monterey v4.0.0
• Apple macOS 12.0 Monterey Cloud-tailored v1.1.0
• Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0
• Microsoft Windows 11 Enterprise v4.0.0
• Microsoft Windows Server 2019 STIG v3.0.0
• Microsoft Windows Server 2022 STIG v2.0.0
• Red Hat 8 STIG v2.0.0
• SUSE Linux Enterprise 15 v2.0.1
• Ubuntu Linux 20.04 LTS v3.0.0

Removed benchmarks:

• CIS Microsoft Windows Server 2012 (non-R2) Benchmark v3.0.0
• Microsoft Windows Server 2012 R2 Benchmark v3.0.0

Java update

The JRE included in the assessor bundle is updated to Amazon Corretto v8.442.06.1

 

Platform support for SCM

SCM can now be installed on the following operating systems: AlmaLinux 9, Rocky Linux 9, Oracle Linux 9, Debian 12.

 

Resolved issues

3.4.0 and 2.24.0

• Fixed an issue affecting the export service.
• Fixed an issue where scans showed success but reported 0% results due to an OS mismatch.
• Security fixes for a range of CVEs.

3.4.0 only

• Fixed an issue where the offline install bundle did not properly include the .modules directory.

 

For full details of what’s included in the release, see the SCM docs:

• 3.4.0 release notes
• 2.24.0 release notes

 

This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately.