dockeruser
/
almalinux.org
mirror of https://github.com/AlmaLinux/almalinux.org.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Added Security section and page

pull/300/head
Sofia Boldyreva 2 years ago
parent
af2e551e2a
commit
ccc90141df
11 changed files with 2342 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      assets/css/bundle.css
  2. 6
      content/security.md
  3. 38
      i18n/en.json
  4. 63
      layouts/index.html
  5. 1
      layouts/partials/common/footer.html
  6. 5
      layouts/partials/common/nav.html
  7. 175
      layouts/security/single.html
  8. 1949
      static/images/alma-fingerprint-A.svg
  9. 39
      static/images/errata-iconA.svg
  10. 38
      static/images/open_vul_assessment_icon_B.svg
  11. 24
      static/images/sbom_iconF.svg

9
assets/css/bundle.css
View File

@ -7,6 +7,15 @@
.container{
padding: 0 ;
}
.itemAl_01 a {
color: #f1f8ff;
}
.itemAl_02 a {
color: #f1f8ff;
}
.al-primary-navbar .container {
padding-left: 15px !important;
padding-right: 15px !important;

6
content/security.md
View File

@ -0,0 +1,6 @@
---
title: "security"
type: security
---
security content

38
i18n/en.json
View File

@ -318,5 +318,41 @@
"Since AlmaLinux is ABI compatible with RHEL®, your applications and services should be completely interoperable. You can rapidly migrate any number of servers using the [migration tool](https://github.com/AlmaLinux/almalinux-deploy).": "Since AlmaLinux is ABI compatible with RHEL®, your applications and services should be completely interoperable. You can rapidly migrate any number of servers using the [migration tool](https://github.com/AlmaLinux/almalinux-deploy).",
"The Future of AlmaLinux is Bright - AlmaLinux OS Foundation's renewed commitment to our users.": "The Future of AlmaLinux is Bright - AlmaLinux OS Foundation's renewed commitment to our users.",
"Build System": "Build System",
"openQA": "openQA"
"openQA": "openQA",
"AlmaLinux OS Foundation publishes Errata to help users to determine what updates such as security issues and fixed bugs are available and their importance based on analysis.": "AlmaLinux OS Foundation publishes Errata to help users to determine what updates such as security issues and fixed bugs are available and their importance based on analysis.",
"AlmaLinux OS provides SCAP and SCAP Workbench packages to audit your AlmaLinux system for security compliance alongside OVAL streams.": "AlmaLinux OS provides SCAP and SCAP Workbench packages to audit your AlmaLinux system for security compliance alongside OVAL streams.",
"AlmaLinux OS has implemented SBOM into AlmaLinux Build System to make the build process more secure and possible to trace.": "AlmaLinux OS has implemented SBOM into AlmaLinux Build System to make the build process more secure and possible to trace.",
"read more": "read more",
"Security": "Security",
"Security Measures": "Security Measures",
"AlmaLinux OS Foundation provides errata to inform users about available updates, including security issues and bug fixes, and their significance through analysis. Users can easily access this information by accessing to our AlmaLinux security advisory portal, known as ": "AlmaLinux OS Foundation provides errata to inform users about available updates, including security issues and bug fixes, and their significance through analysis. Users can easily access this information by accessing to our AlmaLinux security advisory portal, known as ",
"AlmaLinux Errata": "AlmaLinux Errata",
"More details on Errata and how to use it can be found on the ": "More details on Errata and how to use it can be found on the ",
"AlmaLinux Errata wiki page": "AlmaLinux Errata wiki page",
"Additionally, AlmaLinux OS is present in the ": "Additionally, AlmaLinux OS is present in the ",
"OSV database": "OSV database",
"Errata in JSON format for 3rd party software integration:": "Errata in JSON format for 3rd party software integration:",
"errata.full.json for AlmaLinux OS 9": "errata.full.json for AlmaLinux OS 9",
