|
|
|
@ -1,32 +1,16 @@
|
|
|
|
Name: openscap
|
|
|
|
Name: openscap
|
|
|
|
Version: 1.4.0
|
|
|
|
Version: 1.3.10
|
|
|
|
Release: 2%{?dist}.alma.1
|
|
|
|
Release: 2%{?dist}
|
|
|
|
Epoch: 1
|
|
|
|
|
|
|
|
Summary: Set of open source libraries enabling integration of the SCAP line of standards
|
|
|
|
Summary: Set of open source libraries enabling integration of the SCAP line of standards
|
|
|
|
License: LGPL-2.1-or-later
|
|
|
|
Group: System Environment/Libraries
|
|
|
|
|
|
|
|
License: LGPLv2+
|
|
|
|
URL: http://www.open-scap.org/
|
|
|
|
URL: http://www.open-scap.org/
|
|
|
|
VCS: https://github.com/OpenSCAP/openscap
|
|
|
|
|
|
|
|
Source0: https://github.com/OpenSCAP/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz
|
|
|
|
Source0: https://github.com/OpenSCAP/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz
|
|
|
|
Patch1: openscap-1.4.1-PR2154-filehash58.patch
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%global common_description %{expand:
|
|
|
|
|
|
|
|
OpenSCAP is a set of open source libraries providing an easier path
|
|
|
|
|
|
|
|
for integration of the SCAP line of standards. SCAP is a line of standards
|
|
|
|
|
|
|
|
managed by NIST with the goal of providing a standard language
|
|
|
|
|
|
|
|
for the expression of Computer Network Defense related information.}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BuildRequires: systemd-rpm-macros
|
|
|
|
|
|
|
|
BuildRequires: make
|
|
|
|
|
|
|
|
BuildRequires: cmake >= 2.6
|
|
|
|
BuildRequires: cmake >= 2.6
|
|
|
|
BuildRequires: cmake-rpm-macros
|
|
|
|
BuildRequires: swig libxml2-devel libxslt-devel perl-generators perl-XML-Parser
|
|
|
|
BuildRequires: gcc
|
|
|
|
|
|
|
|
BuildRequires: gcc-c++
|
|
|
|
|
|
|
|
BuildRequires: swig
|
|
|
|
|
|
|
|
BuildRequires: libxml2-devel
|
|
|
|
|
|
|
|
BuildRequires: libxslt-devel
|
|
|
|
|
|
|
|
BuildRequires: rpm-devel
|
|
|
|
BuildRequires: rpm-devel
|
|
|
|
BuildRequires: nss-devel
|
|
|
|
BuildRequires: libgcrypt-devel
|
|
|
|
BuildRequires: pcre2-devel
|
|
|
|
BuildRequires: pcre-devel
|
|
|
|
BuildRequires: libacl-devel
|
|
|
|
BuildRequires: libacl-devel
|
|
|
|
BuildRequires: libselinux-devel
|
|
|
|
BuildRequires: libselinux-devel
|
|
|
|
BuildRequires: libcap-devel
|
|
|
|
BuildRequires: libcap-devel
|
|
|
|
@ -34,17 +18,20 @@ BuildRequires: libblkid-devel
|
|
|
|
BuildRequires: bzip2-devel
|
|
|
|
BuildRequires: bzip2-devel
|
|
|
|
BuildRequires: asciidoc
|
|
|
|
BuildRequires: asciidoc
|
|
|
|
BuildRequires: openldap-devel
|
|
|
|
BuildRequires: openldap-devel
|
|
|
|
|
|
|
|
BuildRequires: GConf2-devel
|
|
|
|
BuildRequires: glib2-devel
|
|
|
|
BuildRequires: glib2-devel
|
|
|
|
BuildRequires: dbus-devel
|
|
|
|
BuildRequires: dbus-devel
|
|
|
|
BuildRequires: libyaml-devel
|
|
|
|
BuildRequires: libyaml-devel
|
|
|
|
BuildRequires: xmlsec1-devel
|
|
|
|
BuildRequires: xmlsec1-devel xmlsec1-openssl-devel
|
|
|
|
BuildRequires: xmlsec1-openssl-devel
|
|
|
|
%if %{?_with_check:1}%{!?_with_check:0}
|
|
|
|
BuildRequires: procps-devel
|
|
|
|
BuildRequires: perl-XML-XPath
|
|
|
|
BuildRequires: python3-devel
|
|
|
|
BuildRequires: bzip2
|
|
|
|
|
|
|
|
%endif
|
|
|
|
Requires: bash
|
|
|
|
Requires: bash
|
|
|
|
Requires: bzip2-libs
|
|
|
|
Requires: bzip2-libs
|
|
|
|
Requires: dbus
|
|
|
|
Requires: dbus
|
|
|
|
|
|
|
|
Requires: libyaml
|
|
|
|
|
|
|
|
Requires: GConf2
|
|
|
|
Requires: glib2
|
|
|
|
Requires: glib2
|
|
|
|
Requires: libacl
|
|
|
|
Requires: libacl
|
|
|
|
Requires: libblkid
|
|
|
|
Requires: libblkid
|
|
|
|
@ -52,75 +39,130 @@ Requires: libcap
|
|
|
|
Requires: libselinux
|
|
|
|
Requires: libselinux
|
|
|
|
Requires: openldap
|
|
|
|
Requires: openldap
|
|
|
|
Requires: popt
|
|
|
|
Requires: popt
|
|
|
|
|
|
|
|
# RHEL8 has procps-ng, which provides procps
|
|
|
|
Requires: procps
|
|
|
|
Requires: procps
|
|
|
|
Requires: xmlsec1
|
|
|
|
Requires: xmlsec1 xmlsec1-openssl
|
|
|
|
Requires: xmlsec1-openssl
|
|
|
|
Requires(post): /sbin/ldconfig
|
|
|
|
|
|
|
|
Requires(postun): /sbin/ldconfig
|
|
|
|
|
|
|
|
Obsoletes: python2-openscap
|
|
|
|
|
|
|
|
Obsoletes: openscap-content-sectool
|
|
|
|
|
|
|
|
Obsoletes: openscap-extra-probes
|
|
|
|
|
|
|
|
Obsoletes: openscap-extra-probes-sql
|
|
|
|
|
|
|
|
|
|
|
|
# AlmaLinux patches
|
|
|
|
%description
|
|
|
|
Patch1000: 0001-Add-AlmaLinux-to-CPE-dictionary.patch
|
|
|
|
OpenSCAP is a set of open source libraries providing an easier path
|
|
|
|
|
|
|
|
for integration of the SCAP line of standards. SCAP is a line of standards
|
|
|
|
|
|
|
|
managed by NIST with the goal of providing a standard language
|
|
|
|
|
|
|
|
for the expression of Computer Network Defense related information.
