# 8.3



* User story #26168: Add OAuth2 JWT Bearer token with client_credentials flow for Rudder API authentication
* Bug #26195: Maven shade plugin update and ignore signatures
* Bug #26199: Janino dependency was not provided to plugins causing plugin load issue
* Bug #26291:  Add OAuth2 Opaque Accesss Bearer token with client_credentials flow for Rudder API authentication
* Bug #26313: Change path to webapp logfile in plugins documentation
* Bug #26316: Fix clear text token chimney implicits and default pivot attribute
* Bug #26341: Impact of ApiAccount API changes on plugin
* Architecture #26349: Impact of plugins datastructures splitting in plugins
* Architecture #26356: Impact of plugins datastructures splitting in plugins-private
* Bug #26360: Add a new requires_license field in the metadata in rudder-plugins-private
* Bug #26361:  Add a new requires_license field in the metadata in rudder-plugins
* Bug #26457: Impact of #26335 to ApiAuthorization - again
* Bug #26460: Impact of Scala 3 - 26459 - public plugins
* Bug #26461: Impact of Scala 3 - 26459 - private plugins
* Bug #26474: Rename the field requires_license to requires-license
* Bug #26475: Rename the requires_license field to requires-license in rudder-plugins-private
* Bug #26477: Add missing licenses
* Bug #26511: Branding plugin display is broken
* Bug #26534: Patch and security benchmark menu order
* Bug #26542: error at upgrade to 8.3
* Bug #26583: Navbar menu is broken
* Bug #26594: Impact of #26538 on api-authorization
* Bug #26597: Relay « Cannot propagate shared files »
* Bug #26608: CurrentUser.queryContext is null when used in a ZIO for (public plugins)
* Bug #26609: CurrentUser.queryContext is null when used in a ZIO for (private plugin)
* Bug #26631: Navigation in administration menu is broken
* Bug #26647: Change validation links are all broken
* Bug #26671: Confusing warning header on the plugin webpage
* User story #26713: Documentation for OIDC opaque/JWT bearer tokens 
* Bug #26794: We cannot scroll to the bottom change validation tab
* Bug #26804: There are no constraint on parameter in CIS RHEL9 benchmark
* Bug #26805: RHEL9 - Missing parameters in many sections
* Bug #26851: RHEL 9 - Missing parameters on Sections 1.3 & 5.1
* Bug #26868: RHEL 9 - Missing parameters on Sections 5.2 & 6.3.2
* Bug #26877: RHEL 9 - Missing controls of section_init.k
* Enhancement #26882: Security Benchmarks - RHEL 9 Section 5.4
* Bug #26885: Security Benchmarks - RHEL 9 Section 7 fixes
* Bug #26913: Security Benchmarks - RHEL 9 : Fixes on multiple control points
* Bug #26928: Invalid check for ClientAliveInterval (5.1.9) in RHEL 9 security benchmark
* Enhancement #26929: Manual items report a generic message and should include the item number
* Bug #26967: Typo item number 6.2.1.4
* Bug #26968: Missing section 6.2.3.4 for RHEL9
* Bug #26969: Missing section 6.1.3 on RHEL9
* Bug #26977: grep command in section 6.2.3.7 is not working
* Bug #26978: Add item number in the component name of each CIS method call in security benchmark
* Bug #26984: Replace file_check_exists method by package_present in audit mode
* Bug #26986: We should check if Postfix MTA is installed before checking his config file on RHEL9 section 2.1.21
* Bug #26987: We should check that Firewalld package is present in section 4.2 RHEL9
* Bug #26988:  We should check that nftables package is present in section 4.3 RHEL9
* Bug #27022: We should check all sudoers files in section 5.2 on RHEL9
* Bug #27024: Refactor the KCL code to separate the security-benchmark and technique implementation
* Bug #27030: Add the intermediate genrated YAML to the repository
* Bug #27054: Resolve warning compilation messages in CIS ubuntu 20.04
* Bug #27062: Add intermediate sections to the Ubuntu 20 CIS benchmark
* Bug #27075: Rename Ubuntu20 CIS main sections
* Bug #27078: Rename RHEL8 CIS main sections
* Architecture #27089: Chimney error in plugins-common-private
* Enhancement #27115: Add a cache for OIDC validation request
* Bug #27214: RHEL 8 - Section 4.1 - Configure job scheduler
* Bug #27215: RHEL 8 - Section 4.2 - Configure SSH
* Bug #27216: RHEL 8 - Section 4.3 - Configure privilege escalation
* Bug #27219: RHEL 8 - Section 4.4 - Configure Authentication Module
* Bug #27220: RHEL 8 - Section 4.5 - User account & environment
* Bug #27221: RHEL 8 - Section 5.1 - configure Logging
* Bug #27222: RHEL 8 - Section 5.2 - Configure system accounting
* Bug #27223: RHEL 8 - Section 5.3 - Configure Integrity check
* Bug #27224: RHEL 8 - Section 6.1 Filesystem permission