"errata.full.json for AlmaLinux OS 8": "errata.full.json for AlmaLinux OS 8",
"AlmaLinux OS Foundation signs all of its software packages using a GPG signature key, which is verified by default when installing packages via dnf or graphical update tools. If a package is not signed or has an invalid signature, dnf or graphical update tools will warn the user.s will refuse to install it.": "AlmaLinux OS Foundation signs all of its software packages using a GPG signature key, which is verified by default when installing packages via dnf or graphical update tools. If a package is not signed or has an invalid signature, dnf or graphical update tools will warn the user.s will refuse to install it.",
"It’s recommended to verify the signature of a package before you install it.": "It’s recommended to verify the signature of a package before you install it.",
"Location:": "Location:",
"Download:": "Download:",
"To receive security updates and errata, users can sign up for the ": "To receive security updates and errata, users can sign up for the ",
"AlmaLinux Security Mailing List": "AlmaLinux Security Mailing List",
"Subscribing to the list will allow users to stay informed and updated on any security fixes as soon as they are available.": "Subscribing to the list will allow users to stay informed and updated on any security fixes as soon as they are available.",
"The Security Content Automation Protocol (SCAP) automates vulnerability management, measurement, and policy compliance evaluation of systems. AlmaLinux OS offers an OpenSCAP Guide that instructs on how to use the OpenSCAP and SCAP Workbench to audit your AlmaLinux system security compliance.": "The Security Content Automation Protocol (SCAP) automates vulnerability management, measurement, and policy compliance evaluation of systems. AlmaLinux OS offers an OpenSCAP Guide that instructs on how to use the OpenSCAP and SCAP Workbench to audit your AlmaLinux system security compliance.",
"OpenSCAP Guide for AlmaLinux OS 9": "OpenSCAP Guide for AlmaLinux OS 9",
"OpenSCAP Guide for AlmaLinux OS 8": "OpenSCAP Guide for AlmaLinux OS 8",
"AlmaLinux OS also has the availability of the CIS Benchmark.": "AlmaLinux OS also has the availability of the CIS Benchmark.",
"The Open Vulnerability and Assessment Language (OVAL), offers publicly accessible security information. This includes AlmaLinux OS 8 and 9, which have available public OVAL streams.": "The Open Vulnerability and Assessment Language (OVAL), offers publicly accessible security information. This includes AlmaLinux OS 8 and 9, which have available public OVAL streams.",
"You can find more about OVAL Streams on the ": "You can find more about OVAL Streams on the ",
"AlmaLinux OVAL Wiki Page": "AlmaLinux OVAL Wiki Page",
"The Software Bill of Materials (SBOM) provides a comprehensive list of third-party and open-source components in a codebase, including version numbers, licensing information, and potential vulnerabilities.": "The Software Bill of Materials (SBOM) provides a comprehensive list of third-party and open-source components in a codebase, including version numbers, licensing information, and potential vulnerabilities.",
"AlmaLinux Build System has implemented SBOM into its pipeline for security purposes, such as tracing the build process, making it more secure, and reducing the risk of data corruption. ": "AlmaLinux Build System has implemented SBOM into its pipeline for security purposes, such as tracing the build process, making it more secure, and reducing the risk of data corruption. ",
"Read more": "Read more",
"about SBOM and CAS integration with AlmaLinux.": "about SBOM and CAS integration with AlmaLinux.",
"AlmaLinux OS also provides ": "AlmaLinux OS also provides ",
"AlmaLinux SBOM User Guide": "AlmaLinux SBOM User Guide",
"AlmaLinux OS provides a set of security features: Errata, GPG keys, Mailing Lists, OpenSCAP, OVAL, SBOM": "AlmaLinux OS provides a set of security features: Errata, GPG keys, Mailing Lists, OpenSCAP, OVAL, SBOM"
}