|
|
|
|
|
|
|
|
|
|
|
|
%description %{common_description}
|
|
|
|
%package devel
|
|
|
|
|
|
|
|
Summary: Development files for %{name}
|
|
|
|
|
|
|
|
Group: Development/Libraries
|
|
|
|
|
|
|
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: libxml2-devel
|
|
|
|
|
|
|
|
Requires: pkgconfig
|
|
|
|
|
|
|
|
BuildRequires: doxygen
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
|
|
|
|
The %{name}-devel package contains libraries and header files for
|
|
|
|
|
|
|
|
developing applications that use %{name}.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package python3
|
|
|
|
|
|
|
|
Summary: Python 3 bindings for %{name}
|
|
|
|
|
|
|
|
Group: Development/Libraries
|
|
|
|
|
|
|
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
|
|
|
|
|
|
BuildRequires: python3-devel
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description python3
|
|
|
|
|
|
|
|
The %{name}-python3 package contains the bindings so that %{name}
|
|
|
|
|
|
|
|
libraries can be used by python3.
|
|
|
|
|
|
|
|
|
|
|
|
%package scanner
|
|
|
|
%package scanner
|
|
|
|
Summary: OpenSCAP Scanner Tool (oscap)
|
|
|
|
Summary: OpenSCAP Scanner Tool (oscap)
|
|
|
|
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
|
|
|
Group: Applications/System
|
|
|
|
|
|
|
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
|
|
Requires: libcurl >= 7.12.0
|
|
|
|
Requires: libcurl >= 7.12.0
|
|
|
|
BuildRequires: libcurl-devel >= 7.12.0
|
|
|
|
BuildRequires: libcurl-devel >= 7.12.0
|
|
|
|
|
|
|
|
Obsoletes: openscap-selinux
|
|
|
|
|
|
|
|
Obsoletes: openscap-selinux-compat
|
|
|
|
|
|
|
|
|
|
|
|
%description scanner
|
|
|
|
%description scanner
|
|
|
|
The %{name}-scanner package contains oscap command-line tool. The oscap
|
|
|
|
The %{name}-scanner package contains oscap command-line tool. The oscap
|
|
|
|
is configuration and vulnerability scanner, capable of performing
|
|
|
|
is configuration and vulnerability scanner, capable of performing
|
|
|
|
compliance checking using SCAP content.
|
|
|
|
compliance checking using SCAP content.
|
|
|
|
%{common_description}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package utils
|
|
|
|
%package utils
|
|
|
|
Summary: OpenSCAP Utilities
|
|
|
|
Summary: OpenSCAP Utilities
|
|
|
|
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
|
|
|
Group: Applications/System
|
|
|
|
|
|
|
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
|
|
Requires: rpmdevtools rpm-build
|
|
|
|
Requires: rpmdevtools rpm-build
|
|
|
|
Requires: %{name}-scanner%{?_isa} = %{epoch}:%{version}-%{release}
|
|
|
|
Requires: %{name}-scanner%{?_isa} = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: bash
|
|
|
|
|
|
|
|
|
|
|
|
%description utils
|
|
|
|
%description utils
|
|
|
|
The %{name}-utils package contains command-line tools build on top
|
|
|
|
The %{name}-utils package contains command-line tools build on top
|
|
|
|
of OpenSCAP library. Historically, openscap-utils included oscap
|
|
|
|
of OpenSCAP library. Historically, openscap-utils included oscap
|
|
|
|
tool which is now separated to %{name}-scanner sub-package.
|
|
|
|
tool which is now separated to %{name}-scanner sub-package.
|
|
|
|
%{common_description}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%package engine-sce
|
|
|
|
%package engine-sce
|
|
|
|
Summary: Script Check Engine plug-in for OpenSCAP
|
|
|
|
Summary: Script Check Engine plug-in for OpenSCAP
|
|
|
|
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
|
|
|
|
Group: Applications/System
|
|
|
|
|
|
|
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
|
|
|
|
|
|
|
|
|
|
%description engine-sce
|
|
|
|
%description engine-sce
|
|
|
|
The Script Check Engine is non-standard extension to SCAP protocol. This
|
|
|
|
The Script Check Engine is non-standard extension to SCAP protocol. This
|
|
|
|
engine allows content authors to avoid OVAL language and write their assessment
|
|
|
|
engine allows content authors to avoid OVAL language and write their assessment
|
|
|
|
commands using a scripting language (Bash, Perl, Python, Ruby, ...).
|
|
|
|
commands using a scripting language (Bash, Perl, Python, Ruby, ...).
|
|
|
|
%{common_description}
|
|
|
|
|
|
|
|
|
|
|
|
%package engine-sce-devel
|
|
|
|
|
|
|
|
Summary: Development files for %{name}-engine-sce
|
|
|
|
|
|
|
|
Group: Development/Libraries
|
|
|
|
|
|
|
|
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: %{name}-engine-sce%{?_isa} = %{version}-%{release}
|
|
|
|
|
|
|
|
Requires: pkgconfig
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%description engine-sce-devel
|
|
|
|
|
|
|
|
The %{name}-engine-sce-devel package contains libraries and header files
|
|
|
|
|
|
|
|
for developing applications that use %{name}-engine-sce.
