Skip to content

OpenRMF OSS v1.13.00

Latest
Latest
Compare
Choose a tag to compare
@Cingulara Cingulara released this 10 Mar 12:57
· 9 commits to master since this release
v1.13.00
2682c5c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Version 1.13 has the following added features and fixes:

  • Added the patch vulnerability numbers to the system package dashboard
  • Added a checklist dashboard report
  • Added a Missing Data report (checklist with Not a Finding or N/A, but no details or comments)
  • Added CCI and NIST 800-53 to checklist report results
  • Fixed parsing STIG Viewer v3 combined CKLs with their different field usage
  • Updated the Template xccdf parsing to use "info" as "low" for severity
  • Added a Postgres migration to 16.2-alpine
  • Added MongoDB 6 compatibility scripts
  • Updated 3rd party images including Keycloak
  • Update the CCI listing to the latest from DISA January 2025
  • Latest DISA Templates as of February 28, 2025
  • Migrated code to .NET 8 baseline
  • Added the OpenRMF OSS logo
  • Updated base images when compiling for cleaner vulnerability scans

If you are upgrading and have not made major configuration changes (password, HTTPS, etc.), stop the current OpenRMF® OSS stack. Then unzip the contents of the OpenRMF v1.13 ZIP file into another directory/folder.

Otherwise, the only file you need if upgrading from v1.11 or v1.12 is the docker-compose.yml file with the changes to updated image tags and the full path to images. There is an update to the Keycloak KC_PROXY as it got renamed and needs a new value as well. If manually editing your own docker-compose.yml please note this area for all changes.

It is a good idea to make a backup of all your files before upgrading.

Upgrading Postgres to 16.2

There is a https://github.com/Cingulara/openrmf-docs/blob/master/postgres-16-upgrade.md guide to upgrade Postgres 11 that is EOL to 16.2 you need to do separately.

Setting MongoDB Compatibility

There are five (5) "update compatibility" scripts at https://github.com/Cingulara/openrmf-docs/tree/master/scripts/database/v1.13.0 and in the ZIP file. Once you upgrade to v1.13.00 please run each of these separately, passing in the root DB in the docker-compose.yml file for each corresponding database.

./updateChecklistDBCompatibility.sh "mongo-root-pwd-for-this-instance"

Step-by-Step Instructions for Initial Setup/Installation Everyone Must Read and Apply

https://cingulara.github.io/openrmf-docs/install.html use these once you download the ZIP into its own folder.

IMPORTANT: You must look at the .env file to set the Keycloak/OpenID location and realm. Check the .env file in the OpenRMF folder you unzip to set the IP address correctly. The docker-compose stack YML files read that .env file to launch. These cannot be "localhost" or "127.0.0.1" as inside a docker container those mean that container, not the host it is running on.

This release is for AMD or Intel based 64-bit operating systems and machines. ARM machines such as Windows Surface and Raspberry Pi are not supported and do not work correctly.

Once done read over the other documents in the repo on minimum requirements, HTTPS, security, etc. as well.

What's Changed

Full Changelog: v1.12.00...v1.13.00

Contributors

Cingulara
Assets 3
Loading