.fmf/version

@@ -0,0 +1 @@
+1

.gitignore

@@ -1,4 +1,17 @@
-SOURCES/sblim-sfcb-1.4.9.tar.bz2
-SOURCES/sfcbdump.1.gz
-SOURCES/sfcbinst2mof.1.gz
-SOURCES/sfcbtrace.1.gz
+sblim-sfcb-1.3.7.tar.bz2
+sblim-sfcb-1.3.8.tar.bz2
+/sblim-sfcb-1.3.9.tar.bz2
+/sblim-sfcb-1.3.10.tar.bz2
+/sfcb.service
+/sblim-sfcb-1.3.11.tar.bz2
+/sblim-sfcb-1.3.12.tar.bz2
+/sblim-sfcb-1.3.13.tar.bz2
+/sblim-sfcb-1.3.14-1.fc18.src.rpm
+/sblim-sfcb-1.3.14.tar.bz2
+/sblim-sfcb-1.3.15.tar.bz2
+/sblim-sfcb-1.3.16.tar.bz2
+/sblim-sfcb-1.4.5.tar.bz2
+/sblim-sfcb-1.4.6.tar.bz2
+/sblim-sfcb-1.4.7.tar.bz2
+/sblim-sfcb-1.4.8.tar.bz2
+/sblim-sfcb-1.4.9.tar.bz2

.sblim-sfcb.metadata

@@ -1,4 +0,0 @@
-8dd01ac4617d0d20990176011a5b444f77aaf8c3 SOURCES/sblim-sfcb-1.4.9.tar.bz2
-3cbf7595a4570de9608a20226a4a89fc90f50645 SOURCES/sfcbdump.1.gz
-aa1fc9fef75470214332eefa06ca93b26448c561 SOURCES/sfcbinst2mof.1.gz
-b3762122828bd8988049e18cf7cd6b6a3d8cf7f9 SOURCES/sfcbtrace.1.gz

SOURCES/sfcb.service

@@ -1,9 +0,0 @@
-[Unit]
-Description=Small Footprint CIM Broker Service
-After=syslog.target
-
-[Service]
-ExecStart=/usr/sbin/sfcbd
-
-[Install]
-WantedBy=multi-user.target

gating.yaml

@@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-10
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

plans/tier1.fmf

@@ -0,0 +1,16 @@
+---
+
+summary: Tier1 plan for sblim-sfcb
+
+discover:
+  how: fmf
+  url: https://pkgs.devel.redhat.com/git/tests/sblim
+  ref: master
+  filter: tier:1 & component:sblim-sfcb
+
+execute:
+  how: tmt
+
+adjust:
+    enabled: false
+    when: distro == centos-stream or distro == fedora

rpminspect.yaml

@@ -0,0 +1,9 @@
+---
+badfuncs:
+    allowed:
+        /usr/lib64/sfcb/libsfcHttpAdapter.so.*:
+            - inet_aton
+
+runpath:
+    allowed_paths:
+        - /usr/lib64/sfcb