|
|
|
|
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%prep
|
|
|
|
%autosetup -p1
|
|
|
|
%autosetup -p1
|
|
|
|
|
|
|
|
mkdir build
|
|
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
%build
|
|
|
|
%cmake \
|
|
|
|
cd build
|
|
|
|
-DWITH_CRYPTO=nss \
|
|
|
|
%cmake -DENABLE_PERL=OFF \
|
|
|
|
-DENABLE_DOCS=ON \
|
|
|
|
-DENABLE_DOCS=ON \
|
|
|
|
-DENABLE_PERL=OFF \
|
|
|
|
-DENABLE_OSCAP_UTIL_DOCKER=OFF \
|
|
|
|
-DENABLE_PYTHON3=OFF \
|
|
|
|
-DENABLE_OSCAP_UTIL_CHROOT=ON \
|
|
|
|
-DENABLE_OSCAP_UTIL_DOCKER=OFF \
|
|
|
|
-DENABLE_OSCAP_UTIL_PODMAN=ON \
|
|
|
|
-DENABLE_OSCAP_REMEDIATE_SERVICE=OFF \
|
|
|
|
-DENABLE_OSCAP_UTIL_VM=ON \
|
|
|
|
-DOPENSCAP_PROBE_LINUX_DPKGINFO=OFF \
|
|
|
|
-DENABLE_OSCAP_REMEDIATE_SERVICE=OFF \
|
|
|
|
-DOPENSCAP_ENABLE_SHA1=OFF \
|
|
|
|
-DOPENSCAP_PROBE_LINUX_DPKGINFO=OFF \
|
|
|
|
-DOPENSCAP_ENABLE_MD5=OFF
|
|
|
|
..
|
|
|
|
%cmake_build
|
|
|
|
make %{?_smp_mflags}
|
|
|
|
make docs
|
|
|
|
make docs
|
|
|
|
|
|
|
|
|
|
|
|
%install
|
|
|
|
%check
|
|
|
|
%cmake_install
|
|
|
|
%if %{?_with_check:1}%{!?_with_check:0}
|
|
|
|
|
|
|
|
ctest -V %{?_smp_mflags}
|
|
|
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
|
|
find %{buildroot} -name '*.la' -exec rm -f {} ';'
|
|
|
|
%install
|
|
|
|
|
|
|
|
cd build
|
|
|
|
|
|
|
|
%make_install
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
|
|
|
|
|
|
|
|
|
|
|
|
# fix python shebangs
|
|
|
|
# fix python shebangs
|
|
|
|
%{__python3} %{_rpmconfigdir}/redhat/pathfix.py -i %{__python3} -p -n %{buildroot}%{_bindir}/scap-as-rpm
|
|
|
|
pathfix.py -i %{__python3} -p -n $RPM_BUILD_ROOT%{_bindir}/scap-as-rpm
|
|
|
|
|
|
|
|
|
|
|
|
%ldconfig_scriptlets
|
|
|
|
%clean
|
|
|
|
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%post -p /sbin/ldconfig
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%postun -p /sbin/ldconfig
|
|
|
|
|
|
|
|
|
|
|
|
%files
|
|
|
|
%files
|
|
|
|
%doc AUTHORS NEWS README.md
|
|
|
|
%doc AUTHORS NEWS README.md
|
|
|
|
@ -134,279 +176,279 @@ find %{buildroot} -name '*.la' -exec rm -f {} ';'
|
|
|
|
%{_datadir}/openscap/schemas/*
|
|
|
|
%{_datadir}/openscap/schemas/*
|
|
|
|
%{_datadir}/openscap/xsl/*
|
|
|
|
%{_datadir}/openscap/xsl/*
|
|
|
|
%{_datadir}/openscap/cpe/*
|
|
|
|
%{_datadir}/openscap/cpe/*
|
|
|
|
%exclude %{_libdir}/libopenscap.so
|
|
|
|
|
|
|
|
%exclude %{_libdir}/pkgconfig/*.pc
|
|
|
|
|
|
|
|
%exclude %{_includedir}/openscap
|
|
|
|
|
|
|
|
%exclude %{_pkgdocdir}/html/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files engine-sce
|
|
|
|
%files python3
|
|
|
|
%{_libdir}/libopenscap_sce.so.*
|
|
|
|
%{python3_sitearch}/*
|
|
|
|
%exclude %{_libdir}/libopenscap_sce.so
|
|
|
|
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
|
|
|
|
%doc %{_pkgdocdir}/html/
|
|
|
|
|
|
|
|
%{_libdir}/libopenscap.so
|
|
|
|
|
|
|
|
%{_libdir}/pkgconfig/*.pc
|
|
|
|
|
|
|
|
%{_includedir}/openscap
|
|
|
|
|
|
|
|
%exclude %{_includedir}/openscap/sce_engine_api.h
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files engine-sce-devel
|
|
|
|
|
|
|
|
%{_libdir}/libopenscap_sce.so
|
|
|
|
|
|
|
|
%{_includedir}/openscap/sce_engine_api.h
|
|
|
|
|
|
|
|
|
|
|
|
%files scanner
|
|
|
|
%files scanner
|
|
|
|
%{_mandir}/man8/oscap.8*
|
|
|
|
%{_mandir}/man8/oscap.8.gz
|
|
|
|
%{_bindir}/oscap
|
|
|
|
%{_bindir}/oscap
|
|
|
|
%{_mandir}/man8/oscap-chroot.8*
|
|
|
|
%{_mandir}/man8/oscap-chroot.8.gz
|
|
|
|
%{_bindir}/oscap-chroot
|
|
|
|
%{_bindir}/oscap-chroot
|
|
|
|
%{_sysconfdir}/bash_completion.d
|
|
|
|
%{_sysconfdir}/bash_completion.d
|
|
|
|
|
|
|
|
|
|
|
|
%files utils
|
|
|
|
%files utils
|
|
|
|
%doc docs/oscap-scan.cron
|
|
|
|
%doc docs/oscap-scan.cron
|
|
|
|
%{_mandir}/man8/*
|
|
|
|
%{_mandir}/man8/oscap-ssh.8.gz
|
|
|
|
%exclude %{_mandir}/man8/oscap.8*
|
|
|
|
%{_bindir}/oscap-ssh
|
|
|
|
%exclude %{_mandir}/man8/oscap-chroot.8*
|
|
|
|
%{_mandir}/man8/oscap-podman.8.gz
|
|
|
|
%{_bindir}/*
|
|
|
|
%{_bindir}/oscap-podman
|
|
|
|
%exclude %{_bindir}/oscap
|
|
|
|
%{_mandir}/man8/oscap-vm.8.gz
|
|
|
|
%exclude %{_bindir}/oscap-chroot
|
|
|
|
%{_bindir}/oscap-vm
|
|
|
|
|
|
|
|
%{_mandir}/man8/scap-as-rpm.8.gz
|
|
|
|
|
|
|
|
%{_bindir}/scap-as-rpm
|
|
|
|
|
|
|
|
%{_mandir}/man8/autotailor.8.gz
|
|
|
|
|
|
|
|
%{_bindir}/autotailor
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
%files engine-sce
|
|
|
|
|
|
|
|
%{_libdir}/libopenscap_sce.so.*
|
|
|
|
|
|
|
|
%{_bindir}/oscap-run-sce-script
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
%changelog
|
|
|
|
* Tue Sep 03 2024 Eduard Abdullin <eabdullin@almalinux.org> - 1:1.4.0-2.alma.1
|
|
|
|
* Mon Apr 08 2024 Jan Černý <jcerny@redhat.com> - 1.3.10-2
|
|
|
|
- Add AlmaLinux definitions
|
|
|
|
- Explicitely disable dpkginfo probe
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Aug 20 2024 Jan Černý <jcerny@redhat.com> - 1:1.4.0-2
|
|
|
|
* Tue Apr 02 2024 Jan Černý <jcerny@redhat.com> - 1.3.10-1
|
|
|
|
- Fix filehash58 probe on s390x architecture
|
|
|
|
- Rebase to the latest upstream version (RHEL-31221)
|
|
|
|
|
|
|
|
- Add ability to define a limit of collected items (RHEL-11925)
|
|
|
|
|
|
|
|
- Add option --references that can select rules based on their reference (RHEL-1479)
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Aug 01 2024 Jan Černý <jcerny@redhat.com> - 1:1.4.0-1
|
|
|
|
* Fri Jul 14 2023 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.8-1
