1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Security Updates Detail

Symantec Control Compliance Suite - Security Content Update

April 30, 2019

Description

Security Content Updates (SCU) for Control Compliance Suite (CCS) 12.x delivers periodic security content updates for raw data collection for the supported operating systems and applications.


What’s new in SCU 2019-1?

Following are the highlights of the SCU 2019-1:


New features

The SCU 2019-1 includes the following new features:


  • CIS Docker v1.12 support
  • Platform Support for Oracle 18c
  • Platform Support for Windows 19
  • Platform Support for SQL Server 17
  • Support for installed product information on Linux platform
  • Support for agent based data collection for Oracle on 64 bit linux platform
  • TLS 1.2 support for SQL Data collection for Windows Server 2008 and 2008 R2

For more information about these features, see Security Content Update 2019-1 Release Notes for CCS 12.x.


New technical standards

The SCU 2019-1 contains the following new technical standards:


  • CIS Benchmark for Ubuntu 18.04 LTS v1.0.0, Level 1
  • CIS Benchmark for Ubuntu 18.04 LTS v1.0.0, Level 2
  • CIS Benchmark for Docker 1.12.0, v1.0.0 Level 1
  • CIS Benchmark for Docker 1.12.0, v1.0.0 Level 2
  • CIS Benchmark for Red Hat Enterprise Linux 7 v2.2.0
  • CIS Benchmark for Distribution Independent Linux, v1.1.0
  • Security Essentials for Microsoft Windows Server 2019
  • Security Essentials for Microsoft SQL Server 2017
  • Security Essentials for Oracle Database Server 18c

New regulatory framework

  • General Data Protection Law (Brazil) – (LGPD)

The Customer acknowledges and agrees that this questionnaire is provided for general information and internal record keeping purposes only. Neither the questionnaire nor the dashboards and the reports generated on its basis constitute legal advice or opinion of any kind, or any advertising or solicitation, and should not be treated as such. No lawyer-client, advisory, fiduciary or other relationship is created between Symantec and the Customer by virtue of this questionnaire.


This questionnaire is comprised of a series of questions based on an arbitrary and discretionary subset of the general provisions and requirements of Brazilian Law No. 13.709 of 14 August 2018 Which Provides for the Protection of Personal Data and Amends the Federal Law No. 12.965 of 23 April 2014 ('LGPD'). This questionnaire is in no event meant to provide a complete, accurate or adequate review of the LGPD and the Customer is solely responsible to determine the relevance and adequacy of each question to the Customer’s activities, operations and requirements and to the LGPD. The sole purpose of this questionnaire is to record the Customer’s statement as to whether the Customer is able to document its self-determined answer to each question.


Consequently the Customer acknowledges and agrees that:


- the questionnaire does not intend to comprehensively cover all requirements of the LGPD;


- the inclusion of any question in the questionnaire does in no way imply that the question is relevant or applicable to the Customer, as only the Customer can make such determination;


- the absence of any reference to a particular provision or requirement of the LGPD from the questionnaire does in no way imply that the particular provision or requirement is not relevant or applicable to the Customer, as only the Customer can make such determination; and


- the dashboards and reports generated on the basis of the questionnaire only provide a record of the Customer’s self-determined answers to each question and do in no way constitute any reliable indication or statement of legal conformity, compliance or adequacy under the provisions and requirements of the LGDP or of any other legislative or regulatory instrument.


Symantec makes no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability or suitability with respect to the purpose, content and/or results of the questionnaire. Any reliance the Customer may place on the questionnaire and the results generated is therefore strictly at the Customer’s own discretion and risk.


In no event shall Symantec be liable for any damages, losses or causes of action of any nature arising from the provision or use of the questionnaire tool (including the dashboards and reports generated and their interpretation) by the Customer.


  • The California Consumer Privacy Act of 2018 (CCPA)

The Customer acknowledges and agrees that this questionnaire is provided for general information and internal record keeping purposes only. Neither the questionnaire nor the dashboards and the reports generated on its basis constitute legal advice or opinion of any kind, or any advertising or solicitation, and should not be treated as such. No lawyer-client, advisory, fiduciary or other relationship is created between Symantec and the Customer by virtue of this questionnaire.


This questionnaire is comprised of a series of questions based on an arbitrary and discretionary subset of the general provisions and requirements of Californian Senate Bill No. 1121 California Consumer Privacy Act of 2018 (‘CCPA’) in its publicly available form at the time of drafting. This questionnaire is in no event meant to provide a complete, accurate or adequate review of the CCPA and the Customer is solely responsible to determine the relevance and adequacy of each question to the Customer’s activities, operations and requirements and to the CCPA. The sole purpose of this questionnaire is to record the Customer’s statement as to whether the Customer is able to document its self-determined answer to each question.