sblim-sfcb-1.4.9-post-quantum.patch

@@ -0,0 +1,77 @@
+diff -up sblim-sfcb-1.4.9/control.c.orig sblim-sfcb-1.4.9/control.c
+--- sblim-sfcb-1.4.9/control.c.orig	2025-05-28 10:39:14.751599855 +0200
++++ sblim-sfcb-1.4.9/control.c	2025-06-12 10:20:43.025624410 +0200
+@@ -171,10 +171,12 @@ static Control init[] = {
+ 
+   {"sslKeyFilePath", CTL_STRING, SFCB_CONFDIR "/file.pem", {0}},
+   {"sslCertificateFilePath", CTL_STRING, SFCB_CONFDIR "/server.pem", {0}},
++  {"sslKeyFallbackFilePath", CTL_STRING, NULL, {0}},
++  {"sslCertificateFallbackFilePath", CTL_STRING, NULL, {0}},
+   {"sslCertList", CTL_STRING, SFCB_CONFDIR "/clist.pem", {0}},
+   {"sslCiphers", CTL_STRING, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH", {0}},
+   {"sslDhParamsFilePath", CTL_STRING, NULL, {0}},
+-  {"sslEcDhCurveName", CTL_STRING, "secp384r1", {0}},
++  {"sslEcDhCurveName", CTL_STRING, NULL, {0}},
+   {"enableSslCipherServerPref", CTL_BOOL, NULL, {.b=0}},
+ 
+   {"registrationDir", CTL_STRING, SFCB_STATEDIR "/registration", {0}},
+diff -up sblim-sfcb-1.4.9/httpAdapter.c.orig sblim-sfcb-1.4.9/httpAdapter.c
+--- sblim-sfcb-1.4.9/httpAdapter.c.orig	2025-05-21 10:41:30.727123823 +0200
++++ sblim-sfcb-1.4.9/httpAdapter.c	2025-06-12 11:14:32.906455875 +0200
+@@ -2053,6 +2053,24 @@ initSSL()
+   _SFCB_TRACE(1, ("---  sslKeyFilePath = %s", fnk));
+   if (SSL_CTX_use_PrivateKey_file(ctx, fnk, SSL_FILETYPE_PEM) != 1)
+     intSSLerror("Error loading private key from file");
++
++  /*
++   *  Add fall back certificate/key pair
++   */
++  getControlChars("sslCertificateFallbackFilePath", &fnc);
++  if (fnc) {
++    _SFCB_TRACE(1, ("---  sslCertificateFallbackFilePath = %s", fnc));
++    if (SSL_CTX_use_certificate_chain_file(ctx, fnc) != 1)
++      intSSLerror("Error loading certificate fall back from file");
++  }
++
++  getControlChars("sslKeyFallbackFilePath", &fnk);
++  if (fnk) {
++    _SFCB_TRACE(1, ("---  sslKeyFallbackFilePath = %s", fnk));
++    if (SSL_CTX_use_PrivateKey_file(ctx, fnk, SSL_FILETYPE_PEM) != 1)
++      intSSLerror("Error loading private key fall back from file");
++  }
++
+   getControlChars("sslClientCertificate", &fnl);
+   _SFCB_TRACE(1, ("---  sslClientCertificate = %s", fnl));
+   getControlChars("sslCertList", &fcert);
+diff -up sblim-sfcb-1.4.9/sfcb.cfg.pre.in.orig sblim-sfcb-1.4.9/sfcb.cfg.pre.in
+--- sblim-sfcb-1.4.9/sfcb.cfg.pre.in.orig	2025-05-28 10:05:42.359932525 +0200
++++ sblim-sfcb-1.4.9/sfcb.cfg.pre.in	2025-06-12 11:23:37.424277273 +0200
+@@ -244,6 +244,15 @@ sslKeyFilePath: @sysconfdir@/sfcb/file.p
+ ## Default is @sysconfdir@/sfcb/server.pem
+ sslCertificateFilePath: @sysconfdir@/sfcb/server.pem
+ 
++## Filename containing the fall back private key for the server's fall back certificate.
++## The file  must be in PEM format and may not be passphrase-protected. The file is
++## relevant for both client connect and indications sent via https.
++#sslKeyFallbackFilePath: @sysconfdir@/sfcb/file-fallback.pem
++
++## Filename containing the server's fall back certificate. Must be in PEM format.
++## The file is relevant for both client connect and indications sent via https.
++#sslCertificateFallbackFilePath: @sysconfdir@/sfcb/server-fallback.pem
++
+ ## Filename containing list of certificates server accepts.
+ ## The file is relevant client connect only.
+ ## Default is @sysconfdir@/sfcb/clist.pem
+@@ -302,10 +311,10 @@ sslCiphers: ALL:!ADH:!LOW:!EXP:!MD5:@STR
+ ## Configure a curve name for ECDH ephemeral key generation. See man
+ ## SSL_CTX_set_tmp_ecdh(3) for details. The value should be a curve name
+ ## listed by the "openssl ecparam -list_curves" command in the SFCB runtime
+-## environment. If this value is not set, the indicated default is in effect.
++## environment. If this value is not set, ECDH ephemeral key generation is not used.
+ ## If the value is set but the curve name is not recognized by the underlying
+ ## openssl implementation, SFCB will abort.
+-## Default is secp384r1
++## Default is: not set
+ #sslEcDhCurveName: secp384r1
+ 
+ ## When set to true, sets the SSL_OP_CIPHER_SERVER_PREFERENCE flag for the ssl