|
|
|
|
- Update to the latest upstream release (RHEL-53981)
|
|
|
|
- Upgrade to the latest upstream release (rhbz#2217441)
|
|
|
|
- Remove openscap-devel, openscap-engine-sce-devel and openscap-python3 subpackages
|
|
|
|
- Add offline support for sysctl probe (rhbz#2185791)
|
|
|
|
|
|
|
|
- Fix systemd* probes unit enumeration (rhbz#2219533)
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1:1.3.10-3
|
|
|
|
* Fri Jan 27 2023 Jan Černý <jcerny@redhat.com> - 1.3.7-1
|
|
|
|
- Bump release for June 2024 mass rebuild
|
|
|
|
- Upgrade to the latest upstream release (rhbz#2159290)
|
|
|
|
|
|
|
|
- Fix error when processing OVAL filters (rhbz#2126882)
|
|
|
|
|
|
|
|
- Don't emit xmlfilecontent items if XPath doesn't match (rhbz#2139060)
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jun 06 2024 Jan Černý <jcerny@redhat.com> - 1:1.3.10-2
|
|
|
|
* Thu Jul 21 2022 Jan Černý <jcerny@redhat.com> - 1.3.6-4
|
|
|
|
- Update gating tests
|
|
|
|
- Fix potential invalid scan results in OpenSCAP (rhbz#2111040)
|
|
|
|
|
|
|
|
- Remove oscap-remediate service (rhbz#2111360)
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Apr 02 2024 Jan Černý <jcerny@redhat.com> - 1:1.3.10-1
|
|
|
|
* Wed Feb 02 2022 Jan Černý <jcerny@redhat.com> - 1.3.6-3
|
|
|
|
- Rebase to the latest upstream version
|
|
|
|
- Prevent fails of test_ds_misc.sh
|
|
|
|
- Use NSS as cryptography library (RHEL-22013)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Sun Jan 21 2024 Michal Ambroz <rebus _AT seznam.cz> - 1:1.3.9-7
|
|
|
|
* Mon Jan 31 2022 Jan Černý <jcerny@redhat.com> - 1.3.6-2
|
|
|
|
- add conditionals to be able to rebuild with opendbx/apt even on EPEL+RHEL
|
|
|
|
|
|
|
|
- cosmetics: rename patches, add comments, use buildroot macro instead of env
|
|
|
|
|
|
|
|
- add explicit build requirement to python3-setuptools, needed for 3.13+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.9-6
|
|
|
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jan 04 2024 Yaakov Selkowitz <yselkowi@redhat.com> - 1:1.3.9-5
|
|
|
|
|
|
|
|
- Enable opendbx for SQL probes only in Fedora
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jan 03 2024 Florian Weimer <fweimer@redhat.com> - 1:1.3.9-4
|
|
|
|
|
|
|
|
- Fix C compatibility issues
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Dec 20 2023 Jan Černý <jcerny@redhat.com> - 1:1.3.9-3
|
|
|
|
|
|
|
|
- Fix test test_sysctl_probe_all.sh
|
|
|
|
|
|
|
|
- Clean up the repository
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Nov 23 2023 Michal Ambroz <rebus _AT seznam.cz> - 1:1.3.9-2
|
|
|
|
|
|
|
|
- adding conditional for apt-devel apt-libs as proposed upstream
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Nov 23 2023 Michal Ambroz <rebus _AT seznam.cz> - 1:1.3.9-1
|
|
|
|
|
|
|
|
- bump to 1.3.9
|
|
|
|
|
|
|
|
- provide perl binding
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Sep 05 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 1:1.3.8-6
|
|
|
|
|
|
|
|
- Use pcre2 (#2128342)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.8-5
|
|
|
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jun 27 2023 Python Maint <python-maint@redhat.com> - 1:1.3.8-4
|
|
|
|
|
|
|
|
- Rebuilt for Python 3.12
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jun 27 2023 Evgeny Kolesnikov <ekolesni@redhat.com> - 1:1.3.8-3
|
|
|
|
|
|
|
|
- Rebuilt because of xmlsec1 downgrade
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jun 26 2023 Python Maint <python-maint@redhat.com> - 1:1.3.8-2
|
|
|
|
|
|
|
|
- Rebuilt for Python 3.12
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jun 20 2023 Evgeny Kolesnikov <ekolesni@redhat.com> - 1:1.3.8-1
|
|
|
|
|
|
|
|
- Upgrade to the latest upstream release
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jun 15 2023 Python Maint <python-maint@redhat.com> - 1:1.3.7-4
|
|
|
|
|
|
|
|
- Rebuilt for Python 3.12
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri May 19 2023 Petr Pisar <ppisar@redhat.com> - 1:1.3.7-3
|
|
|
|
|
|
|
|
- Rebuild against rpm-4.19 (https://fedoraproject.org/wiki/Changes/RPM-4.19)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Feb 01 2023 Tom Stellard <tstellar@redhat.com> - 1:1.3.7-2
|
|
|
|
|
|
|
|
- Fix implicit function definition warning
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jan 26 2023 Jan Černý <jcerny@redhat.com> - 1:1.3.7-1
|
|
|
|
|
|
|
|
- Upgrade to the latest upstream release
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.6-12
|
|
|
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Oct 17 2022 Jan Černý <jcerny@redhat.com> - 1:1.3.6-11
|
|
|
|
|
|
|
|
- Add systemd-rpm-macros to BuildRequires (rhbz#2126078)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.6-10
|
|
|
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 1:1.3.6-9
|
|
|
|
|
|
|
|
- Rebuilt for Python 3.11
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Jun 03 2022 Jan Černý <jcerny@redhat.com> - 1:1.3.6-8
|
|
|
|
|
|
|
|
- Rebuild due to changes in tests
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue May 31 2022 Jan Černý <jcerny@redhat.com> - 1:1.3.6-7
|
|
|
|
|
|
|
|
- Rebuild due to changes in tests
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue May 31 2022 Jan Černý <jcerny@redhat.com> - 1:1.3.6-6
|
|
|
|
|
|
|
|
- Update tests due to relocation of RPM database