* Bug #27225: RHEL 8 - Section 6.2 - Local group & group settings
* Bug #27284: Duplicated UUID between technique section 4.1.1.6 and 4.1.1.7
* Bug #27285: Missing section 4 in main cis_rhel8
* Bug #27291: metadata.json generated is incomplete
* Bug #27321: Plugin doesn't show anything
* Bug #27323: Plugin complains about lack of license
* Bug #27338: Error in Section 1.8.10 of RHEL8
* Bug #27339: RHEL 8 - Section 4.1 : missing section & fixes
* Bug #27340: RHEL 8 - Section 4.2 : missing const.dollar & fixes
* Bug #27341: RHEL 8 - Section 4.3 : missing bash for executing script
* Bug #27342: RHEL 8 - Section 2.2 : inversion of key / value & fixes
* Bug #27343: RHEL 8 - Section 3.1 : errors on control point
* Bug #27344: Error in Section 1.5.1.4 of RHEL8
* Bug #27345: RHEL 8 - Section 3.4 : error on control point
* Bug #27348: RHEL 8 - Section 3.2 : implemented but level 2 in benchmark
* Bug #27350: Script 6_2_4_UIDs_consistency.sh, 6_2_5_GIDs_consistency.sh, 6_2_6_username_consistency.sh, 6_2_7_groupname_consistency.sh exit 0 even when it should node
* Bug #27355: multiple missing bash for calling ressources script
* Bug #27357: CIS RHEL 8 Section 1.1.1.1 compliant code is reversed
* Bug #27375: Backport improvement made on RHEL8 to RHEL9 and new benchmarks when created
* Bug #27376: Create documentation on how the benchmark are created/built/tested
* Bug #27396: RHEL 8 - 1.5.1.3 - add constraint on parameter
* Bug #27398: Document how to add entries in a benchmark
* Bug #27405: CIS - Debian 11 - Implement Section 1
* Bug #27406: CIS - Debian 11 - Implement Section 2
* Bug #27407: CIS - Debian 11 - Implement Section 3
* Bug #27408: CIS - Debian 11 - Implement Section 4
* Bug #27409: CIS - Debian 11 - Implement Section 5
* Bug #27410: CIS - Debian 11 - Implement Section 6
* Bug #27411: CIS - Debian 11 - Implement Section 7
* Bug #27414: Create structure for Debian 12 benchmark
* Bug #27415: CIS - Debian 12 - Adapt Section 1
* Bug #27416: CIS - Debian 12 - Adapt Section 2
* Bug #27417: CIS - Debian 12 - Implement Section 3
* Bug #27418: CIS - Debian 12 - Adapt Section 4
* Bug #27419: CIS - Debian 12 - Adapt Section 5
* Bug #27420: CIS - Debian 12 - Adapt Section 6
* Bug #27421: CIS - Debian 12 - Implement Section 7
* Enhancement #27455: Benchmark CIS Debian 11 section 1.2 to 4
* Bug #27462: CIS Debian 11 Section 7 : Missing id
* Bug #27464: Remove grep -PHsi option from false positive typo detection
* Bug #27466: CIS Debian 11 - Section 2 : Fixes
* Bug #27470: Replace deprecated method file_check_exists by file_present
* Bug #27478: CIS Debian 11 : Fix broken description and documentation on sections
* Bug #27479: CIS Debian 11 - Section 1.5 : Missing check for package
* User story #27482: Benchmark CIS Debian 12 v1.1.0
* Bug #27483: CIS : Fix titles, description and documentation on RHEL 9
* Bug #27484: CIS : Fixes on RHEL 8
* Bug #27485: CIS RHEL 9 : Fix tree on Sections
* Bug #27487: CIS : Fix titles, description and documentation on Debian 11
* Bug #27492: CIS RHEL 8 : fixes on control points
* Bug #27493: CIS RHEL 9 : missing tree on control points v2
* Bug #27494: CIS RHEL 9 : Checks to do before certification submission
* Bug #27497: CIS : Document guideline for benchmark in the readme
* Bug #27499: CIS Debian 11 : “5.4.2.2 - Ensure root is the only GID 0 account” audit results incorrect
* Bug #27500: CIS Debian 11 : “5.4.1.4 Ensure strong password hashing algorithm is configured” audit results incorrect
* Bug #27501: CIS Debian 11 : “5.4.1.6 Ensure all users last password change date is in the past” audit results incorrect
* Bug #27502: CIS Debian 11 : “5.4.2.3 Ensure group root is the only GID 0 group” audit results incorrect
* Bug #27505: RHEL 9 - selinux check missing
* Bug #27506: RHEL 9 - 1.5.3 and 1.5.4 - check is not done in specific section
* Bug #27507: RHEL 9 - Section 1.8.10 reports an error even if gdm is not there
* Bug #27508: RHEL 9 - Section 3.1.2 - wrong path for resources_dir
* Bug #27509: RHEL 9 - Section 4.3.3 and 4.3.4 are compliant even if nftable is not present
* Bug #27510: RHEL 9 - 5.4.1.6 - test command is invalid
* Bug #27511: RHEL 9 - 5.4.2.2, 5.4.2.3, 5.4.2.7, 5.4.2.8  - test command is invalid
* Bug #27512: RHEL 9 - Section 6.2.2.2 checks only /etc/systemd/journald.conf
* Bug #27513: RHEL 9 - Section 6.2.4.1, 7.1.11 and 7.1.12 , 7.2.8 and 7.2.9 are not implemented, but we don't document why
* Bug #27516: CIS Debian 11 : “5.4.1.4 Ensure strong password hashing algorithm is configured” Parameter list value selector incorrect
* Bug #27583: There are some "null" in the bench descriptions