sblim-sfcb-1.4.9-ssl-certs-gen-changes.patch

@@ -0,0 +1,71 @@
+diff -up sblim-sfcb-1.4.9/genSslCert.sh.orig sblim-sfcb-1.4.9/genSslCert.sh
+--- sblim-sfcb-1.4.9/genSslCert.sh.orig	2014-11-25 02:43:10.000000000 +0100
++++ sblim-sfcb-1.4.9/genSslCert.sh	2025-10-07 11:23:59.201504832 +0200
+@@ -4,6 +4,44 @@ HOSTNAME=`uname -n`
+ DO_SERVER=yes
+ DO_CLIENT=yes
+ DIR=`mktemp -d /var/tmp/sfcb.XXXXXX` || exit 1
++DAYS=365
++# Get minimum RSA key length at current security level
++# This workarounds openssl not enforcing min. key length enforced by current security level
++KEYSIZE=`grep min_rsa_size /etc/crypto-policies/state/CURRENT.pol 2>/dev/null | cut -d ' ' -f 3`
++if [ -z "$KEYSIZE" ]; then
++    KEYSIZE=2048  # fallback to safe default
++fi
++
++function create_ssl_cnf()
++{
++cat > $DIR/ssl.cnf <<EOF
++[req]
++distinguished_name=user_dn
++prompt=no
++
++[user_dn]
++CN=$HOSTNAME
++emailAddress=root@$HOSTNAME
++EOF
++}
++
++function selfsign_sscg()
++{
++    sscg --quiet \
++         --lifetime "${DAYS}" \
++         --cert-key-file "${DIR}"/key.pem \
++         --cert-file "${DIR}"/cert.pem \
++         --ca-file "${DIR}"/ca.crt \
++         --hostname "${HOSTNAME}" \
++         --email root@"{$HOSTNAME}"
++}
++
++function selfsign_openssl()
++{
++    openssl req -x509 -days $DAYS -newkey rsa:$KEYSIZE \
++       -nodes -config $DIR/ssl.cnf   \
++       -keyout $DIR/key.pem -out $DIR/cert.pem
++}
+ 
+ trap "rm -rf $DIR" exit
+ 
+@@ -28,19 +66,10 @@ then
+     exit 0
+ fi
+ 
+-cat > $DIR/ssl.cnf <<EOF
+-[req]
+-distinguished_name=user_dn
+-prompt=no
+-
+-[user_dn]
+-CN=$HOSTNAME
+-emailAddress=root@$HOSTNAME
+-EOF
++create_ssl_cnf
+ 
+-openssl req -x509 -days 365 -newkey rsa:2048 \
+-   -nodes -config $DIR/ssl.cnf   \
+-   -keyout $DIR/key.pem -out $DIR/cert.pem
++# If sscg fails, try openssl
++selfsign_sscg || selfsign_openssl
+ 
+ chmod 700 $DIR/*.pem
+ 