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon May 30 2022 Jan Černý <jcerny@redhat.com> - 1:1.3.6-5
|
|
|
|
|
|
|
|
- Use correct includes (rhbz#2080210)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Feb 4 2022 Evgenii Kolesnikov <ekolesni@redhat.com> - 1:1.3.6-4
|
|
|
|
|
|
|
|
- Prevent file permissions errors
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Feb 1 2022 Evgenii Kolesnikov <ekolesni@redhat.com> - 1:1.3.6-3
|
|
|
|
|
|
|
|
- Prevent fails of test_ds_misc.sh (bis)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jan 31 2022 Evgenii Kolesnikov <ekolesni@redhat.com> - 1:1.3.6-2
|
|
|
|
|
|
|
|
- Fix coverity issues
|
|
|
|
- Fix coverity issues
|
|
|
|
- Prevent fails of test_ds_misc.sh
|
|
|
|
- Prevent fails of test_ds_misc.sh
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jan 20 2022 Evgenii Kolesnikov <ekolesni@redhat.com> - 1:1.3.6-1
|
|
|
|
* Thu Jan 20 2022 Jan Černý <jcerny@redhat.com> - 1.3.6-1
|
|
|
|
- Update to the latest upstream release
|
|
|
|
- Upgrade to the latest upstream release (rhbz#2041781)
|
|
|
|
|
|
|
|
- Select and exclude groups of rules on the command line
|
|
|
|
|
|
|
|
- The boot-time remediation service for systemd's Offline Update mode
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.5-7
|
|
|
|
* Fri Nov 19 2021 Jan Černý <jcerny@redhat.com> - 1.3.5-10
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
|
|
|
- Print warning for local files
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.5-6
|
|
|
|
* Wed Nov 10 2021 Jan Černý <jcerny@redhat.com> - 1.3.5-9
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
|
|
|
- Lower memory limits and improve their checking (rhbz#2021851)
|
|
|
|
|
|
|
|
- Remove timestamp from the user manual (rhbz#2022364)
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Jun 25 2021 Jan Černý <jcerny@redhat.com> - 1:1.3.5-5
|
|
|
|
* Tue Nov 09 2021 Jan Černý <jcerny@redhat.com> - 1.3.5-8
|
|
|
|
- Do not set RPATH (rhbz#1967200)
|
|
|
|
- Allow local DS components (rhbz#1970529)
|
|
|
|
|
|
|
|
- Fix hostname detection in offline scan of UBI 9 images (rhbz#1893888)
|
|
|
|
|
|
|
|
- Add an alternative source of hostname (rhbz#1977668)
|
|
|
|
|
|
|
|
- Fix oscap-chroot errors in process58_probe caused by empty /proc (rhbz#2008922)
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jun 16 2021 Stephen Gallagher <sgallagh@redhat.com> - 1:1.3.5-4
|
|
|
|
* Thu Nov 04 2021 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.5-7
|
|
|
|
- Skip RPATH check temporarily
|
|
|
|
- Introduce support for Image Builder's Blueprint remediation type (rhbz#2020050)
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 1:1.3.5-3
|
|
|
|
* Wed Jul 28 2021 Jan Černý <jcerny@redhat.com> - 1.3.5-6
|
|
|
|
- Rebuilt for Python 3.10
|
|
|
|
- Initialize crypto API only once (rhbz#1959570)
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Apr 26 2021 Jan Černý <jcerny@redhat.com> - 1:1.3.5-2
|
|
|
|
* Wed Jul 14 2021 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.5-5
|
|
|
|
- Waive the known issue with hugepages on ppc64/ppc64le
|
|
|
|
- Add 'null' values handling to the yamlfilecontent probe (RHBZ#1981691)
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Apr 23 2021 Jan Černý <jcerny@redhat.com> - 1:1.3.5-1
|
|
|
|
* Tue Jun 01 2021 Jan Černý <jcerny@redhat.com> - 1.3.5-4
|
|
|
|
- Update to the latest upstream release
|
|
|
|
- Replace getlogin by cuserid
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.4-4
|
|
|
|
* Mon May 10 2021 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.5-3
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
|
|
- Waive known issue with hugepages in upstream testsuite (RHBZ#1912000)
|
|
|
|
|
|
|
|
- Fix issues reported by the coverity scan
|
|
|
|
|
|
|
|
- Introduce OSBuild 'blueprint' fix type
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Dec 09 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.4-3
|
|
|
|
* Tue May 04 2021 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.5-2
|
|
|
|
- Remove dependency on GConf2
|
|
|
|
- Fix changelog (add missing 1.3.3-6 entry)
|
|
|
|
- Update cmake command
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Nov 03 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.4-2
|
|
|
|
* Thu Apr 29 2021 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.5-1
|
|
|
|
- Fix problems uncovered by the Coverity Scan
|
|
|
|
- Upgrade to the latest upstream release (RHBZ#1953092)
|
|
|
|
- Fix field names handling in yamlfilecontent probe
|
|
|
|
- Fix segfault when using --stig-viewer option and latest XML file from DoD (RHBZ#1912000)
|
|
|
|
|
|
|
|
- Improve doc about --stig-viewer (RHBZ#1918759)
|
|
|
|
|
|
|
|
- Backport an upstream patch adding CentOS CPE (RHBZ#1907935)
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Oct 07 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1:1.3.4-1
|
|
|
|
* Wed Nov 25 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.4-5
|
|
|
|
- Upgrade to the latest upstream release
|
|
|
|
- Add check for non-local GPFS file system into Test Suite (RHBZ#1840578)
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Aug 27 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.3-6
|
|
|
|
* Fri Nov 13 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.4-4
|
|
|
|
- Disabled the gconf probe, and removed the gconf dependency.
