From 291cbe267b92a0b10ace8e8110545bcd010a6660d5dd67c879ebd8480be4cd15 Mon Sep 17 00:00:00 2001
From: "Marc S. Weidner" <msw@coresecret.dev>
Date: Mon, 2 Jun 2025 17:01:11 +0200
Subject: [PATCH] V8.03.256.2025.06.02

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
---
 README.md            | 12 ++++++------
 docs/AUDIT_DNSSEC.md |  2 +-
 docs/AUDIT_SSH.md    |  2 +-
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index a14eecf..f8df654 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ include_toc: true
 This shell wrapper automates the creation of a Debian Bookworm live ISO hardened according to the latest best practices in server
 and service security. It integrates into your build pipeline to deliver an isolated, robust environment suitable for
 cloud deployment or unattended installations via the forthcoming `CISS.debian.installer`. The latest generic ISO is available at:
-[CISS.debian.live.ISO_PUBLIC](/docs/DL_PUB_ISO.md)
+[CISS.debian.live.ISO_PUBLIC](https://git.coresecret.dev/msw/CISS.debian.live.builder/src/branch/master/docs/DL_PUB_ISO.md)
 
 Check out more:
 * [CenturionNet Services](https://coresecret.eu/cnet/) 
@@ -54,7 +54,7 @@ Please note that `coresecret.dev` is included in the [(HSTS Preload List)](https
 add_header Expect-CT                 "max-age=86400, enforce"                       always;
 add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
 ````
-Additionally, the entire zone is dual-signed with DNSSEC. See the current DNSSEC status at [DNSSEC Audit Report](/docs/AUDIT_DNSSEC.md)
+Additionally, the entire zone is dual-signed with DNSSEC. See the current DNSSEC status at [DNSSEC Audit Report](https://git.coresecret.dev/msw/CISS.debian.live.builder/src/branch/master/docs/AUDIT_DNSSEC.md)
 
 ## 1.2. Immutable Source-of-Truth System
 
@@ -83,15 +83,15 @@ source-defined infrastructure logic.<br>
 After build and configuration, the following audit reports can be generated:
 
 * **Haveged Audit Report**: Validates entropy daemon health and confirms '/dev/random' seeding performance.
-  Type `chkhvg` at the prompt. See example report: [Haveged Audit Report](/docs/AUDIT_HAVEGED.md)
+  Type `chkhvg` at the prompt. See example report: [Haveged Audit Report](https://git.coresecret.dev/msw/CISS.debian.live.builder/src/branch/master/docs/AUDIT_HAVEGED.md)
 * **Lynis Audit Report**: Outputs a detailed security score and recommendations, confirming a 91%+ hardening baseline.
-  Type `lsadt` at the prompt. See example report: [Lynis Audit Report](/docs/AUDIT_LYNIS.md)
+  Type `lsadt` at the prompt. See example report: [Lynis Audit Report](https://git.coresecret.dev/msw/CISS.debian.live.builder/src/branch/master/docs/AUDIT_LYNIS.md)
 * **SSH Audit Report**: Verifies SSH daemon configuration against the latest best-practice cipher, KEX, and MAC recommendations.
-  Type `ssh-audit <IP>:<PORT>`. See example report: [SSH Audit Report](/docs/AUDIT_SSH.md)
+  Type `ssh-audit <IP>:<PORT>`. See example report: [SSH Audit Report](https://git.coresecret.dev/msw/CISS.debian.live.builder/src/branch/master/docs/AUDIT_SSH.md)
 
 ## 1.2. Preview
 
-![CISS.debian.live.builder](/docs/screenshots/CISS.debian.live.builder_preview.jpeg)
+![CISS.debian.live.builder](https://git.coresecret.dev/msw/CISS.debian.live.builder/src/branch/master/docs/screenshots/CISS.debian.live.builder_preview.jpeg)
 
 ## 1.3. Caution. Significant information for those considering using D-I.
 
diff --git a/docs/AUDIT_DNSSEC.md b/docs/AUDIT_DNSSEC.md
index dddd40e..0ca012f 100644
--- a/docs/AUDIT_DNSSEC.md
+++ b/docs/AUDIT_DNSSEC.md
@@ -14,7 +14,7 @@ include_toc: true
 
 This is an auto-generated overview of the DNSSEC status of `coresecret.dev` at the time of the last human-initiated push event.
 
-![DNSSEC Status](SECURITY/coresecret.dev.png)
+![DNSSEC Status](https://git.coresecret.dev/msw/CISS.debian.live.builder/src/branch/master/docs/SECURITY/coresecret.dev.png)
 
 ---
 **[no tracking | no logging | no advertising | no profiling | no bullshit](https://coresecret.eu/)**
diff --git a/docs/AUDIT_SSH.md b/docs/AUDIT_SSH.md
index a8e0960..d9fca0a 100644
--- a/docs/AUDIT_SSH.md
+++ b/docs/AUDIT_SSH.md
@@ -12,7 +12,7 @@ include_toc: true
 
 # 2. SSH Audit by ssh-audit.com
 
-![CISS.2025.debian.live.builder](/docs/screenshots/CISS.debian.live.builder_ssh_audit.png)
+![CISS.2025.debian.live.builder](https://git.coresecret.dev/msw/CISS.debian.live.builder/src/branch/master/docs/screenshots/CISS.debian.live.builder_ssh_audit.png)
 
 # 3. SSH Audit by https://github.com/jtesta/ssh-audit