Jan Černý
77b5330e9f
Update OpenSCAP for RHEL 9.1
...
- Fix potential invalid scan results in OpenSCAP (rhbz#2109485)
- Remove oscap-remediate service (rhbz#2111358)
Resolves: rhbz#2109485
Resolves: rhbz#2111358
2022-07-27 12:59:07 +02:00
Jan Černý
09534972e5
Prevent file permissions errors
...
The sysctl setting fs.protected_regular doesn't allow O_CREAT open
on regular files that we don't own in world writable sticky directories
(think /tmp). This causes permission denied error when writing HTML
report to a temporary files created by the mktemp command executed as
a normal user and then executing sudo oscap.
If OpenSCAP fails to open the file because of permissions, it will retry
to open the file without O_CREAT flag.
Resolves: rhbz#2048571
2022-02-07 09:16:56 +01:00
Jan Černý
543039ae7b
Fix coverity & test
...
- Fix coverity issues
- Prevent fails of test_ds_misc.sh
Resolves: rhbz#2041782
2022-02-02 08:50:21 +01:00
Jan Černý
f07ad354e3
Rebase to the latest upstream version
...
openscap-1.3.6
Resolves: rhbz#2041782
2022-01-21 09:00:41 +01:00
Jan Černý
471bdb6705
Print warning for local files
...
Resolves: rhbz#2015518
2021-11-19 13:47:46 +01:00
Jan Černý
40f1e840f2
Lower memory limits and improve their checking
...
Resolves: rhbz#2022362
2021-11-11 14:31:24 +01:00
Jan Černý
1cc6bf10ba
Add an alternative source of hostname
...
Resolves: rhbz#2021509
2021-11-09 14:50:05 +01:00
Jan Černý
57cd5b3b4c
Allow using local files instead of remote resources
...
Resolves: rhbz#2015518
2021-11-09 11:07:55 +01:00
Jan Černý
5ad69e624b
Add support for Blueprint remediations
...
Resolves: rhbz#2020052
2021-11-04 09:08:21 +01:00
Jan Černý
522d98f271
Initialize crypto API only once
...
Resolves: rhbz#2020044
2021-11-04 08:35:15 +01:00
Evgeny Kolesnikov
2e3c457351
Fix process58 probe errors when scanning minimalist filesystem in offline mode
...
Resolves: rhbz#2019054
2021-11-02 09:35:29 +01:00
Matej Tyc
058a36bb6d
Fix bad handling of HTTP error code
...
Resolves: rhbz#2002733
2021-11-01 11:30:59 +01:00
Jan Černý
2e6b0b2576
Revert Epoch removal
...
We can't remove Epoch, because the new build (without Epoch) was recognized
as older build and it could not be added to the erratum and it could
not be upgraded to the new build.
Resolves: RHBZ#1997829
2021-08-27 15:59:53 +02:00
Evgeny Kolesnikov
31a6dd97cb
Update spec file
...
Get rid of epoch
Add libyaml dependency
Add make build dependency
Resolves: RHBZ#1997829
2021-08-25 23:10:36 +02:00
Mohan Boddu
3eabeb8264
Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
...
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-08-09 22:43:43 +00:00
Jan Černý
286e29fdb1
Remove SHA-1 and MD5, fix coverity issues
...
Resolves: rhbz#1936619
Resolves: rhbz#1938830
2021-07-22 09:19:54 +02:00
Jan Černý
71d8346d4a
Fix failing tests
...
- fix test tests/API/XCCDF/unittests/test_profile_selection_by_suffix.sh
from upstream test suite (runs as a part of smoke test)
- oval/yamlfilecontent: Add 'null' values handling
Resolves: RHBZ#1952789
2021-06-30 11:21:12 +02:00
Jan Černý
96f558718c
Fix test fails
...
- Do not set RPATH on built binaries
- Fix UBI9 scan (rhbz#1953610)
- Fix failing rpminspect xml test
Resolves: RHBZ#1952789
2021-06-28 15:05:21 +02:00
Jan Černý
83f314aa21
Remove containers subpackage
...
It removes the oscap-docker completely because it depends on Docker
which has been superseded in RHEL by Podman. This aligns packaging with
RHEL 8, where we also don't have oscap-docker and oscap-podman is
shipped in openscap-utils subpackage.
The patch also moves the man page of oscap-chroot to the same subpackage
where oscap-chroot is shipped.
Resolves: RHBZ#1952789
2021-05-20 15:55:05 +02:00
Jan Černý
4df8036f41
Rebase to the latest upstream release 1.3.5
...
Resolves: RHBZ#1952789
2021-05-19 12:15:20 +00:00
Matus Marhefka
fefe485980
gating.yaml: update for RHEL9
2021-05-13 11:48:11 +02:00
Mohan Boddu
30e450cc20
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
...
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-04-16 02:41:57 +00:00
DistroBaker
62c6ce2232
Merged update from upstream sources
...
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/openscap.git#733bd2da70696622461654690e5b1fbddc67359c
2021-04-04 23:25:15 +00:00
DistroBaker
87fd13d73e
Merged update from upstream sources
...
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/openscap.git#efa27b23b221c1ab82d2cc134844b94e85ce3455
2021-02-03 01:41:58 +00:00
DistroBaker
1353b06138
Merged update from upstream sources
...
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/openscap.git#733bd2da70696622461654690e5b1fbddc67359c
2020-12-18 12:56:28 +00:00
DistroBaker
baa91c8f26
Merged update from upstream sources
...
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.
Source: https://src.fedoraproject.org/rpms/openscap.git#f0faee859d27637e70a3e0111e35febd9fb772dd
2020-11-30 20:38:03 +00:00
Petr Šabata
bed54b8945
RHEL 9.0.0 Alpha bootstrap
...
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/openscap#ba6a3ab7a4de65153eb09e250ceb253fb1a21dfe
2020-10-15 22:24:07 +02:00
Release Configuration Management
a15e604109
New branch setup
2020-10-08 18:56:00 +00:00