|
|
|
|
- Use MALLOC_CHECK_=3 while executing Test Suite (RHBZ#1891770)
|
|
|
|
gconf is a legacy system not used any more, and it blocks testing of oscap-anaconda-addon
|
|
|
|
|
|
|
|
as gconf is no longer part of the installation medium for Fedora 32
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.3-5
|
|
|
|
* Tue Nov 10 2020 Jan Černý <jcerny@redhat.com> - 1.3.4-3
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
|
|
|
- Fix memory allocation (RHBZ#1891770)
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 1:1.3.3-4
|
|
|
|
* Thu Oct 29 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.3-6
|
|
|
|
- Update spec file to use new cmake macros
|
|
|
|
- Enable profile composition with a specific platform (RHBZ#1896676)
|
|
|
|
- https://fedoraproject.org/wiki/Changes/CMake_to_do_out-of-source_builds
|
|
|
|
- Enable YAML probe to work with sets of values (RHBZ#1895715)
|
|
|
|
|
|
|
|
|
|
|
|
* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 1:1.3.3-3
|
|
|
|
* Mon Oct 26 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.4-2
|
|
|
|
- Rebuilt for Python 3.9
|
|
|
|
- Fix problems uncovered by the Coverity Scan (RHBZ#1887794)
|
|
|
|
|
|
|
|
|
|
|
|
* Mon May 04 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.3-2
|
|
|
|
* Wed Oct 14 2020 Evgenii Kolesnikov <ekolesni@redhat.com> - 1.3.4-1
|
|
|
|
- Add libyaml-devel as a dependency to enable yamlfilecontent probe
|
|
|
|
- Upgrade to the latest upstream release (RHBZ#1887794)
|
|
|
|
|
|
|
|
- Treat GPFS as a remote file system (RHBZ#1840578, RHBZ#1840579)
|
|
|
|
|
|
|
|
- Fixed the most problematic memory issues that were causing OOM situations
|
|
|
|
|
|
|
|
for systems with large amount of files (RHBZ#1824152)
|
|
|
|
|
|
|
|
- Proper handling of OVALs with circular dependencies between definitions (RHBZ#1812476)
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Apr 30 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.3-1
|
|
|
|
* Wed Aug 19 2020 Jan Černý <jcerny@redhat.com> - 1.3.3-5
|
|
|
|
- Upgrade to the latest upstream release
|
|
|
|
- Detect remote file systems correctly (RHBZ#1870087)
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Apr 09 2020 Matěj Týč <matyc@redhat.com> - 1:1.3.2-5
|
|
|
|
* Mon Aug 03 2020 Jan Černý <jcerny@redhat.com> - 1.3.3-4
|
|
|
|
- Made the spec file requirements section copy-paste of the RHEL8 section.