sblim-sfcb.spec

@@ -8,7 +8,7 @@ Name: sblim-sfcb
 Summary: Small Footprint CIM Broker
 URL: http://sblim.wiki.sourceforge.net/
 Version: 1.4.9
-Release: 17%{?dist}
+Release: 36%{?dist}
 License: EPL-1.0
 Source0: http://downloads.sourceforge.net/sblim/%{name}-%{version}.tar.bz2
 Source1: sfcb.service
@@ -16,6 +16,8 @@ Source1: sfcb.service
 Source2: sfcbdump.1.gz
 Source3: sfcbinst2mof.1.gz
 Source4: sfcbtrace.1.gz
+# /etc/tmpfiles.d configuration file
+Source5: sblim-sfcb.tmpfiles
 # Patch0: changes schema location to the path we use
 Patch0: sblim-sfcb-1.3.9-sfcbrepos-schema-location.patch
 # Patch1: Fix provider debugging - variable for stopping wait-for-debugger
@@ -36,14 +38,21 @@ Patch7: sblim-sfcb-1.4.9-fix-null-deref.patch
 # Patch8: fix null pointer (DoS) vulnerability via POST request to /cimom
 #   (CVE-2018-6644), patch by Adam Majer, rhbz#1543826
 Patch8: sblim-sfcb-1.4.9-fix-null-content-type-crash.patch
-# Patch9: removes decrease of optimization level to -O0 on ppc64le, rhbz#1624171
+# Patch9: removes decrease of optimization level to -O0 on ppc64le
 Patch9: sblim-sfcb-1.4.9-fix-ppc-optimization-level.patch
 # Patch10: fixes docdir name and removes install of COPYING with license
-#   which is included through %%license, rhbz#1638007
+#   which is included through %%license
 Patch10: sblim-sfcb-1.4.9-docdir-license.patch
+# Patch11: adds configuration options to specify fallback SSL cert/key pair
+#   and disables default ECDH ephemeral key generation
+Patch11: sblim-sfcb-1.4.9-post-quantum.patch
+# Patch12: use sscg to generate cert, openssl as fallback, obtain correct
+#   key length based upon crypto policy level
+Patch12: sblim-sfcb-1.4.9-ssl-certs-gen-changes.patch
 Provides: cim-server = 0
 Requires: cim-schema
 Requires: sblim-sfcCommon
+BuildRequires: make
 BuildRequires: libcurl-devel
 BuildRequires: perl-generators
 BuildRequires: zlib-devel
@@ -63,31 +72,39 @@ Requires(postun): systemd-units
 %Description
 Small Footprint CIM Broker (sfcb) is a CIM server conforming to the
 CIM Operations over HTTP protocol.
-It is robust, with low resource consumption and therefore specifically
+It is robust, with low resource consumption and therefore specifically 
 suited for embedded and resource constrained environments.
 sfcb supports providers written against the Common Manageability
 Programming Interface (CMPI).
 
 %prep
 %setup -q -T -b 0 -n %{name}-%{version}
-%patch0 -p1 -b .sfcbrepos-schema-location
-%patch1 -p1 -b .fix-provider-debugging
-%patch2 -p1 -b .maxMsgLen
-%patch3 -p1 -b .service
-%patch4 -p1 -b .multilib-man-cfg
-%patch5 -p1 -b .default-ecdh-curve-name
-%patch6 -p1 -b .fix-ftbfs
-%patch7 -p1 -b .fix-null-deref
-%patch8 -p1 -b .fix-null-content-type-crash
-%patch9 -p1 -b .fix-ppc-optimization-level
-%patch10 -p1 -b .docdir-license
+%patch -P0 -p1 -b .sfcbrepos-schema-location
+%patch -P1 -p1 -b .fix-provider-debugging
+%patch -P2 -p1 -b .maxMsgLen
+%patch -P3 -p1 -b .service
+%patch -P4 -p1 -b .multilib-man-cfg
+%patch -P5 -p1 -b .default-ecdh-curve-name
+%patch -P6 -p1 -b .fix-ftbfs
+%patch -P7 -p1 -b .fix-null-deref
+%patch -P8 -p1 -b .fix-null-content-type-crash
+%patch -P9 -p1 -b .fix-ppc-optimization-level
+%patch -P10 -p1 -b .docdir-license
+%patch -P11 -p1 -b .post-quantum
+%patch -P12 -p1 -b .ssl-certs-gen-changes
+
+# Create a sysusers.d config file
+cat >sblim-sfcb.sysusers.conf <<EOF
+g sfcb -
+m root sfcb
+EOF
 
 %build
 %configure --enable-debug --enable-uds --enable-ssl --enable-pam --enable-ipv6 \
     --enable-slp --enable-large_volume_support --enable-optimized-enumeration --enable-relax-mofsyntax \
-    CFLAGS="$CFLAGS -D_GNU_SOURCE -fPIE -DPIE" LDFLAGS="$LDFLAGS -Wl,-z,now -pie"
-
-make
+    CFLAGS="$CFLAGS -D_GNU_SOURCE -fPIE -DPIE -fcommon" LDFLAGS="$LDFLAGS -Wl,-z,now -pie"
+ 
+make 
 