63
layouts/index.html
View File

@ -17,6 +17,14 @@
flex: 0 0 auto;
width: 50%;
}
.container-security {
flex: 0 0 auto;
display: flex;
flex-direction: column!important;
}
.container-measure {
width: 100%!important;
}
}
@media (min-width: 800px) {
.display-5 {
@ -54,7 +62,8 @@
<section class="al-page-index">
<!-- HERO -->
<div class="container px-0 al-py-lg">
<div class="al-index-container" style="background: #0e3b5c!important;">
<div class="container px-0 al-py-lg">
<div class="row flex-lg-row-reverse align-items-center py-2 py-md-5">
<div class="d-none d-lg-block col-10 col-sm-8 col-lg-6">
@ -85,10 +94,11 @@
</div>
</div>
</div>
</div>
</div>
<!-- COMMUNITY -->
<div class="al-index-community-container">
<div class="al-index-community-container" style="background: #0f4266!important">
<div class="container al-py-md">
<div class="row row-cols-1 row-cols-sm-2 row-cols-md-3 row-cols-lg-4 g-4 py-2 py-md-5">
<div class="col d-flex align-items-stretch">
@ -154,7 +164,7 @@
</div>
<!-- ABOUT SHORT -->
<div class="al-index-about">
<div class="al-index-about" style="background: #0e3b5c!important;">
<div class="container al-py-md">
<div class="row d-flex align-items-center justify-content-center py-2 py-md-5">
<div class="col-12 col-md-12">
@ -174,7 +184,7 @@
</div>
<!-- GET ALMALINUX -->
<div id="downloads" class="al-index-community-container">
<div id="downloads" class="al-index-community-container" style="background: #0f4266!important">
<div class="container al-py-lg">
<h2 class="pb-2 text-center border-bottom">{{ i18n "Get AlmaLinux OS" }}</h2>
<div class="row row-cols-1 row-cols-sm-2 row-cols-md-3 row-cols-lg-4 g-4 py-2 py-md-5">
@ -283,6 +293,51 @@
</div>
</div>
<!-- SECURITY -->
<div class="al-index-security-container" style="background: #0e3b5c!important;">
<div class="container al-py-lg" style="padding: 48px 15px;">
<h2 class="pb-2 text-center border-bottom" style="border-bottom-color: #14598a!important;">Security
</h2>
<div class="container al-py-md" style="padding: 48px 0 0 0!important;">
<div class="container-security" style="display: flex; justify-content: space-between;">
<div class="container-measure" style="display: flex; width: 32%;">
<img loading="lazy" class="al-index-community-icon img" src="/images/errata-iconA.svg" style="height: 32px; width: 32px;">
<div class="al-index-community-content-wrap" style="padding-left: 22px">
<h4 class="fw-bold mb-0 pb-2">Errata</h4>
<p>
{{ i18n "AlmaLinux OS Foundation publishes Errata to help users to determine what updates such as security issues and fixed bugs are available and their importance based on analysis." }}
</p>
</div>
</div>
<div class="container-measure" style="display: flex; width: 32%;">
<img loading="lazy" class="al-index-community-icon img" src="/images/open_vul_assessment_icon_B.svg" style="height: 32px; width: 32px;">
<div class="al-index-community-content-wrap" style="padding-left: 22px">
<h4 class="fw-bold mb-0 pb-2">OpenSCAP and OVAL</h4>
<p>
{{ i18n "AlmaLinux OS provides SCAP and SCAP Workbench packages to audit your AlmaLinux system for security compliance alongside OVAL streams." }}"
</p>
</div>
</div>
<div class="container-measure" style="display: flex; width: 32%;">
<img loading="lazy" class="al-index-community-icon img" src="/images/sbom_iconF.svg" style="height: 32px; width: 32px;">
<div class="al-index-community-content-wrap" style="padding-left: 22px">
<h4 class="fw-bold mb-0 pb-2">Software Bill of Materials</h4>
<p>
{{ i18n "AlmaLinux OS has implemented SBOM into AlmaLinux Build System to make the build process more secure and possible to trace." }}
</p>
</div>
</div>
</div>
<br><p>
{{ i18n "AlmaLinux OS provides a set of security features: Errata, GPG keys, Mailing Lists, OpenSCAP, OVAL, SBOM" }}- <a href="/security">{{ i18n "read more" }}</a>.
</p>
</div>
</div>
</div>
<!-- BACKERS -->