|
|
|
|
- Fix memory leaks in rpmverifyfile probe (RHBZ#1861301)
|
|
|
|
- Cleaned the spec file up from ancient obsoletes.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.2-4
|
|
|
|
* Tue Jul 21 2020 Matěj Týč <matyc@redhat.com> - 1.3.3-3
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
|
|
|
- Added support for fetching remote content with compression (RHBZ#1855708)
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jan 27 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.2-3
|
|
|
|
* Thu Jun 25 2020 Matěj Týč <matyc@redhat.com> - 1.3.3-2
|
|
|
|
- Fix duplicate global variables (RHBZ#1793914)
|
|
|
|
- Prevent unwanted recursion that could crash the scanner (RHBZ#1686370)
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jan 15 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.2-2
|
|
|
|
* Mon May 04 2020 Evgeny Kolesnikov <ekolesni@redhat.com> - 1.3.3-1
|
|
|
|
- Do not use C++ keyword operator as a function parameter name
|
|
|
|
- Upgrade to the latest upstream release (rhbz#1829761)
|
|
|
|
|
|
|
|
- Added a Python script that can be used for CLI tailoring (autotailor)
|
|
|
|
|
|
|
|
- Added timezone to XCCDF TestResult start/end time
|
|
|
|
|
|
|
|
- Added yamlfilecontent independent probe (proposal/draft implementation)
|
|
|
|
|
|
|
|
- Added ability to generate `machineconfig` fix
|
|
|
|
|
|
|
|
- Introduced `urn:xccdf:fix:script:kubernetes` fix type in XCCDF
|
|
|
|
|
|
|
|
- Fixed filepath pattern matching in offline mode in textfilecontent58 probe
|
|
|
|
|
|
|
|
- Fixed #170: The rpmverifyfile probe can't verify files from '/bin' directory
|
|
|
|
|
|
|
|
- Fixed #1512: Severity refinement lost in generated guide
|
|
|
|
|
|
|
|
- Fixed #1453: Pointer lost in Swig API
|
|
|
|
|
|
|
|
- The data system_info probe return for offline and online modes is consistent and actual
|
|
|
|
|
|
|
|
- Evaluation Characteristics of the XCCDF report are now consistent with OVAL entities
|
|
|
|
|
|
|
|
from system_info probe
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jan 14 2020 Jan Černý <jcerny@redhat.com> - 1:1.3.2-1
|
|
|
|
* Fri Mar 27 2020 Jan Černý <jcerny@redhat.com> - 1.3.2-9
|
|
|
|
- Upgrade to the latest upstream release
|
|
|
|
- Generate HTML guides from tailored profiles (RHBZ#1743835)
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 1:1.3.1-4
|
|
|
|
* Wed Mar 18 2020 Jan Černý <jcerny@redhat.com> - 1.3.2-8
|
|
|
|
- Rebuilt for Python 3.8.0rc1 (#1748018)
|
|
|
|
- Fix tests for rpmverifyfileprobe (RHBZ#1814726)
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 1:1.3.1-3
|
|
|
|
* Thu Mar 12 2020 Jan Černý <jcerny@redhat.com> - 1.3.2-7
|
|
|
|
- Rebuilt for Python 3.8
|
|
|
|
- Fix segmentation fault in systemdunitdependency_probe (RHBZ#1793050)
|
|
|
|
|
|
|
|
- Fix crash in textfilecontent probe (RHBZ#1686467)
|
|
|
|
|
|
|
|
- Do not drop empty lines from Ansible remediations (RHBZ#1795563)
|
|
|
|
|
|
|
|
- Fix oscap-ssh --sudo (RHBZ#1803116)
|
|
|
|
|
|
|
|
- Remove useless warnings (RHBZ#1764139)
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.3.1-2
|
|
|
|
* Thu Jan 23 2020 Jan Černý <jcerny@redhat.com> - 1.3.2-6
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
|
|
|
- Fix FindACL.cmake
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jun 13 2019 Jan Černý <jcerny@redhat.com> - 1:1.3.1-1
|
|
|
|
* Tue Jan 21 2020 Matěj Týč <matyc@redhat.com> - 1.3.2-5
|
|
|
|
|
|
|
|
- Added more exhaustive package dependencies.
|
|
|
|
|
|
|
|
- Added the covscan/UX patch.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jan 20 2020 Evgeny Kolesnikov <ekolesni@redhat.com> - 1.3.2-4
|
|
|
|
|
|
|
|
- Added patch: utils/oscap-podman: Detect ambiguous scan target
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jan 20 2020 Evgeny Kolesnikov <ekolesni@redhat.com> - 1.3.2-3
|
|
|
|
|
|
|
|
- Refined requirements
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Sun Jan 19 2020 Evgeny Kolesnikov <ekolesni@redhat.com> - 1.3.2-2
|
|
|
|
|
|
|
|
- Added patch: Fix case where CMake couldn't find libacl or xattr.h
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jan 15 2020 Evgeny Kolesnikov <ekolesni@redhat.com> - 1.3.2-1
|
|
|
|
|
|
|
|
- Upgrade to the latest upstream release (rhbz#1778296)
|
|
|
|
|
|
|
|
- Offline mode support for environmentvariable58 probe (rhbz#1493614)
|
|
|
|
|
|
|
|
- The oscap-docker wrapper is available without Atomic
|
|
|
|
|
|
|
|
- Improved support of multi-check rules (report, remediations, console output) (rhbz#1771438)
|
|
|
|
|
|
|
|
- Improved HTML report look and feel, including printed version (rhbz#1640839)
|
|
|
|
|
|
|
|
- Less clutter in verbose mode output; some warnings and errors demoted to verbose mode levels
|
|
|
|
|
|
|
|
- Probe rpmverifyfile uses and returns canonical paths (rhbz#1776308)
|
|
|
|
|
|
|
|
- Improved a11y of HTML reports and guides (rhbz#1767382)
|
|
|
|
|
|
|
|
- Fixes and improvements for SWIG Python bindings (rhbz#1753603)
|
|
|
|
|
|
|
|
- #1403 fixed: Scanner would not apply remediation for multicheck rules (verbosity)
|
|
|
|
|
|
|
|
- Fixed URL link mechanism for Red Hat Errata
|
|
|
|
|
|
|
|
- New STIG Viewer URI: public.cyber.mil
|
|
|
|
|
|
|
|
- Probe selinuxsecuritycontext would not check if SELinux is enabled
|
|
|
|
|
|
|
|
- Scanner would provide information about unsupported OVAL objects
|
|
|
|
|
|
|
|
- Added more tests for offline mode (probes, remediation) (rhbz#1618489)
|
|
|
|
|
|
|
|
- #528 fixed: Eval SCE script when /tmp is in mode noexec
|
|
|
|
|
|
|
|
- #1173, RHBZ#1603347 fixed: Double chdir/chroot in probe rpmverifypackage (rhbz#1636431)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Dec 18 2019 Vojtech Polasek <vpolasek@redhat.com> - 1.3.1-3
|
|
|
|
|
|
|
|
- put back openscap-chroot, openscap-podman and openscap-vm files
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Nov 01 2019 Vojtech Polasek <vpolasek@redhat.com> - 1.3.1-2
|
|
|
|
|
|
|
|
- Fixed XSLT template making rule details in reports accessible for screenreader users (#1767382)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Jun 14 2019 Evgeny Kolesnikov <ekolesni@redhat.com> - 1.3.1-1
|
|
|
|
|
|
|
|
- Bumped the package release number
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Jun 13 2019 Evgeny Kolesnikov <ekolesni@redhat.com> - 1.3.1-0
|
|
|
|
|
|
|
|
- Upgrade to the latest upstream release (rhbz#1718826)
|
|
|
|
|
|
|
|
- Support for SCAP 1.3 Source Datastreams (evaluating, XML schemas, validation) (rhbz#1709429)
|
|
|
|
|
|
|
|
- Tailoring files are included in ARF result files
|
|
|
|
|
|
|
|
- Remote filesystems mounted using `autofs` direct maps are not recognized as local filesystems (rhbz#1655943)
|
|
|
|
|
|
|
|
- Offline scan utilizing rpmverifyfile probe fails in fchdir and aborts (rhbz#1636431)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jan 16 2019 Gabriel Becker <ggasparb@redhat.com> - 1.3.0-7
|
|
|
|
|
|
|
|
- Removed oscap-vm binary and manpage files from build as they will not be supported by RHEL-8.0.0.