 %install
 make DESTDIR=$RPM_BUILD_ROOT install
@@ -105,7 +122,7 @@ find $RPM_BUILD_ROOT/%{_datadir}/sfcb -type f | grep -v $RPM_BUILD_ROOT/%{_datad
 sed -i s?$RPM_BUILD_ROOT??g _pkg_list > _pkg_list_2
 echo "%config(noreplace) %{_sysconfdir}/sfcb/*" >> _pkg_list
 echo "%config(noreplace) %{_sysconfdir}/pam.d/*" >> _pkg_list
-echo "%doc %{_datadir}/doc/*" >> _pkg_list
+echo "%doc %{_datadir}/doc/sblim-sfcb/[!COPYING]*" >> _pkg_list
 echo "%{_datadir}/man/man1/*" >> _pkg_list
 echo "%{_unitdir}/sblim-sfcb.service" >> _pkg_list
 echo "%{_localstatedir}/lib/sfcb" >> _pkg_list
@@ -116,50 +133,120 @@ echo "%{_libdir}/sfcb/*.so" >> _pkg_list
 
 cat _pkg_list
 
-%pre
-/usr/bin/getent group sfcb >/dev/null || /usr/sbin/groupadd -r sfcb
-/usr/sbin/usermod -a -G sfcb root > /dev/null 2>&1 || :
+install -m0644 -D sblim-sfcb.sysusers.conf %{buildroot}%{_sysusersdir}/sblim-sfcb.conf
+mkdir -p $RPM_BUILD_ROOT/%{_tmpfilesdir}
+install -p -D -m 644 %{SOURCE5} $RPM_BUILD_ROOT/%{_tmpfilesdir}/sblim-sfcb.conf
 
-%post
+%post 
 %{_datadir}/sfcb/genSslCert.sh %{_sysconfdir}/sfcb &>/dev/null || :
 /sbin/ldconfig
 %{_bindir}/sfcbrepos -f > /dev/null 2>&1
 %systemd_post sblim-sfcb.service
+# copy content of /var/lib/sfcb to temporary place for Image Mode
+(mkdir -p /usr/share/factory/var/lib && cp -a /var/lib/sfcb /usr/share/factory/var/lib/sfcb) >/dev/null 2>&1 || :;
 
 %preun
 %systemd_preun sblim-sfcb.service
+if [ $1 -eq 0 ]; then
+   # Package removal, not upgrade
+   rm -rf /usr/share/factory/var/lib/sfcb
+fi
 
 %postun
 /sbin/ldconfig
 %systemd_postun_with_restart sblim-sfcb.service
-if [ $1 -eq 0 ]; then
-        /usr/sbin/groupdel sfcb > /dev/null 2>&1 || :;
-fi;
 
 %files -f _pkg_list
+%{_sysusersdir}/sblim-sfcb.conf
+%{_tmpfilesdir}/sblim-sfcb.conf
 
 %changelog
-* Mon Nov 23 2020 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-17
-- Fix sfcbrepos redirection
-  Resolves: #1854991
+* Mon Oct 13 2025 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-36
+- Update OpenSSL certificates set up
+  Resolves: RHEL-113741
+- Add sysusers.d config file to allow rpm to create users/groups automatically
+  and drop attempt to delete group
+  Related: RHEL-114454
+- Add support for Image Mode
+  Resolves: RHEL-114454
 