1
layouts/partials/common/footer.html
View File

@ -19,6 +19,7 @@
<li><a href="https://status.almalinux.org/">{{ i18n "Status Page" }}</a></li>
<li><a href="https://openqa.almalinux.org/">{{ i18n "openQA" }}</a></li>
<li><a href="https://build.almalinux.org/">{{ i18n "Build System" }}</a></li>
<li><a href="{{ "/security" | relLangURL }}">{{ i18n "Security" }}</a></li>
</ul>
</div>
<div class="col-6 col-md">

5
layouts/partials/common/nav.html
View File

@ -74,6 +74,11 @@
{{ i18n "Build System" }}
</a>
</li>
<li>
<a class="dropdown-item" href="{{ "/security" | relLangURL }}" style="color:aliceblue">
{{ i18n "Security" }}
</a>
</li>
</ul>
</li>
<li class="nav-item">

175
layouts/security/single.html
View File

@ -0,0 +1,175 @@
{{ define "main" }}
<style>
@media (max-width: 1200px){
.items__01 {
word-wrap: break-word;
display:flex;
flex-direction: column;
}
.itemAl_02 {
padding-left: 0px!important;
}
.AL {
word-wrap: break-word;
display:flex;
flex-direction: column;
}
}
</style>
<div class="al-body-container">
<section class="al-page-index">
<div id="downloads" class="al-index-community-container">
<div class="container al-py-lg">
<h1 class="pb-2 text-center">{{ i18n "Security Measures" }}</h1>
<div class="Errata-container" style="display: flex; flex-direction: column; padding: 40px 20px;">
<h2 class="pb-2 text-center border-bottom" style="border-bottom-color: #14598a!important;">Errata</h2>
<div class="al-article-content pb-3 al-wysiwyg" style="padding: 0px!important;">
<section>
<p>
{{ i18n "AlmaLinux OS Foundation provides errata to inform users about available updates, including security issues and bug fixes, and their significance through analysis. Users can easily access this information by accessing our AlmaLinux security advisory portal, known as " }}<a href="https://errata.almalinux.org/" style="color: #f1f8ff;">{{ i18n "AlmaLinux Errata" }}</a>. {{ i18n "More details on Errata and how to use it can be found on the " }}<a href="https://wiki.almalinux.org/documentation/errata.html" style="color: #f1f8ff;">{{ i18n "AlmaLinux Errata Wiki page" }}</a>. <br> {{ i18n "Additionally, AlmaLinux OS is present in the " }}<a href="https://github.com/AlmaLinux/osv-database" style="color: #f1f8ff;">{{ i18n "OSV database" }}</a>.<br><br>
{{ i18n "Errata in JSON format for 3rd party software integration:" }}
</p>
<div class="AL" style="display: flex;">
<div class="itemAl_01" style="width: 300px;">
<b><a href="https://errata.almalinux.org/9/errata.full.json">{{ i18n "errata.full.json for AlmaLinux OS 9" }}</a></b>
</div>
<div class="itemAl_02">
<b><a href="https://errata.almalinux.org/8/errata.full.json">{{ i18n "errata.full.json for AlmaLinux OS 8" }}</a></b>
</div>
</div>
</section>
</div>
</div>
<div class="GPGKeys-container" style="display: flex; flex-direction: column; padding: 40px 20px;">
<h2 class="pb-2 text-center border-bottom" style="border-bottom-color: #14598a!important;">GPG Keys</h2>
<div class="al-article-content pb-3 al-wysiwyg" style="padding: 0px!important;">
<section>
<p>
{{ i18n "AlmaLinux OS Foundation signs all of its software packages using a GPG signature key, which is verified by default when installing packages via dnf or graphical update tools. If a package is not signed or has an invalid signature, dnf or graphical update tools will warn the user.s will refuse to install it." }}<br>
{{ i18n "It’s recommended to verify the signature of a package before you install it." }}
</p>
<div class="AL" style="display: flex; justify-content: space-between;">
<div class="itemAl_01" style="width: 588px;">
<h3>AlmaLinux OS 9</h3>