|
|
|
|
|
|
|
|
- Explicitly specify which files should be in openscap-utils subpackage.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jan 14 2019 Gabriel Becker <ggasparb@redhat.com> - 1.3.0-6
|
|
|
|
|
|
|
|
- Removed containers package as RHEL-8.0.0 will not support it.
|
|
|
|
|
|
|
|
- Removed oscap-chroot binary and manpage from utils package as RHEL-8.0.0 will not support it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Oct 15 2018 Jan Černý <jcerny@redhat.com> - 1.3.0-5
|
|
|
|
|
|
|
|
- Fixed unresolved symbols in SCE library
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Oct 12 2018 Matěj Týč <matyc@redhat.com> - 1.3.0-4
|
|
|
|
|
|
|
|
- Fixed a sudo regression in oscap-ssh.
|
|
|
|
|
|
|
|
- Updated test to work with newer versions of procps.
|
|
|
|
|
|
|
|
- Updated the man page.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Oct 09 2018 Matěj Týč <matyc@redhat.com> - 1.3.0-3
|
|
|
|
|
|
|
|
- Fixed memory error in SWIG (RHBZ#1607014)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Oct 09 2018 Jan Černý <jcerny@redhat.com> - 1.3.0-2
|
|
|
|
|
|
|
|
- Drop openscap-perl subpackage (RHBZ#1624396)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Oct 08 2018 Jan Černý <jcerny@redhat.com> - 1.3.0-1
|
|
|
|
|
|
|
|
- upgrade to the latest upstream release
|
|
|
|
|
|
|
|
- list subpackages removed in 1.3.0_alpha1-1 as obsoleted
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Aug 10 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha2-1
|
|
|
|
- upgrade to the latest upstream release
|
|
|
|
- upgrade to the latest upstream release
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jun 10 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:1.3.0-7
|
|
|
|
* Thu Aug 09 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha1-3
|
|
|
|
- Rebuild for RPM 4.15
|
|
|
|
- Add RHEL8 CPE (until RHEL8 public beta downstream patch only)
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Jun 10 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1:1.3.0-6
|
|
|
|
* Fri Jul 27 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha1-2
|
|
|
|
- Rebuild for RPM 4.15
|
|
|
|
- Use AsciiDoc instead of AsciiDoctor (RHBZ#1607541)
|
|
|
|
|
|
|
|
|
|
|
|
* Sat Jun 01 2019 Jitka Plesnikova <jplesnik@redhat.com> - 1:1.3.0-5
|
|
|
|
* Fri Jul 20 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha1-1
|
|
|
|
- Perl 5.30 rebuild
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon May 20 2019 Jan Černý <jcerny@redhat.com> - 1.3.0-4
|
|
|
|
|
|
|
|
- Upgrade the Epoch to align with F30
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.0-3
|
|
|
|
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Oct 19 2018 Matěj Týč <matyc@redhat.com> - 1.3.0-2
|
|
|
|
|
|
|
|
- Removed the openscap-perl package to be on par with RHEL.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Oct 09 2018 Jan Černý <jcerny@redhat.com> - 1.3.0-1
|
|
|
|
|
|
|
|
- upgrade to the latest upstream release
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Sep 10 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha2-2
|
|
|
|
|
|
|
|
- List subpackages removed in 1.3.0_alpha1-1 as obsoleted (RHBZ#1626801)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Mon Aug 13 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha2-1
|
|
|
|
|
|
|
|
- upgrade to the latest upstream release
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jul 25 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha1-2
|
|
|
|
|
|
|
|
- removed python2-openscap subpackage
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Wed Jul 18 2018 Jan Černý <jcerny@redhat.com> - 1.3.0_alpha1-1
|
|
|
|
|
|
|
|
- upgrade to the latest upstream release
|
|
|
|
- upgrade to the latest upstream release
|
|
|
|
- change specfile to use CMake
|
|
|
|
- change specfile to use CMake
|
|
|
|
- dropped commands in the spec file that are no longer relevant
|
|
|
|
- dropped commands in the spec file that are no longer relevant
|
|
|
|
- dropped subpackages in the spec file that are no longer relevant
|
|
|
|
- dropped subpackages in the spec file that are no longer relevant
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.17-5
|
|
|
|
* Fri May 18 2018 Jan Černý <jcerny@redhat.com> - 1.2.16-5
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
|
|
|
- Use pathfix.py instead of a downstream patch to fix shebang
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jul 03 2018 Petr Pisar <ppisar@redhat.com> - 1.2.17-4
|
|
|
|
* Thu May 17 2018 Jan Černý <jcerny@redhat.com> - 1.2.16-4
|
|
|
|
- Perl 5.28 rebuild
|
|
|
|
- Remove Python 2 dependencies
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Jun 29 2018 Jitka Plesnikova <jplesnik@redhat.com> - 1.2.17-3
|
|
|
|
|
|
|
|
- Perl 5.28 rebuild
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 1.2.17-2
|
|
|
|
|
|
|
|
- Rebuilt for Python 3.7
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Tue May 29 2018 Jan Černý <jcerny@redhat.com> - 1.2.17-1
|
|
|
|
|
|
|
|
- upgrade to the latest upstream release
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.16-3
|
|
|
|
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.16-3
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|