-* Mon Oct 15 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-16
+* Thu Aug 07 2025 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-35
+- Support added for post-quantum cryptography
+  Resolves: RHEL-93092
+
+* Wed Nov 27 2024 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-34
+- Bump release for rebuild
+
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.4.9-33
+- Bump release for October 2024 mass rebuild:
+  Resolves: RHEL-64018
+
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.4.9-32
+- Bump release for June 2024 mass rebuild
+
+* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-31
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-30
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Tue Feb 14 2023 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-29
+- SPDX migration
+
+* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-28
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-27
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Thu Jan 27 2022 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-26
+- Change build flags, fix errors during the start of the service
+
+* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-25
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 1.4.9-24
+- Rebuilt with OpenSSL 3.0.0
+
+* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-23
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.4.9-22
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.
+
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-21
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-20
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jul 08 2020 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-19
+- Fix sfcbrepos redirection
+
+* Wed Feb 12 2020 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-18
+- Fixes multiple definiton of variables (FTBFS with GCC 10)
+  Resolves: #1800074
+
+* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-17
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-16
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Thu Oct 11 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-14
+- Don't decrease optimization level to -O0 on ppc64le
 - Use %%license for file which contains the text of the license
 - Change versioned docdir to unversioned and rename the docdir to match
   the package name
 - Remove %%defattr
-  Resolves: #1638007
 
-* Mon Oct 08 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-15
+* Mon Oct 08 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-13
 - Fix license tag
 
-* Wed Sep 26 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-14
-- Don't decrease optimization level to -O0 on ppc64le
-  Resolves: #1624171
-
-* Tue Aug 21 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-13
-- Rebuilt
-
 * Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-12
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 
@@ -169,6 +256,7 @@ fi;
 * Wed Feb 14 2018 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-10
 - Fix null pointer (DoS) vulnerability via POST request to /cimom (CVE-2018-6644)
   (patch by Adam Majer)
+  Resolves: #1543825
 
 * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.9-9
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
@@ -187,6 +275,7 @@ fi;
 
 * Mon Aug 24 2015 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-4
 - Fix possible null pointer dereference (CVE-2015-5185)
+  Resolves: #1255587
 
 * Mon Jul 13 2015 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.4.9-3
 - Fix sblim-sfcb FTBFS in rawhide
@@ -255,7 +344,7 @@ fi;
   Resolves: #919377
 
 * Mon May 20 2013 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.3.16-3
-- Fix indCIMXmlHandler crash in IndCIMXMLHandlerInvokeMethod with Embedded Instances
+- Fix indCIMXmlHandler crash in IndCIMXMLHandlerInvokeMethod with Embedded Instances 
   Resolves: #957747
 - Fix sfcb creates invalid XML with embedded object inside embedded object
   Resolves: #957742
@@ -318,7 +407,7 @@ fi;
 
 * Fri Jan  7 2011 Praveen K Paladugu <praveen_paladugu@dell.com> - 1.3.10-2
 - Following the BZ#660072, added sfcb.service file for compliance with systemd
-- Since sfcb's PAM authentication requires, the user to be in group sfcb,
+- Since sfcb's PAM authentication requires, the user to be in group sfcb, 
 -    added the root user to "sfcb" group in %%pre section.
 
 * Mon Dec  6 2010 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.3.10-1
@@ -360,7 +449,7 @@ fi;
 - Fixed the incoherent init script problem by renaming the init script
 
 * Thu Sep 03 2009 <srinivas_ramanatha@dell.com> - 1.3.4-5
-- added the devel package to fit in all the development files
+- added the devel package to fit in all the development files 
 - Made changes to the initscript not to start the service by default
 
 * Thu Jul 02 2009 <ratliff@austin.ibm.com> - 1.3.4-4
@@ -381,7 +470,7 @@ fi;
 - updated the source URL
 
 * Wed Oct 08 2008 <ratliff@austin.ibm.com> - 1.3.2-1
-- updated upstream version and added CFLAGS to configure to work
+- updated upstream version and added CFLAGS to configure to work 
 - around http://sources.redhat.com/bugzilla/show_bug.cgi?id=6545
 
 * Fri Aug 08 2008 <ratliff@austin.ibm.com> - 1.3.0-1

sblim-sfcb.tmpfiles

@@ -0,0 +1,2 @@
+# populate /var/lib/sfcb with content from /usr/share/factory/var/lib/sfcb
+C /var/lib/sfcb - - - -

sources

@@ -0,0 +1,2 @@
+494b9bdd96c1d8d90dafc26cd5534082  sfcb.service
+28021cdabc73690a94f4f9d57254ce30  sblim-sfcb-1.4.9.tar.bz2