<b>rsa4096/D36CB86CB86B3716 (2022-01-18):</b><br>
AlmaLinux OS 9 &lt;packager@almalinux.org&gt; <br>
<b>{{ i18n "Location:" }}</b> /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9<br>
<b>{{ i18n "Download:" }}</b> <a href="https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-9">AlmaLinux</a><br>
<b>{{ i18n "Download:" }}</b> <a href="https://pgp.mit.edu/pks/lookup?op=index&search=0xD36CB86CB86B3716">pgp.mit.edu</a><br>
<div class="container-locks" style="display: flex; justify-content: flex-start; align-items: center; margin-top: 15px;">
<img class="Photo__Lock" style="width: 40px; height: 40px;" src="/images/alma-fingerprint-A.svg" />
<div style="display: flex; flex-direction: column;">
<input class="put-text_copy" id="text_copy" style="margin-left: 10px; font-family: monospace; font-size: 14px; width: 539px; padding: 0; background: none; border: none; color: #fff; outline: none;" type="text" value="BF18 AC28 7617 8908 D6E7 1267 D36C B86C B86B 3716" readonly>
</div>
</div>
</div>
<div class="itemAl_02" style="padding-left: 20px; width: 608px; display: flex; flex-direction: column;">
<h3>AlmaLinux OS 8</h3>
<span><b>rsa4096/488FCF7C3ABB34F8 (2021-01-12):</b></span>
<span>AlmaLinux &lt;packager@almalinux.org&gt;</span>
<span><b>{{ i18n "Location:" }}</b> /etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux</span>
<span><b>{{ i18n "Download:" }}</b> <a href="https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux">AlmaLinux</a></span>
<span><b>{{ i18n "Download:" }}</b> <a href="https://pgp.mit.edu/pks/lookup?op=index&search=0x488FCF7C3ABB34F8">pgp.mit.edu</a></span>
<div class="container-locks" style="display: flex; justify-content: flex-start; align-items: center; margin-top: 15px;">
<img class="Photo__Lock" style="width: 40px; height: 40px;" src="/images/alma-fingerprint-A.svg" />
<div style="display: flex; flex-direction: column;">
<input class="put-text_copy" id="text_copy" style="margin-left: 10px; font-family: monospace; font-size: 14px; width: 539px; padding: 0; background: none; border: none; color: #fff; outline: none;" type="text" value="5E9B 8F56 17B5 066C E920 57C3 488F CF7C 3ABB 34F8" readonly>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
<div class="SecurityMailingList-container" style="display: flex; flex-direction: column; padding: 40px 20px;">
<h2 class="pb-2 text-center border-bottom" style="border-bottom-color: #14598a!important;">Security Mailing List</h2>
<div class="al-article-content pb-3 al-wysiwyg" style="padding: 0px!important;">
<section>
<p>
{{ i18n "To receive security updates and errata, users can sign up for the " }}<a href="https://lists.almalinux.org/mailman3/lists/" style="color: #f1f8ff;">{{ i18n "AlmaLinux Security Mailing List" }}</a>. {{ i18n "Subscribing to the list will allow users to stay informed and updated on any security fixes as soon as they are available." }}
</p>
</section>
</div>
</div>
<div class="OpenSCAPandSCAPWorkbench-container" style="display: flex; flex-direction: column; padding: 40px 20px;">
<h2 class="pb-2 text-center border-bottom" style="border-bottom-color: #14598a!important;">OpenSCAP and SCAP Workbench</h2>
<div class="al-article-content pb-3 al-wysiwyg" style="padding: 0px!important;">
<section>
<p>
{{ i18n "The Security Content Automation Protocol (SCAP) automates vulnerability management, measurement, and policy compliance evaluation of systems. AlmaLinux OS offers an OpenSCAP Guide that instructs on how to use the OpenSCAP and SCAP Workbench to audit your AlmaLinux system security compliance." }}<br>
</p>
<div class="AL" style="display: flex;">