Consequently the Customer acknowledges and agrees that:


- the questionnaire does not intend to comprehensively cover all requirements of the CCPA;


- the inclusion of any question in the questionnaire does in no way imply that the question is relevant or applicable to the Customer, as only the Customer can make such determination;


- the absence of any reference to a particular provision or requirement of the CCPA from the questionnaire does in no way imply that the particular provision or requirement is not relevant or applicable to the Customer, as only the Customer can make such determination; and


- the dashboards and reports generated on the basis of the questionnaire only provide a record of the Customer’s self-determined answers to each question and do in no way constitute any reliable indication or statement of legal conformity, compliance or adequacy under the provisions and requirements of the CCPA or of any other legislative or regulatory instrument.


Symantec makes no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability or suitability with respect to the purpose, content and/or results of the questionnaire. Any reliance the Customer may place on the questionnaire and the results generated is therefore strictly at the Customer’s own discretion and risk.


In no event shall Symantec be liable for any damages, losses or causes of action of any nature arising from the provision or use of the questionnaire tool (including the dashboards and reports generated and their interpretation) by the Customer.


For more information about the new features and enhancements that are released in, and the customer issues that are fixed in this SCU, see Security Content Update 2019-1 Release Notes for CCS 12.x.


SCU_2019-1_Release_Notes.pdf



Download SCU 2019-1 : CCS_12_x_2019-1_SCU_Win.exe


SHA-1 : 056e98bae3bc34c4f78cf06e3c6598a785aaabf2


In the LiveUpdate workspace, the current SCU version is visible in the following format:


CCS_12_x_2019-1_SCU_Win



Agent Downloads

For agent-based raw data content updates, download and install the respective CCS.tpk files listed in the following table:


Windows:


Platform


Applicable OS or Application


Applicable CCS Version


SHA-1 Signature


Windows


  • Windows Server 2008 (SP1, SP2)
  • Windows Server 2008 R2 (SP1)
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows 8.x
  • Windows 10
  • Windows Server 2016
  • Windows Server 2019
  • Windows Server 2008 (Core Installation)
  • Windows Server 2008 R2 (Core Installation)
  • Windows Server 2012 (Core Installation)
  • Windows Server 2012 R2 (Core Installation)
  • Windows Server 2016 (Core Installation)

· Windows Server 2012 (Minimal Server Interface)


Windows Server 2012 R2 (Minimal Server Interface)


12.x


af11c2043df29e198ad72aa00b96821a7210e833



UNIX:



Download for


Applicable OS or Application


Applicable CCS Version


SHA-1 Signature


Linux- intel


  • RHEL 5.x
  • RHEL 6.x
  • RHEL 7.x

· SUSE Linux ES 10 SP1, SP2, SP3, 11.0, OES (SP2)


  • CentOS 7.x
  • Oracle Linux 7.x
  • Ubuntu 12.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 18.04 LTS

12.x


ebaed3cff110e5cee687692fa728c6097a95a324


Linux- ppc64


  • RHEL 5.x
  • RHEL 6.x
  • SUSE Linux 10 SP3
  • SUSE Linux 11

12.x


8f8e16568ee173817b0a3e52c970982e2261f2d4


Linux-x64


  • RHEL 6.x
  • RHEL 7.x
  • CentOS 7.x
  • Oracle Linux 7.x
  • Ubuntu 12.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 18.04 LTS

12.x


90d497eb24a5be16f86dae881b53c05948694ae8


SOLARIS-sparc


· Solaris 10 (Global Zone, Local Zone, ZFS, LDOM Support)


  • Solaris 11

12.x


592d75f6e9f12eb665999457c2ec081c0c95251b


Note: From SCU 2019-1, the data collection support for AIX-PPC is only agentless.


Oracle


Download for


Applicable OS or Application


Applicable CCS Version


SHA-1 Signature


Linux- intel


  • RHEL 5.x
  • RHEL 6.x
  • RHEL 7.x

12.x


92ac531d33095d674ec0621b7359a71c585f62d1


Linux-x64


  • RHEL 5.x
  • RHEL 6.x
  • RHEL 7.x

12.x


bf3dd0e757689f9b5e444fbe1f7a05b3b6d65e48


SOLARIS –intel


  • Solaris 10
  • Solaris 11

12.x


3ef9166a61199b1f13bba1f000d9b0a31316dba5



MS SQL :


Download for


Applicable OS or Application


Applicable CCS Version


SHA-1 Signature


MSSQL


  • SQL 2008
  • SQL 2008 R2
  • SQL 2012
  • SQL 2014
  • SQL 2016
  • SQL 2017

12.x


6569d970b568c67248641405e63b7d69b5f74c58



Last modified on: April 30, 2019
Security Response Blog
The State of Spam