From d5c2ec7cd559bb1339a6fdbd7aa61b080e22454d Mon Sep 17 00:00:00 2001 From: Vojtech Polasek Date: Tue, 25 Feb 2025 08:52:34 +0100 Subject: [PATCH] Rebase to new upstream version 0.1.76 Unify configuration of Cmake options to ON / OFF Resolves: RHEL-74240 Resolves: RHEL-71936 Resolves: RHEL-40120 Resolves: RHEL-65432 --- .gitignore | 1 + scap-security-guide.spec | 14 ++++++++++---- sources | 2 +- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 3dc6b1f..13c3be9 100644 --- a/.gitignore +++ b/.gitignore @@ -51,3 +51,4 @@ /scap-security-guide-0.1.73.tar.bz2 /scap-security-guide-0.1.74.tar.bz2 /scap-security-guide-0.1.75.tar.bz2 +/scap-security-guide-0.1.76.tar.bz2 diff --git a/scap-security-guide.spec b/scap-security-guide.spec index 598e571..a17ce0b 100644 --- a/scap-security-guide.spec +++ b/scap-security-guide.spec @@ -5,7 +5,7 @@ # global _default_patch_fuzz 2 # Normally shouldn't be needed as patches should apply cleanly Name: scap-security-guide -Version: 0.1.75 +Version: 0.1.76 Release: 1%{?dist} Summary: Security guidance and baselines in SCAP formats License: BSD-3-Clause @@ -56,13 +56,13 @@ The %{name}-rule-playbooks package contains individual ansible playbooks per rul %prep %autosetup -p1 -%define cmake_defines_common -DSSG_SEPARATE_SCAP_FILES_ENABLED=OFF -DSSG_BASH_SCRIPTS_ENABLED=OFF -DSSG_BUILD_SCAP_12_DS=OFF +%define cmake_defines_common -DSSG_SEPARATE_SCAP_FILES_ENABLED=OFF -DSSG_BASH_SCRIPTS_ENABLED=OFF -DSSG_BUILD_SCAP_12_DS=OFF -DSSG_BUILD_DISA_DELTA_FILES:BOOL=OFF %define cmake_defines_specific %{nil} %if 0%{?rhel} -%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_RHEL%{rhel}:BOOLEAN=TRUE -DSSG_SCIENTIFIC_LINUX_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_ANSIBLE_PLAYBOOKS_PER_RULE_ENABLED:BOOL=ON +%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=OFF -DSSG_PRODUCT_RHEL%{rhel}:BOOLEAN=ON -DSSG_SCIENTIFIC_LINUX_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_ANSIBLE_PLAYBOOKS_PER_RULE_ENABLED:BOOL=ON %endif %if 0%{?centos} -%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=FALSE -DSSG_PRODUCT_RHEL%{centos}:BOOLEAN=TRUE -DSSG_SCIENTIFIC_LINUX_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=ON +%define cmake_defines_specific -DSSG_PRODUCT_DEFAULT:BOOLEAN=OFF -DSSG_PRODUCT_RHEL%{centos}:BOOLEAN=ON -DSSG_SCIENTIFIC_LINUX_DERIVATIVES_ENABLED:BOOL=OFF -DSSG_CENTOS_DERIVATIVES_ENABLED:BOOL=ON %endif mkdir -p build @@ -96,6 +96,12 @@ rm %{buildroot}/%{_docdir}/%{name}/Contributors.md %endif %changelog +* Tue Feb 25 2025 Vojtech Polasek - 0.1.76-1 +- rebase scap-security-guide to the latest upstream version 0.1.76 (RHEL-74240) +- modify the rule require_singleuser_auth to honor overriding mechanism offered by Systemd (RHEL-71936) +- make the rule sysctl_user_max_user_namespaces informational and unscored in RHEL 9 STIG profile (RHEL-40120) +- align checking of approved SSH ciphers with latest STIG policy (RHEL-65432) + * Fri Nov 15 2024 Matthew Burket - 0.1.75-1 - Rebase to new release (RHEL-66154) - the rule sshd_use_priv_separation is no longer used (RHEL-66057) diff --git a/sources b/sources index 0f120bc..6b6e0c4 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (scap-security-guide-0.1.75.tar.bz2) = ecab31c731612316b40d9e26ba81b7a44396bd6ef3cc616de27789cb75dec6f90cec69f1fd3186f20a03d46896e0d1231c79a31ced1c25dd6786c79c5baac416 +SHA512 (scap-security-guide-0.1.76.tar.bz2) = 27cb260eb0b2fbfd11afe2affb91624e4e2ff332e7ffe43a0c0ec2e08b5e2aa707f00e77c97fa1cbdace5549ef25cf42b34756777a568809da7d1222bd05950c