<div class="itemAl_01" style="width: 300px;">
<b><a href="https://wiki.almalinux.org/documentation/openscap-guide-for-9.html">{{ i18n "OpenSCAP Guide for AlmaLinux OS 9" }}</a></b>
</div>
<div class="itemAl_02">
<b><a href="https://wiki.almalinux.org/documentation/openscap-guide.html">{{ i18n "OpenSCAP Guide for AlmaLinux OS 8" }}</a></b>
</div>
</div>
<p>
{{ i18n "AlmaLinux OS also has the availability of the CIS Benchmark." }}
</p>
</section>
</div>
</div>
<div class="OVAL-container" style="display: flex; flex-direction: column; padding: 40px 20px;">
<h2 class="pb-2 text-center border-bottom" style="border-bottom-color: #14598a!important;">OVAL</h2>
<div class="al-article-content pb-3 al-wysiwyg" style="padding: 0px!important;">
<section>
<p>
{{ i18n "The Open Vulnerability and Assessment Language (OVAL), offers publicly accessible security information. This includes AlmaLinux OS 8 and 9, which have available public OVAL streams." }}
</p>
<div class="AL" style="display: flex;">
<div class="itemAl_01" style="width: 300px;">
<b><a href="https://security.almalinux.org/oval/org.almalinux.alsa-9.xml.">AlmaLinux OS 9</a></b>
</div>
<div class="itemAl_02">
<b><a href="https://security.almalinux.org/oval/org.almalinux.alsa-8.xml">AlmaLinux OS 8</a></b>
</div>
</div>
<p>
{{ i18n "You can find more about OVAL Streams on the " }}<a href="https://wiki.almalinux.org/documentation/oval-streams.html" style="color: #f1f8ff;">{{ i18n "AlmaLinux OVAL Wiki Page" }}</a>.
</p>
</section>
</div>
</div>
<div class="SBOM-container" style="display: flex; flex-direction: column; padding: 40px 20px;">
<h2 class="pb-2 text-center border-bottom" style="border-bottom-color: #14598a!important;">SBOM</h2>
<div class="al-article-content pb-3 al-wysiwyg" style="padding: 0px!important;">
<section>
<p>
{{ i18n "The Software Bill of Materials (SBOM) provides a comprehensive list of third-party and open-source components in a codebase, including version numbers, licensing information, and potential vulnerabilities." }}
{{ i18n "AlmaLinux Build System has implemented SBOM into its pipeline for security purposes, such as tracing the build process, making it more secure, and reducing the risk of data corruption. " }}<a href="/sbom" style="color: #f1f8ff;">{{ i18n "Read more" }}</a> {{ i18n "about SBOM and CAS integration with AlmaLinux." }}<br>
{{ i18n "AlmaLinux OS also provides " }}<a href="https://wiki.almalinux.org/documentation/sbom-guide.html" style="color: #f1f8ff;">{{ i18n "AlmaLinux SBOM User Guide" }}</a>
</p>
</section>
</div>
</div>
</div>
</div>
</section>
</div>
<script>
const btns = document.querySelectorAll('.tab-button');
btns.forEach(item => item.addEventListener('click', event => {
btns.forEach(element => element.classList.remove('active'));
item.classList.add('active');
}));
document.querySelector('[class="tab-button"]').classList.add('active');
</script>
<script>
document.getElementById("btn_copy").onclick = function() {
var text = document.getElementById("text_copy")
text.select();
document.execCommand("copy");
alert("Text copied: " + text.value);
}
</script>
{{ end }}

1949
static/images/alma-fingerprint-A.svg
View File

File diff suppressed because it is too large
Side by Side

After

Width:  |  Height:  |  Size: 145 KiB

39
static/images/errata-iconA.svg
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 102 KiB

38
static/images/open_vul_assessment_icon_B.svg
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 167 KiB

24
static/images/sbom_iconF.svg
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 86 KiB

Write Preview
Loading…
Cancel
Save